~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/security/integrity/evm/Kconfig

Version: ~ [ linux-6.12-rc7 ] ~ [ linux-6.11.7 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.60 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.116 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.171 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.229 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.285 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.323 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.12 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /security/integrity/evm/Kconfig (Version linux-6.12-rc7) and /security/integrity/evm/Kconfig (Version linux-2.6.0)

  1 # SPDX-License-Identifier: GPL-2.0-only           
  2 config EVM                                        
  3         bool "EVM support"                        
  4         select KEYS                               
  5         select ENCRYPTED_KEYS                     
  6         select CRYPTO_HMAC                        
  7         select CRYPTO_SHA1                        
  8         select CRYPTO_HASH_INFO                   
  9         select SECURITY_PATH                      
 10         default n                                 
 11         help                                      
 12           EVM protects a file's security exten    
 13           integrity attacks.                      
 14                                                   
 15           If you are unsure how to answer this    
 16                                                   
 17 config EVM_ATTR_FSUUID                            
 18         bool "FSUUID (version 2)"                 
 19         default y                                 
 20         depends on EVM                            
 21         help                                      
 22           Include filesystem UUID for HMAC cal    
 23                                                   
 24           Default value is 'selected', which i    
 25           if 'not selected', it is former vers    
 26                                                   
 27           WARNING: changing the HMAC calculati    
 28           additional info to the calculation,     
 29           labeled file systems to be relabeled    
 30                                                   
 31 config EVM_EXTRA_SMACK_XATTRS                     
 32         bool "Additional SMACK xattrs"            
 33         depends on EVM && SECURITY_SMACK          
 34         default n                                 
 35         help                                      
 36           Include additional SMACK xattrs for     
 37                                                   
 38           In addition to the original security    
 39           security.SMACK64, security.capabilit    
 40           in the HMAC calculation, enabling th    
 41           Smack xattrs: security.SMACK64EXEC,     
 42           security.SMACK64MMAP.                   
 43                                                   
 44           WARNING: changing the HMAC calculati    
 45           additional info to the calculation,     
 46           labeled file systems to be relabeled    
 47                                                   
 48 config EVM_ADD_XATTRS                             
 49         bool "Add additional EVM extended attr    
 50         depends on EVM                            
 51         default n                                 
 52         help                                      
 53           Allow userland to provide additional    
 54                                                   
 55           When this option is enabled, root ca    
 56           list used by EVM by writing them int    
 57           /sys/kernel/security/integrity/evm/e    
 58                                                   
 59 config EVM_LOAD_X509                              
 60         bool "Load an X509 certificate onto th    
 61         depends on EVM && INTEGRITY_TRUSTED_KE    
 62         default n                                 
 63         help                                      
 64            Load an X509 certificate onto the '    
 65                                                   
 66            This option enables X509 certificat    
 67            onto the '.evm' trusted keyring.  A    
 68            verify EVM integrity starting from     
 69            key must have digitalSignature usag    
 70                                                   
 71 config EVM_X509_PATH                              
 72         string "EVM X509 certificate path"        
 73         depends on EVM_LOAD_X509                  
 74         default "/etc/keys/x509_evm.der"          
 75         help                                      
 76            This option defines X509 certificat
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~
kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php