| Kconfig (41c89b64d7184a780f12f2cccdabe65cb2408893) | Kconfig (80eae209d63ac6361c7b445f7e7e41f39c044772) |
|---|---|
| 1# IBM Integrity Measurement Architecture 2# 3config IMA 4 bool "Integrity Measurement Architecture(IMA)" 5 select SECURITYFS 6 select CRYPTO 7 select CRYPTO_HMAC 8 select CRYPTO_MD5 --- 104 unchanged lines hidden (view full) --- 113 default n 114 help 115 IMA policy can now be updated multiple times. The new rules get 116 appended to the original policy. Have in mind that the rules are 117 scanned in FIFO order so be careful when you design and add new ones. 118 119 If unsure, say N. 120 | 1# IBM Integrity Measurement Architecture 2# 3config IMA 4 bool "Integrity Measurement Architecture(IMA)" 5 select SECURITYFS 6 select CRYPTO 7 select CRYPTO_HMAC 8 select CRYPTO_MD5 --- 104 unchanged lines hidden (view full) --- 113 default n 114 help 115 IMA policy can now be updated multiple times. The new rules get 116 appended to the original policy. Have in mind that the rules are 117 scanned in FIFO order so be careful when you design and add new ones. 118 119 If unsure, say N. 120 |
| 121config IMA_READ_POLICY 122 bool "Enable reading back the current IMA policy" 123 depends on IMA 124 default y if IMA_WRITE_POLICY 125 default n if !IMA_WRITE_POLICY 126 help 127 It is often useful to be able to read back the IMA policy. It is 128 even more important after introducing CONFIG_IMA_WRITE_POLICY. 129 This option allows the root user to see the current policy rules. 130 |
|
| 121config IMA_APPRAISE 122 bool "Appraise integrity measurements" 123 depends on IMA 124 default n 125 help 126 This option enables local measurement integrity appraisal. 127 It requires the system to be labeled with a security extended 128 attribute containing the file hash measurement. To protect --- 61 unchanged lines hidden --- | 131config IMA_APPRAISE 132 bool "Appraise integrity measurements" 133 depends on IMA 134 default n 135 help 136 This option enables local measurement integrity appraisal. 137 It requires the system to be labeled with a security extended 138 attribute containing the file hash measurement. To protect --- 61 unchanged lines hidden --- |