Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(35)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: security/Kconfig

Issue 6677065: CHROMIUM: Pull in Yama LSM (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/kernel.git@master
Patch Set: Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Documentation/Yama.txt ('k') | security/Makefile » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 # 1 #
2 # Security configuration 2 # Security configuration
3 # 3 #
4 4
5 menu "Security options" 5 menu "Security options"
6 6
7 config KEYS 7 config KEYS
8 bool "Enable access key retention support" 8 bool "Enable access key retention support"
9 help 9 help
10 This option provides support for retaining authentication tokens and 10 This option provides support for retaining authentication tokens and
(...skipping 145 matching lines...) Expand 10 before | Expand all | Expand 10 after
156 a value of 65536 is reasonable and should cause no problems. 156 a value of 65536 is reasonable and should cause no problems.
157 On arm and other archs it should not be higher than 32768. 157 On arm and other archs it should not be higher than 32768.
158 Programs which use vm86 functionality or have some need to map 158 Programs which use vm86 functionality or have some need to map
159 this low address space will need the permission specific to the 159 this low address space will need the permission specific to the
160 systems running LSM. 160 systems running LSM.
161 161
162 source security/selinux/Kconfig 162 source security/selinux/Kconfig
163 source security/smack/Kconfig 163 source security/smack/Kconfig
164 source security/tomoyo/Kconfig 164 source security/tomoyo/Kconfig
165 source security/apparmor/Kconfig 165 source security/apparmor/Kconfig
166 source security/yama/Kconfig
166 167
167 source security/integrity/ima/Kconfig 168 source security/integrity/ima/Kconfig
168 169
169 choice 170 choice
170 prompt "Default security module" 171 prompt "Default security module"
171 default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX 172 default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX
172 default DEFAULT_SECURITY_SMACK if SECURITY_SMACK 173 default DEFAULT_SECURITY_SMACK if SECURITY_SMACK
173 default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO 174 default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO
174 default DEFAULT_SECURITY_APPARMOR if SECURITY_APPARMOR 175 default DEFAULT_SECURITY_APPARMOR if SECURITY_APPARMOR
176 default DEFAULT_SECURITY_YAMA if SECURITY_YAMA
175 default DEFAULT_SECURITY_DAC 177 default DEFAULT_SECURITY_DAC
176 178
177 help 179 help
178 Select the security module that will be used by default if the 180 Select the security module that will be used by default if the
179 kernel parameter security= is not specified. 181 kernel parameter security= is not specified.
180 182
181 config DEFAULT_SECURITY_SELINUX 183 config DEFAULT_SECURITY_SELINUX
182 bool "SELinux" if SECURITY_SELINUX=y 184 bool "SELinux" if SECURITY_SELINUX=y
183 185
184 config DEFAULT_SECURITY_SMACK 186 config DEFAULT_SECURITY_SMACK
185 bool "Simplified Mandatory Access Control" if SECURITY_SMACK=y 187 bool "Simplified Mandatory Access Control" if SECURITY_SMACK=y
186 188
187 config DEFAULT_SECURITY_TOMOYO 189 config DEFAULT_SECURITY_TOMOYO
188 bool "TOMOYO" if SECURITY_TOMOYO=y 190 bool "TOMOYO" if SECURITY_TOMOYO=y
189 191
190 config DEFAULT_SECURITY_APPARMOR 192 config DEFAULT_SECURITY_APPARMOR
191 bool "AppArmor" if SECURITY_APPARMOR=y 193 bool "AppArmor" if SECURITY_APPARMOR=y
192 194
195 config DEFAULT_SECURITY_YAMA
196 bool "Yama" if SECURITY_YAMA=y
197
193 config DEFAULT_SECURITY_DAC 198 config DEFAULT_SECURITY_DAC
194 bool "Unix Discretionary Access Controls" 199 bool "Unix Discretionary Access Controls"
195 200
196 endchoice 201 endchoice
197 202
198 config DEFAULT_SECURITY 203 config DEFAULT_SECURITY
199 string 204 string
200 default "selinux" if DEFAULT_SECURITY_SELINUX 205 default "selinux" if DEFAULT_SECURITY_SELINUX
201 default "smack" if DEFAULT_SECURITY_SMACK 206 default "smack" if DEFAULT_SECURITY_SMACK
202 default "tomoyo" if DEFAULT_SECURITY_TOMOYO 207 default "tomoyo" if DEFAULT_SECURITY_TOMOYO
203 default "apparmor" if DEFAULT_SECURITY_APPARMOR 208 default "apparmor" if DEFAULT_SECURITY_APPARMOR
209 default "yama" if DEFAULT_SECURITY_YAMA
204 default "" if DEFAULT_SECURITY_DAC 210 default "" if DEFAULT_SECURITY_DAC
205 211
206 endmenu 212 endmenu
207 213
OLDNEW
« no previous file with comments | « Documentation/Yama.txt ('k') | security/Makefile » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698