1000d388eSMatthew Garrettconfig SECURITY_LOCKDOWN_LSM 2000d388eSMatthew Garrett bool "Basic module for enforcing kernel lockdown" 3000d388eSMatthew Garrett depends on SECURITY 4*49fcf732SDavid Howells select MODULE_SIG if MODULES 5000d388eSMatthew Garrett help 6000d388eSMatthew Garrett Build support for an LSM that enforces a coarse kernel lockdown 7000d388eSMatthew Garrett behaviour. 8000d388eSMatthew Garrett 9000d388eSMatthew Garrettconfig SECURITY_LOCKDOWN_LSM_EARLY 10000d388eSMatthew Garrett bool "Enable lockdown LSM early in init" 11000d388eSMatthew Garrett depends on SECURITY_LOCKDOWN_LSM 12000d388eSMatthew Garrett help 13000d388eSMatthew Garrett Enable the lockdown LSM early in boot. This is necessary in order 14000d388eSMatthew Garrett to ensure that lockdown enforcement can be carried out on kernel 15000d388eSMatthew Garrett boot parameters that are otherwise parsed before the security 16000d388eSMatthew Garrett subsystem is fully initialised. If enabled, lockdown will 17000d388eSMatthew Garrett unconditionally be called before any other LSMs. 18000d388eSMatthew Garrett 19000d388eSMatthew Garrettchoice 20000d388eSMatthew Garrett prompt "Kernel default lockdown mode" 21000d388eSMatthew Garrett default LOCK_DOWN_KERNEL_FORCE_NONE 22000d388eSMatthew Garrett depends on SECURITY_LOCKDOWN_LSM 23000d388eSMatthew Garrett help 24000d388eSMatthew Garrett The kernel can be configured to default to differing levels of 25000d388eSMatthew Garrett lockdown. 26000d388eSMatthew Garrett 27000d388eSMatthew Garrettconfig LOCK_DOWN_KERNEL_FORCE_NONE 28000d388eSMatthew Garrett bool "None" 29000d388eSMatthew Garrett help 30000d388eSMatthew Garrett No lockdown functionality is enabled by default. Lockdown may be 31000d388eSMatthew Garrett enabled via the kernel commandline or /sys/kernel/security/lockdown. 32000d388eSMatthew Garrett 33000d388eSMatthew Garrettconfig LOCK_DOWN_KERNEL_FORCE_INTEGRITY 34000d388eSMatthew Garrett bool "Integrity" 35000d388eSMatthew Garrett help 36000d388eSMatthew Garrett The kernel runs in integrity mode by default. Features that allow 37000d388eSMatthew Garrett the kernel to be modified at runtime are disabled. 38000d388eSMatthew Garrett 39000d388eSMatthew Garrettconfig LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY 40000d388eSMatthew Garrett bool "Confidentiality" 41000d388eSMatthew Garrett help 42000d388eSMatthew Garrett The kernel runs in confidentiality mode by default. Features that 43000d388eSMatthew Garrett allow the kernel to be modified at runtime or that permit userland 44000d388eSMatthew Garrett code to read confidential material held inside the kernel are 45000d388eSMatthew Garrett disabled. 46000d388eSMatthew Garrett 47000d388eSMatthew Garrettendchoice 48