If you are unsure how to answer this question, answer N.
+config SECURITY_PERF_EVENTS_RESTRICT
+ bool "Restrict unprivileged use of performance events"
+ depends on PERF_EVENTS
+ help
+ If you say Y here, the kernel.perf_event_paranoid sysctl
+ will be set to 3 by default, and no unprivileged use of the
+ perf_event_open syscall will be permitted unless it is
+ changed.
+
config SECURITY
bool "Enable different security models"
depends on SYSFS
bool
default n
+config SECURITY_STACKING
+ bool "Security module stacking"
+ depends on SECURITY
+ help
+ Allows multiple major security modules to be stacked.
+ Modules are invoked in the order registered with a
+ "bail on fail" policy, in which the infrastructure
+ will stop processing once a denial is detected. Not
+ all modules can be stacked. SELinux and Smack are
+ known to be incompatible. User space components may
+ have trouble identifying the security module providing
+ data in some cases.
+
+ If you select this option you will have to select which
+ of the stackable modules you wish to be active. The
+ "Default security module" will be ignored. The boot line
+ "security=" option can be used to specify that one of
+ the modules identifed for stacking should be used instead
+ of the entire stack.
+
+ If you are unsure how to answer this question, answer N.
+
+config SECURITY_LSM_DEBUG
+ bool "Enable debugging of the LSM infrastructure"
+ depends on SECURITY
+ help
+ This allows you to choose debug messages related to
+ security modules configured into your kernel. These
+ messages may be helpful in determining how a security
+ module is using security blobs.
+
+ If you are unsure how to answer this question, answer N.
+
config SECURITYFS
bool "Enable the securityfs filesystem"
help
config PAGE_TABLE_ISOLATION
bool "Remove the kernel mapping in user mode"
default y
- depends on X86_64 && !UML
+ depends on (X86_64 || X86_PAE) && !UML
help
This feature reduces the number of hardware side channels by
ensuring that the majority of kernel addresses are not mapped
into userspace.
- See Documentation/x86/pagetable-isolation.txt for more details.
+ See Documentation/x86/pti.txt for more details.
config SECURITY_INFINIBAND
bool "Infiniband Security Hooks"
bool "Harden memory copies between kernel and userspace"
depends on HAVE_HARDENED_USERCOPY_ALLOCATOR
select BUG
+ imply STRICT_DEVMEM
help
This option checks for obviously wrong memory regions when
copying memory to/from the kernel (via copy_to_user() and
If you wish for all usermode helper programs to be disabled,
specify an empty string here (i.e. "").
+config LOCK_DOWN_KERNEL
+ bool "Allow the kernel to be 'locked down'"
+ help
+ Allow the kernel to be locked down under certain circumstances, for
+ instance if UEFI secure boot is enabled. Locking down the kernel
+ turns off various features that might otherwise allow access to the
+ kernel image (eg. setting MSR registers).
+
+config ALLOW_LOCKDOWN_LIFT_BY_SYSRQ
+ bool "Allow the kernel lockdown to be lifted by SysRq"
+ depends on LOCK_DOWN_KERNEL && MAGIC_SYSRQ
+ help
+ Allow the lockdown on a kernel to be lifted, by pressing a SysRq key
+ combination on a wired keyboard.
+
+config LOCK_DOWN_IN_EFI_SECURE_BOOT
+ bool "Lock down the kernel in EFI Secure Boot mode"
+ default n
+ select LOCK_DOWN_KERNEL
+ depends on EFI
+ help
+ UEFI Secure Boot provides a mechanism for ensuring that the firmware
+ will only load signed bootloaders and kernels. Secure boot mode may
+ be determined from EFI variables provided by the system firmware if
+ not indicated by the boot parameters.
+
+ Enabling this option turns on results in kernel lockdown being
+ triggered if EFI Secure Boot is set.
+
+
source security/selinux/Kconfig
source security/smack/Kconfig
source security/tomoyo/Kconfig
source security/integrity/Kconfig
+menu "Security Module Selection"
+ visible if !SECURITY_STACKING
+
choice
prompt "Default security module"
default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX
bool "Unix Discretionary Access Controls"
endchoice
+endmenu
+
+menu "Default Security Module or Modules"
+ visible if SECURITY_STACKING
+
+ config SECURITY_SELINUX_STACKED
+ bool "SELinux" if SECURITY_SELINUX && !SECURITY_SMACK_STACKED
+ help
+ Add the SELinux security module to the stack.
+ Please be sure your user space code is accomodating of
+ this security module.
+ Ensure that your network configuration is compatible
+ with your combination of security modules.
+
+ Incompatible with Smack being stacked.
+
+ If you are unsure how to answer this question, answer N
+
+ config SECURITY_SMACK_STACKED
+ bool "Simplified Mandatory Access Control" if SECURITY_SMACK
+ help
+ Add the Smack security module to the stack.
+ Please be sure your user space code is accomodating of
+ this security module.
+ Ensure that your network configuration is compatible
+ with your combination of security modules.
+
+ Incompatible with SeLinux being stacked.
+
+ If you are unsure how to answer this question, answer
+
+ config SECURITY_TOMOYO_STACKED
+ bool "TOMOYO support is enabled by default" if SECURITY_TOMOYO
+ default n
+ help
+ This option instructs the system to use the TOMOYO checks.
+ If not selected the module will not be invoked.
+ Stacked security modules may interact in unexpected ways.
+
+ If you are unsure how to answer this question, answer N.
+
+ config SECURITY_APPARMOR_STACKED
+ bool "AppArmor" if SECURITY_APPARMOR
+ help
+ This option instructs the system to use the AppArmor checks.
+
+ If you are unsure how to answer this question, answer N.
+
+ config SECURITY_DAC_STACKED
+ bool "Unix Discretionary Access Controls" if !SECURITY_SELINUX_STACKED && !SECURITY_SMACK_STACKED && !SECURITY_TOMOYO_STACKED && !SECURITY_APPARMOR_STACKED
+ default y if !SECURITY_SELINUX_STACKED && !SECURITY_SMACK_STACKED && !SECURITY_TOMOYO_STACKED && !SECURITY_APPARMOR_STACKED
+ help
+ This option instructs the system to not use security modules
+ by default. This choice can be over ridden by specifying
+ the desired module using the security= parameter.
+
+ This option is incompatible with selecting selinux, smack,
+ tomoyo, or apparmor.
+
+ config DEFAULT_SECURITY_SELINUX
+ bool
+ default y if SECURITY_SELINUX_STACKED
+
+ config DEFAULT_SECURITY_SMACK
+ bool
+ default y if SECURITY_SMACK_STACKED
+
+ config DEFAULT_SECURITY_TOMOYO
+ bool
+ default y if SECURITY_TOMOYO_STACKED
+
+ config DEFAULT_SECURITY_APPARMOR
+ bool
+ default y if SECURITY_APPARMOR_STACKED
+
+ config DEFAULT_SECURITY_DAC
+ bool
+ default y if SECURITY_DAC_STACKED
+
+choice
+ depends on SECURITY_STACKING && !SECURITY_DAC_STACKED
+ prompt "Default LSM for legacy interfaces"
+ default SECURITY_DEFAULT_DISPLAY_SELINUX if SECURITY_SELINUX_STACKED
+ default SECURITY_DEFAULT_DISPLAY_SMACK if SECURITY_SMACK_STACKED
+ default SECURITY_DEFAULT_DISPLAY_TOMOYO if SECURITY_TOMOYO_STACKED
+ default SECURITY_DEFAULT_DISPALY_APPARMOR if SECURITY_APPARMOR_STACKED
+ default SECURITY_DEFAULT_DISPLAY_FIRST
+
+ help
+ Select the security module context that will be displayed by
+ default on legacy interfaces if the kernel parameter
+ security.display= is not specified.
+
+ config SECURITY_DEFAULT_DISPLAY_SELINUX
+ bool "SELinux" if SECURITY_SELINUX_STACKED=y
+
+ config SECURITY_DEFAULT_DISPLAY_SMACK
+ bool "Simplified Mandatory Access Control" if SECURITY_SMACK_STACKED
+
+ config SECURITY_DEFAULT_DISPLAY_TOMOYO
+ bool "TOMOYO" if SECURITY_TOMOYO_STACKED
+
+ config SECURITY_DEFAULT_DISPLAY_APPARMOR
+ bool "AppArmor" if SECURITY_APPARMOR_STACKED
+
+endchoice
+
+config SECURITY_DEFAULT_DISPLAY_NAME
+ string
+ default "selinux" if SECURITY_DEFAULT_DISPLAY_SELINUX
+ default "smack" if SECURITY_DEFAULT_DISPLAY_SMACK
+ default "tomoyo" if SECURITY_DEFAULT_DISPLAY_TOMOYO
+ default "apparmor" if SECURITY_DEFAULT_DISPLAY_APPARMOR
+ default "" if DEFAULT_SECURITY_DAC
+
+endmenu
config DEFAULT_SECURITY
string
+ default "selinux,smack,tomoyo,apparmor" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_TOMOYO && DEFAULT_SECURITY_APPARMOR
+ default "selinux,smack,tomoyo" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_TOMOYO
+ default "selinux,smack,apparmor" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_APPARMOR
+ default "selinux,tomoyo,apparmor" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_TOMOYO && DEFAULT_SECURITY_APPARMOR
+ default "smack,tomoyo,apparmor" if DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_TOMOYO && DEFAULT_SECURITY_APPARMOR
+ default "selinux,smack" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_SMACK
+ default "selinux,tomoyo" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_TOMOYO
+ default "selinux,apparmor" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_APPARMOR
+ default "smack,tomoyo" if DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_TOMOYO
+ default "smack,apparmor" if DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_APPARMOR
+ default "tomoyo,apparmor" if DEFAULT_SECURITY_TOMOYO && DEFAULT_SECURITY_APPARMOR
default "selinux" if DEFAULT_SECURITY_SELINUX
default "smack" if DEFAULT_SECURITY_SMACK
default "tomoyo" if DEFAULT_SECURITY_TOMOYO
default "apparmor" if DEFAULT_SECURITY_APPARMOR
default "" if DEFAULT_SECURITY_DAC
-
endmenu
-