PageRenderTime 90ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 1ms

/security/Kconfig

https://bitbucket.org/abioy/linux
#! | 179 lines | 143 code | 36 blank | 0 comment | 0 complexity | 7bba73f3109cb6e3d6cc3a63ac23043e MD5 | raw file
Possible License(s): CC-BY-SA-3.0, GPL-2.0, LGPL-2.0, AGPL-1.0 
    

  1. #
    2. 

  2. # Security configuration
    3. 

  3. #
    4. 

  4. 

  5. menu "Security options"
    6. 

  6. 

  7. config KEYS
    8. 

  8. 	bool "Enable access key retention support"
    9. 

  9. 	help
    10. 

  10. 	  This option provides support for retaining authentication tokens and
    11. 

  11. 	  access keys in the kernel.
    12. 

  12. 

  13. 	  It also includes provision of methods by which such keys might be
    14. 

  14. 	  associated with a process so that network filesystems, encryption
    15. 

  15. 	  support and the like can find them.
    16. 

  16. 

  17. 	  Furthermore, a special type of key is available that acts as keyring:
    18. 

  18. 	  a searchable sequence of keys. Each process is equipped with access
    19. 

  19. 	  to five standard keyrings: UID-specific, GID-specific, session,
    20. 

  20. 	  process and thread.
    21. 

  21. 

  22. 	  If you are unsure as to whether this is required, answer N.
    23. 

  23. 

  24. config KEYS_DEBUG_PROC_KEYS
    25. 

  25. 	bool "Enable the /proc/keys file by which keys may be viewed"
    26. 

  26. 	depends on KEYS
    27. 

  27. 	help
    28. 

  28. 	  This option turns on support for the /proc/keys file - through which
    29. 

  29. 	  can be listed all the keys on the system that are viewable by the
    30. 

  30. 	  reading process.
    31. 

  31. 

  32. 	  The only keys included in the list are those that grant View
    33. 

  33. 	  permission to the reading process whether or not it possesses them.
    34. 

  34. 	  Note that LSM security checks are still performed, and may further
    35. 

  35. 	  filter out keys that the current process is not authorised to view.
    36. 

  36. 

  37. 	  Only key attributes are listed here; key payloads are not included in
    38. 

  38. 	  the resulting table.
    39. 

  39. 

  40. 	  If you are unsure as to whether this is required, answer N.
    41. 

  41. 

  42. config SECURITY
    43. 

  43. 	bool "Enable different security models"
    44. 

  44. 	depends on SYSFS
    45. 

  45. 	help
    46. 

  46. 	  This allows you to choose different security modules to be
    47. 

  47. 	  configured into your kernel.
    48. 

  48. 

  49. 	  If this option is not selected, the default Linux security
    50. 

  50. 	  model will be used.
    51. 

  51. 

  52. 	  If you are unsure how to answer this question, answer N.
    53. 

  53. 

  54. config SECURITYFS
    55. 

  55. 	bool "Enable the securityfs filesystem"
    56. 

  56. 	help
    57. 

  57. 	  This will build the securityfs filesystem.  It is currently used by
    58. 

  58. 	  the TPM bios character driver and IMA, an integrity provider.  It is
    59. 

  59. 	  not used by SELinux or SMACK.
    60. 

  60. 

  61. 	  If you are unsure how to answer this question, answer N.
    62. 

  62. 

  63. config SECURITY_NETWORK
    64. 

  64. 	bool "Socket and Networking Security Hooks"
    65. 

  65. 	depends on SECURITY
    66. 

  66. 	help
    67. 

  67. 	  This enables the socket and networking security hooks.
    68. 

  68. 	  If enabled, a security module can use these hooks to
    69. 

  69. 	  implement socket and networking access controls.
    70. 

  70. 	  If you are unsure how to answer this question, answer N.
    71. 

  71. 

  72. config SECURITY_NETWORK_XFRM
    73. 

  73. 	bool "XFRM (IPSec) Networking Security Hooks"
    74. 

  74. 	depends on XFRM && SECURITY_NETWORK
    75. 

  75. 	help
    76. 

  76. 	  This enables the XFRM (IPSec) networking security hooks.
    77. 

  77. 	  If enabled, a security module can use these hooks to
    78. 

  78. 	  implement per-packet access controls based on labels
    79. 

  79. 	  derived from IPSec policy.  Non-IPSec communications are
    80. 

  80. 	  designated as unlabelled, and only sockets authorized
    81. 

  81. 	  to communicate unlabelled data can send without using
    82. 

  82. 	  IPSec.
    83. 

  83. 	  If you are unsure how to answer this question, answer N.
    84. 

  84. 

  85. config SECURITY_PATH
    86. 

  86. 	bool "Security hooks for pathname based access control"
    87. 

  87. 	depends on SECURITY
    88. 

  88. 	help
    89. 

  89. 	  This enables the security hooks for pathname based access control.
    90. 

  90. 	  If enabled, a security module can use these hooks to
    91. 

  91. 	  implement pathname based access controls.
    92. 

  92. 	  If you are unsure how to answer this question, answer N.
    93. 

  93. 

  94. config INTEL_TXT
    95. 

  95. 	bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)"
    96. 

  96. 	depends on HAVE_INTEL_TXT
    97. 

  97. 	help
    98. 

  98. 	  This option enables support for booting the kernel with the
    99. 

  99. 	  Trusted Boot (tboot) module. This will utilize
    100. 

  100. 	  Intel(R) Trusted Execution Technology to perform a measured launch
    101. 

  101. 	  of the kernel. If the system does not support Intel(R) TXT, this
    102. 

  102. 	  will have no effect.
    103. 

  103. 

  104. 	  Intel TXT will provide higher assurance of system configuration and
    105. 

  105. 	  initial state as well as data reset protection.  This is used to
    106. 

  106. 	  create a robust initial kernel measurement and verification, which
    107. 

  107. 	  helps to ensure that kernel security mechanisms are functioning
    108. 

  108. 	  correctly. This level of protection requires a root of trust outside
    109. 

  109. 	  of the kernel itself.
    110. 

  110. 

  111. 	  Intel TXT also helps solve real end user concerns about having
    112. 

  112. 	  confidence that their hardware is running the VMM or kernel that
    113. 

  113. 	  it was configured with, especially since they may be responsible for
    114. 

  114. 	  providing such assurances to VMs and services running on it.
    115. 

  115. 

  116. 	  See <http://www.intel.com/technology/security/> for more information
    117. 

  117. 	  about Intel(R) TXT.
    118. 

  118. 	  See <http://tboot.sourceforge.net> for more information about tboot.
    119. 

  119. 	  See Documentation/intel_txt.txt for a description of how to enable
    120. 

  120. 	  Intel TXT support in a kernel boot.
    121. 

  121. 

  122. 	  If you are unsure as to whether this is required, answer N.
    123. 

  123. 

  124. config LSM_MMAP_MIN_ADDR
    125. 

  125. 	int "Low address space for LSM to protect from user allocation"
    126. 

  126. 	depends on SECURITY && SECURITY_SELINUX
    127. 

  127. 	default 65536
    128. 

  128. 	help
    129. 

  129. 	  This is the portion of low virtual memory which should be protected
    130. 

  130. 	  from userspace allocation.  Keeping a user from writing to low pages
    131. 

  131. 	  can help reduce the impact of kernel NULL pointer bugs.
    132. 

  132. 

  133. 	  For most ia64, ppc64 and x86 users with lots of address space
    134. 

  134. 	  a value of 65536 is reasonable and should cause no problems.
    135. 

  135. 	  On arm and other archs it should not be higher than 32768.
    136. 

  136. 	  Programs which use vm86 functionality or have some need to map
    137. 

  137. 	  this low address space will need the permission specific to the
    138. 

  138. 	  systems running LSM.
    139. 

  139. 

  140. source security/selinux/Kconfig
    141. 

  141. source security/smack/Kconfig
    142. 

  142. source security/tomoyo/Kconfig
    143. 

  143. 

  144. source security/integrity/ima/Kconfig
    145. 

  145. 

  146. choice
    147. 

  147. 	prompt "Default security module"
    148. 

  148. 	default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX
    149. 

  149. 	default DEFAULT_SECURITY_SMACK if SECURITY_SMACK
    150. 

  150. 	default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO
    151. 

  151. 	default DEFAULT_SECURITY_DAC
    152. 

  152. 

  153. 	help
    154. 

  154. 	  Select the security module that will be used by default if the
    155. 

  155. 	  kernel parameter security= is not specified.
    156. 

  156. 

  157. 	config DEFAULT_SECURITY_SELINUX
    158. 

  158. 		bool "SELinux" if SECURITY_SELINUX=y
    159. 

  159. 

  160. 	config DEFAULT_SECURITY_SMACK
    161. 

  161. 		bool "Simplified Mandatory Access Control" if SECURITY_SMACK=y
    162. 

  162. 

  163. 	config DEFAULT_SECURITY_TOMOYO
    164. 

  164. 		bool "TOMOYO" if SECURITY_TOMOYO=y
    165. 

  165. 

  166. 	config DEFAULT_SECURITY_DAC
    167. 

  167. 		bool "Unix Discretionary Access Controls"
    168. 

  168. 

  169. endchoice
    170. 

  170. 

  171. config DEFAULT_SECURITY
    172. 

  172. 	string
    173. 

  173. 	default "selinux" if DEFAULT_SECURITY_SELINUX
    174. 

  174. 	default "smack" if DEFAULT_SECURITY_SMACK
    175. 

  175. 	default "tomoyo" if DEFAULT_SECURITY_TOMOYO
    176. 

  176. 	default "" if DEFAULT_SECURITY_DAC
    177. 

  177. 

  178. endmenu
    179. 

  179. 

  180.