xref: /linux/security/integrity/ima/Kconfig (revision e7a2ad7eb6f48ad80c70a22dd8167fb34b409466) 
1# IBM Integrity Measurement Architecture
2#
3config IMA
4	bool "Integrity Measurement Architecture(IMA)"
5	depends on SECURITY
6	select INTEGRITY
7	select SECURITYFS
8	select CRYPTO
9	select CRYPTO_HMAC
10	select CRYPTO_MD5
11	select CRYPTO_SHA1
12	select CRYPTO_HASH_INFO
13	select TCG_TPM if HAS_IOMEM && !UML
14	select TCG_TIS if TCG_TPM && X86
15	select TCG_IBMVTPM if TCG_TPM && PPC64
16	help
17	  The Trusted Computing Group(TCG) runtime Integrity
18	  Measurement Architecture(IMA) maintains a list of hash
19	  values of executables and other sensitive system files,
20	  as they are read or executed. If an attacker manages
21	  to change the contents of an important system file
22	  being measured, we can tell.
23
24	  If your system has a TPM chip, then IMA also maintains
25	  an aggregate integrity value over this list inside the
26	  TPM hardware, so that the TPM can prove to a third party
27	  whether or not critical system files have been modified.
28	  Read <http://www.usenix.org/events/sec04/tech/sailer.html>
29	  to learn more about IMA.
30	  If unsure, say N.
31
32config IMA_MEASURE_PCR_IDX
33	int
34	depends on IMA
35	range 8 14
36	default 10
37	help
38	  IMA_MEASURE_PCR_IDX determines the TPM PCR register index
39	  that IMA uses to maintain the integrity aggregate of the
40	  measurement list.  If unsure, use the default 10.
41
42config IMA_LSM_RULES
43	bool
44	depends on IMA && AUDIT && (SECURITY_SELINUX || SECURITY_SMACK)
45	default y
46	help
47	  Disabling this option will disregard LSM based policy rules.
48
49choice
50	prompt "Default template"
51	default IMA_NG_TEMPLATE
52	depends on IMA
53	help
54	  Select the default IMA measurement template.
55
56	  The original 'ima' measurement list template contains a
57	  hash, defined as 20 bytes, and a null terminated pathname,
58	  limited to 255 characters.  The 'ima-ng' measurement list
59	  template permits both larger hash digests and longer
60	  pathnames.
61
62	config IMA_TEMPLATE
63		bool "ima"
64	config IMA_NG_TEMPLATE
65		bool "ima-ng (default)"
66endchoice
67
68config IMA_DEFAULT_TEMPLATE
69	string
70	depends on IMA
71	default "ima" if IMA_TEMPLATE
72	default "ima-ng" if IMA_NG_TEMPLATE
73
74choice
75	prompt "Default integrity hash algorithm"
76	default IMA_DEFAULT_HASH_SHA1
77	depends on IMA
78	help
79	   Select the default hash algorithm used for the measurement
80	   list, integrity appraisal and audit log.  The compiled default
81	   hash algorithm can be overwritten using the kernel command
82	   line 'ima_hash=' option.
83
84	config IMA_DEFAULT_HASH_SHA1
85		bool "SHA1 (default)"
86		depends on CRYPTO_SHA1
87
88	config IMA_DEFAULT_HASH_SHA256
89		bool "SHA256"
90		depends on CRYPTO_SHA256 && !IMA_TEMPLATE
91
92	config IMA_DEFAULT_HASH_SHA512
93		bool "SHA512"
94		depends on CRYPTO_SHA512 && !IMA_TEMPLATE
95
96	config IMA_DEFAULT_HASH_WP512
97		bool "WP512"
98		depends on CRYPTO_WP512 && !IMA_TEMPLATE
99endchoice
100
101config IMA_DEFAULT_HASH
102	string
103	depends on IMA
104	default "sha1" if IMA_DEFAULT_HASH_SHA1
105	default "sha256" if IMA_DEFAULT_HASH_SHA256
106	default "sha512" if IMA_DEFAULT_HASH_SHA512
107	default "wp512" if IMA_DEFAULT_HASH_WP512
108
109config IMA_APPRAISE
110	bool "Appraise integrity measurements"
111	depends on IMA
112	default n
113	help
114	  This option enables local measurement integrity appraisal.
115	  It requires the system to be labeled with a security extended
116	  attribute containing the file hash measurement.  To protect
117	  the security extended attributes from offline attack, enable
118	  and configure EVM.
119
120	  For more information on integrity appraisal refer to:
121	  <http://linux-ima.sourceforge.net>
122	  If unsure, say N.
123