diff options
Diffstat (limited to 'security/Kconfig')
| -rw-r--r-- | security/Kconfig | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig index 24b8f9b491b8..95accd442d55 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
| @@ -36,6 +36,22 @@ config TRUSTED_KEYS | |||
| 36 | 36 | ||
| 37 | If you are unsure as to whether this is required, answer N. | 37 | If you are unsure as to whether this is required, answer N. |
| 38 | 38 | ||
| 39 | config ENCRYPTED_KEYS | ||
| 40 | tristate "ENCRYPTED KEYS" | ||
| 41 | depends on KEYS && TRUSTED_KEYS | ||
| 42 | select CRYPTO_AES | ||
| 43 | select CRYPTO_CBC | ||
| 44 | select CRYPTO_SHA256 | ||
| 45 | select CRYPTO_RNG | ||
| 46 | help | ||
| 47 | This option provides support for create/encrypting/decrypting keys | ||
| 48 | in the kernel. Encrypted keys are kernel generated random numbers, | ||
| 49 | which are encrypted/decrypted with a 'master' symmetric key. The | ||
| 50 | 'master' key can be either a trusted-key or user-key type. | ||
| 51 | Userspace only ever sees/stores encrypted blobs. | ||
| 52 | |||
| 53 | If you are unsure as to whether this is required, answer N. | ||
| 54 | |||
| 39 | config KEYS_DEBUG_PROC_KEYS | 55 | config KEYS_DEBUG_PROC_KEYS |
| 40 | bool "Enable the /proc/keys file by which keys may be viewed" | 56 | bool "Enable the /proc/keys file by which keys may be viewed" |
| 41 | depends on KEYS | 57 | depends on KEYS |