~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/security/ccsecurity/Kconfig

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 config CCSECURITY
  2         bool "CCSecurity support"
  3         default y
  4         help
  5           Say Y here to support non-LSM version of TOMOYO Linux.
  6           https://tomoyo.sourceforge.net/
  7 
  8 config CCSECURITY_LKM
  9         bool "Compile as loadable kernel module"
 10         default n
 11         depends on CCSECURITY && MODULES
 12         help
 13           This version of TOMOYO depends on patching the kernel source in order
 14           to insert some hooks which LSM does not provide. Therefore,
 15           recompiling the kernel is inevitable. But if you want to keep
 16           vmlinux's size as small as possible, you can compile most part of
 17           TOMOYO as a loadable kernel module by saying Y here.
 18 
 19 config CCSECURITY_DISABLE_BY_DEFAULT
 20         bool "Disable by default"
 21         default n
 22         depends on CCSECURITY
 23         help
 24           Say Y here if you want TOMOYO disabled by default.
 25           To enable TOMOYO, pass ccsecurity=on to kernel command line.
 26           To disable TOMOYO, pass ccsecurity=off to kernel command line.
 27 
 28 config CCSECURITY_USE_EXTERNAL_TASK_SECURITY
 29         bool "Do not modify 'struct task_struct' in order to keep KABI"
 30         default n
 31         depends on CCSECURITY
 32         help
 33           Say Y here if you want to keep KABI for prebuilt kernel modules
 34           unchanged. TOMOYO needs "struct ccs_domain_info *" and "u32" for each
 35           "struct task_struct". But embedding these variables into
 36           "struct task_struct" breaks KABI for prebuilt kernel modules (which
 37           means that you will need to rebuild prebuilt kernel modules).
 38           If you say Y here, these variables are managed outside
 39           "struct task_struct" rather than embedding into "struct task_struct",
 40           but accessing these variables becomes slower because lookup operation
 41           is performed every time the current thread needs to access them.
 42 
 43 config CCSECURITY_MAX_ACCEPT_ENTRY
 44         int "Default maximal count for learning mode"
 45         default 2048
 46         range 0 2147483647
 47         depends on CCSECURITY
 48         help
 49           This is the default value for maximal ACL entries
 50           that are automatically appended into policy at "learning mode".
 51           Some programs access thousands of objects, so running
 52           such programs in "learning mode" dulls the system response
 53           and consumes much memory.
 54           This is the safeguard for such programs.
 55 
 56 config CCSECURITY_MAX_AUDIT_LOG
 57         int "Default maximal count for audit log"
 58         default 1024
 59         range 0 2147483647
 60         depends on CCSECURITY
 61         help
 62           This is the default value for maximal entries for
 63           audit logs that the kernel can hold on memory.
 64           You can read the log via /proc/ccs/audit.
 65           If you don't need audit logs, you may set this value to 0.
 66 
 67 config CCSECURITY_OMIT_USERSPACE_LOADER
 68         bool "Activate without calling userspace policy loader."
 69         default n
 70         depends on CCSECURITY
 71         help
 72           Say Y here if you want to activate access control as soon as built-in
 73           policy was loaded. This option will be useful for systems where
 74           operations which can lead to the hijacking of the boot sequence are
 75           needed before loading the policy. For example, you can activate
 76           immediately after loading the fixed part of policy which will allow
 77           only operations needed for mounting a partition which contains the
 78           variant part of policy and verifying (e.g. running GPG check) and
 79           loading the variant part of policy. Since you can start using
 80           enforcing mode from the beginning, you can reduce the possibility of
 81           hijacking the boot sequence.
 82 
 83           If you say Y to both "Compile as loadable kernel module" option and
 84           "Activate without calling userspace policy loader." option, be sure
 85           to excplicitly load the kernel module from the userspace, for
 86           the kernel will not call /sbin/ccs-init when /sbin/init starts.
 87 
 88 config CCSECURITY_POLICY_LOADER
 89         string "Location of userspace policy loader"
 90         default "/sbin/ccs-init"
 91         depends on CCSECURITY
 92         depends on !CCSECURITY_OMIT_USERSPACE_LOADER
 93         help
 94           This is the default pathname of policy loader which is called before
 95           activation. You can override this setting via CCS_loader= kernel
 96           command line option.
 97 
 98 config CCSECURITY_ACTIVATION_TRIGGER
 99         string "Trigger for calling userspace policy loader"
100         default "/sbin/init"
101         depends on CCSECURITY
102         depends on !CCSECURITY_OMIT_USERSPACE_LOADER
103         help
104           This is the default pathname of activation trigger.
105           You can override this setting via CCS_trigger= kernel command line
106           option. For example, if you pass init=/bin/systemd option, you may
107           want to also pass CCS_trigger=/bin/systemd option.
108 
109           Say Y here if you want to enable only specific functionality in order
110           to reduce object file size.
111 
112 config CCSECURITY_FILE_READDIR
113         bool "Enable readdir operation restriction."
114         default y
115         depends on CCSECURITY
116         help
117           Say Y here if you want to enable analysis/restriction of opening
118           directories for reading. Reading directory entries is a commonly
119           requested operation and damage caused by not restricting it as MAC
120           might be acceptable for you.
121 
122 config CCSECURITY_FILE_GETATTR
123         bool "Enable getattr operation restriction."
124         default y
125         depends on CCSECURITY
126         help
127           Say Y here if you want to enable analysis/restriction of getting
128           information of files. Getting file's information is a commonly
129           requested operation and damage caused by not restricting it as MAC
130           might be acceptable for you.
131 
132 config CCSECURITY_NETWORK
133         bool "Enable socket operation restriction."
134         default y
135         depends on NET
136         depends on CCSECURITY
137         help
138           Say Y here if you want to enable analysis/restriction of INET and
139           UNIX domain socket's operations.
140 
141 config CCSECURITY_CAPABILITY
142         bool "Enable non-POSIX capability operation restriction."
143         default y
144         depends on CCSECURITY
145         help
146           Say Y here if you want to enable analysis/restriction of non-POSIX
147           capabilities.
148 
149 config CCSECURITY_IPC
150         bool "Enable IPC operation restriction."
151         default y
152         depends on CCSECURITY
153         help
154           Say Y here if you want to enable analysis/restriction of sending
155           signals.
156 
157 config CCSECURITY_MISC
158         bool "Enable environment variable names restriction."
159         default y
160         depends on CCSECURITY
161         help
162           Say Y here if you want to enable analysis/restriction of environment
163           variable names passed upon program execution request.
164 
165 config CCSECURITY_TASK_EXECUTE_HANDLER
166         bool "Enable execute handler functionality."
167         default y
168         depends on CCSECURITY
169         help
170           Say Y here if you want to enable execute handler functionality.
171 
172 config CCSECURITY_TASK_DOMAIN_TRANSITION
173         bool "Enable domain transition without program execution request."
174         default y
175         depends on CCSECURITY
176         help
177           Say Y here if you want to enable domain transition without involving
178           program execution request.
179 
180 config CCSECURITY_PORTRESERVE
181        bool "Enable local port reserver."
182        default y
183        depends on NET
184        depends on CCSECURITY
185        help
186          Say Y here if you want to implement
187          /proc/sys/net/ipv4/ip_local_reserved_ports as a MAC policy.
188 
189 config CCSECURITY_NETWORK_RECVMSG
190         def_bool CCSECURITY_NETWORK

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php