Kconfig - OpenGrok cross reference for /linux/security/integrity/ima/Kconfig

Deleted Added

sdiffudifftextold (4286587d..)new (e7a2ad7e..)

Kconfig (4286587dccd43d4f81fa227e413ed7e909895342)	Kconfig (e7a2ad7eb6f48ad80c70a22dd8167fb34b409466)
1# IBM Integrity Measurement Architecture 2# 3config IMA 4 bool "Integrity Measurement Architecture(IMA)" 5 depends on SECURITY 6 select INTEGRITY 7 select SECURITYFS 8 select CRYPTO --- 57 unchanged lines hidden (view full) --- 66endchoice 67 68config IMA_DEFAULT_TEMPLATE 69 string 70 depends on IMA 71 default "ima" if IMA_TEMPLATE 72 default "ima-ng" if IMA_NG_TEMPLATE 73	1# IBM Integrity Measurement Architecture 2# 3config IMA 4 bool "Integrity Measurement Architecture(IMA)" 5 depends on SECURITY 6 select INTEGRITY 7 select SECURITYFS 8 select CRYPTO --- 57 unchanged lines hidden (view full) --- 66endchoice 67 68config IMA_DEFAULT_TEMPLATE 69 string 70 depends on IMA 71 default "ima" if IMA_TEMPLATE 72 default "ima-ng" if IMA_NG_TEMPLATE 73
	74choice 75 prompt "Default integrity hash algorithm" 76 default IMA_DEFAULT_HASH_SHA1 77 depends on IMA 78 help 79 Select the default hash algorithm used for the measurement 80 list, integrity appraisal and audit log. The compiled default 81 hash algorithm can be overwritten using the kernel command 82 line 'ima_hash=' option. 83 84 config IMA_DEFAULT_HASH_SHA1 85 bool "SHA1 (default)" 86 depends on CRYPTO_SHA1 87 88 config IMA_DEFAULT_HASH_SHA256 89 bool "SHA256" 90 depends on CRYPTO_SHA256 && !IMA_TEMPLATE 91 92 config IMA_DEFAULT_HASH_SHA512 93 bool "SHA512" 94 depends on CRYPTO_SHA512 && !IMA_TEMPLATE 95 96 config IMA_DEFAULT_HASH_WP512 97 bool "WP512" 98 depends on CRYPTO_WP512 && !IMA_TEMPLATE 99endchoice 100 101config IMA_DEFAULT_HASH 102 string 103 depends on IMA 104 default "sha1" if IMA_DEFAULT_HASH_SHA1 105 default "sha256" if IMA_DEFAULT_HASH_SHA256 106 default "sha512" if IMA_DEFAULT_HASH_SHA512 107 default "wp512" if IMA_DEFAULT_HASH_WP512 108
74config IMA_APPRAISE 75 bool "Appraise integrity measurements" 76 depends on IMA 77 default n 78 help 79 This option enables local measurement integrity appraisal. 80 It requires the system to be labeled with a security extended 81 attribute containing the file hash measurement. To protect 82 the security extended attributes from offline attack, enable 83 and configure EVM. 84 85 For more information on integrity appraisal refer to: 86 <http://linux-ima.sourceforge.net> 87 If unsure, say N.	109config IMA_APPRAISE 110 bool "Appraise integrity measurements" 111 depends on IMA 112 default n 113 help 114 This option enables local measurement integrity appraisal. 115 It requires the system to be labeled with a security extended 116 attribute containing the file hash measurement. To protect 117 the security extended attributes from offline attack, enable 118 and configure EVM. 119 120 For more information on integrity appraisal refer to: 121 <http://linux-ima.sourceforge.net> 122 If unsure, say N.