diff options
Diffstat (limited to 'features/ima/ima.cfg')
-rw-r--r-- | features/ima/ima.cfg | 41 |
1 files changed, 28 insertions, 13 deletions
diff --git a/features/ima/ima.cfg b/features/ima/ima.cfg index 1c613636..5fd3288e 100644 --- a/features/ima/ima.cfg +++ b/features/ima/ima.cfg @@ -1,19 +1,34 @@ # SPDX-License-Identifier: MIT CONFIG_IMA=y +CONFIG_IMA_LSM_RULES=y CONFIG_IMA_MEASURE_PCR_IDX=10 -CONFIG_IMA_NG_TEMPLATE=y -CONFIG_IMA_DEFAULT_TEMPLATE="ima-ng" -CONFIG_IMA_DEFAULT_HASH_SHA1=y -CONFIG_IMA_DEFAULT_HASH="sha1" -CONFIG_IMA_APPRAISE=y -CONFIG_IMA_APPRAISE_BOOTPARAM=y -CONFIG_IMA_TRUSTED_KEYRING=y +CONFIG_IMA_SIG_TEMPLATE=y +CONFIG_IMA_DEFAULT_TEMPLATE="ima-sig" +CONFIG_IMA_DEFAULT_HASH_SHA256=y +CONFIG_IMA_DEFAULT_HASH="sha256" +CONFIG_IMA_ARCH_POLICY=y +CONFIG_IMA_APPRAISE_BUILD_POLICY=y +CONFIG_IMA_APPRAISE_REQUIRE_POLICY_SIGS=y +CONFIG_IMA_APPRAISE_SIGNED_INIT=y +CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y +CONFIG_IMA_QUEUE_EARLY_BOOT_KEYS=y +CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT=y +CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y CONFIG_SIGNATURE=y CONFIG_IMA_WRITE_POLICY=y CONFIG_IMA_READ_POLICY=y -CONFIG_IMA_LOAD_X509=y -CONFIG_IMA_X509_PATH="/etc/keys/x509_ima.der" - -#CONFIG_INTEGRITY_SIGNATURE=y -#CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y -#CONFIG_INTEGRITY_TRUSTED_KEYRING=y +CONFIG_INTEGRITY=y +CONFIG_INTEGRITY_SIGNATURE=y +CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y +CONFIG_INTEGRITY_TRUSTED_KEYRING=y +CONFIG_EVM=y +CONFIG_KEYS=y +CONFIG_ASYMMETRIC_KEY_TYPE=y +CONFIG_SYSTEM_TRUSTED_KEYRING=y +CONFIG_SECONDARY_TRUSTED_KEYRING=y +CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y +CONFIG_X509_CERTIFICATE_PARSER=y +CONFIG_PKCS8_PRIVATE_KEY_PARSER=y +CONFIG_CRYPTO_ECDSA=y +CONFIG_SECURITY=y +CONFIG_SECURITYFS=y |