Version:  2.0.40 2.2.26 2.4.37 3.2 3.3 3.4 3.5 3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13 3.14 3.15 3.16 3.17 3.18

Linux/security/integrity/evm/Kconfig

  1 config EVM
  2         boolean "EVM support"
  3         select KEYS
  4         select ENCRYPTED_KEYS
  5         select CRYPTO_HMAC
  6         select CRYPTO_SHA1
  7         default n
  8         help
  9           EVM protects a file's security extended attributes against
 10           integrity attacks.
 11 
 12           If you are unsure how to answer this question, answer N.
 13 
 14 config EVM_ATTR_FSUUID
 15         bool "FSUUID (version 2)"
 16         default y
 17         depends on EVM
 18         help
 19           Include filesystem UUID for HMAC calculation.
 20 
 21           Default value is 'selected', which is former version 2.
 22           if 'not selected', it is former version 1
 23 
 24           WARNING: changing the HMAC calculation method or adding
 25           additional info to the calculation, requires existing EVM
 26           labeled file systems to be relabeled.
 27 
 28 config EVM_EXTRA_SMACK_XATTRS
 29         bool "Additional SMACK xattrs"
 30         depends on EVM && SECURITY_SMACK
 31         default n
 32         help
 33           Include additional SMACK xattrs for HMAC calculation.
 34 
 35           In addition to the original security xattrs (eg. security.selinux,
 36           security.SMACK64, security.capability, and security.ima) included
 37           in the HMAC calculation, enabling this option includes newly defined
 38           Smack xattrs: security.SMACK64EXEC, security.SMACK64TRANSMUTE and
 39           security.SMACK64MMAP.
 40 
 41           WARNING: changing the HMAC calculation method or adding
 42           additional info to the calculation, requires existing EVM
 43           labeled file systems to be relabeled.
 44 

This page was automatically generated by LXR 0.3.1 (source).  •  Linux is a registered trademark of Linus Torvalds  •  Contact us