aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
Diffstat (limited to 'security')
-rw-r--r--security/integrity/Kconfig22
-rw-r--r--security/integrity/evm/Kconfig8
-rw-r--r--security/integrity/ima/Kconfig2
3 files changed, 18 insertions, 14 deletions
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index f79d8537bdda..b76235ae4786 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -1,11 +1,23 @@
1# 1#
2config INTEGRITY 2config INTEGRITY
3 def_bool y 3 bool "Integrity subsystem"
4 depends on IMA || EVM 4 depends on SECURITY
5 default y
6 help
7 This option enables the integrity subsystem, which is comprised
8 of a number of different components including the Integrity
9 Measurement Architecture (IMA), Extended Verification Module
10 (EVM), IMA-appraisal extension, digital signature verification
11 extension and audit measurement log support.
12
13 Each of these components can be enabled/disabled separately.
14 Refer to the individual components for additional details.
15
16if INTEGRITY
5 17
6config INTEGRITY_SIGNATURE 18config INTEGRITY_SIGNATURE
7 boolean "Digital signature verification using multiple keyrings" 19 boolean "Digital signature verification using multiple keyrings"
8 depends on INTEGRITY && KEYS 20 depends on KEYS
9 default n 21 default n
10 select SIGNATURE 22 select SIGNATURE
11 help 23 help
@@ -31,7 +43,7 @@ config INTEGRITY_ASYMMETRIC_KEYS
31 43
32config INTEGRITY_AUDIT 44config INTEGRITY_AUDIT
33 bool "Enables integrity auditing support " 45 bool "Enables integrity auditing support "
34 depends on INTEGRITY && AUDIT 46 depends on AUDIT
35 default y 47 default y
36 help 48 help
37 In addition to enabling integrity auditing support, this 49 In addition to enabling integrity auditing support, this
@@ -46,3 +58,5 @@ config INTEGRITY_AUDIT
46 58
47source security/integrity/ima/Kconfig 59source security/integrity/ima/Kconfig
48source security/integrity/evm/Kconfig 60source security/integrity/evm/Kconfig
61
62endif # if INTEGRITY
diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig
index d606f3d12d6b..df586fa00ef1 100644
--- a/security/integrity/evm/Kconfig
+++ b/security/integrity/evm/Kconfig
@@ -1,6 +1,5 @@
1config EVM 1config EVM
2 boolean "EVM support" 2 boolean "EVM support"
3 depends on SECURITY
4 select KEYS 3 select KEYS
5 select ENCRYPTED_KEYS 4 select ENCRYPTED_KEYS
6 select CRYPTO_HMAC 5 select CRYPTO_HMAC
@@ -12,10 +11,6 @@ config EVM
12 11
13 If you are unsure how to answer this question, answer N. 12 If you are unsure how to answer this question, answer N.
14 13
15if EVM
16
17menu "EVM options"
18
19config EVM_ATTR_FSUUID 14config EVM_ATTR_FSUUID
20 bool "FSUUID (version 2)" 15 bool "FSUUID (version 2)"
21 default y 16 default y
@@ -47,6 +42,3 @@ config EVM_EXTRA_SMACK_XATTRS
47 additional info to the calculation, requires existing EVM 42 additional info to the calculation, requires existing EVM
48 labeled file systems to be relabeled. 43 labeled file systems to be relabeled.
49 44
50endmenu
51
52endif
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index 08758fbd496f..e099875643c5 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig
@@ -2,8 +2,6 @@
2# 2#
3config IMA 3config IMA
4 bool "Integrity Measurement Architecture(IMA)" 4 bool "Integrity Measurement Architecture(IMA)"
5 depends on SECURITY
6 select INTEGRITY
7 select SECURITYFS 5 select SECURITYFS
8 select CRYPTO 6 select CRYPTO
9 select CRYPTO_HMAC 7 select CRYPTO_HMAC
generated by cgit v1.2.2 (git 2.25.0) at 2025-02-18 12:09:46 -0500