bool
default n
+config SECURITY_STACKING
+ bool "Security module stacking"
+ depends on SECURITY
+ help
+ Allows multiple major security modules to be stacked.
+ Modules are invoked in the order registered with a
+ "bail on fail" policy, in which the infrastructure
+ will stop processing once a denial is detected. Not
+ all modules can be stacked. SELinux and Smack are
+ known to be incompatible. User space components may
+ have trouble identifying the security module providing
+ data in some cases.
+
+ If you select this option you will have to select which
+ of the stackable modules you wish to be active. The
+ "Default security module" will be ignored. The boot line
+ "security=" option can be used to specify that one of
+ the modules identifed for stacking should be used instead
+ of the entire stack.
+
+ If you are unsure how to answer this question, answer N.
+
+config SECURITY_LSM_DEBUG
+ bool "Enable debugging of the LSM infrastructure"
+ depends on SECURITY
+ help
+ This allows you to choose debug messages related to
+ security modules configured into your kernel. These
+ messages may be helpful in determining how a security
+ module is using security blobs.
+
+ If you are unsure how to answer this question, answer N.
+
config SECURITYFS
bool "Enable the securityfs filesystem"
help
config PAGE_TABLE_ISOLATION
bool "Remove the kernel mapping in user mode"
default y
- depends on X86_64 && !UML
+ depends on (X86_64 || X86_PAE) && !UML
help
This feature reduces the number of hardware side channels by
ensuring that the majority of kernel addresses are not mapped
bool "Harden memory copies between kernel and userspace"
depends on HAVE_HARDENED_USERCOPY_ALLOCATOR
select BUG
+ imply STRICT_DEVMEM
help
This option checks for obviously wrong memory regions when
copying memory to/from the kernel (via copy_to_user() and
turns off various features that might otherwise allow access to the
kernel image (eg. setting MSR registers).
+config ALLOW_LOCKDOWN_LIFT_BY_SYSRQ
+ bool "Allow the kernel lockdown to be lifted by SysRq"
+ depends on LOCK_DOWN_KERNEL && MAGIC_SYSRQ
+ help
+ Allow the lockdown on a kernel to be lifted, by pressing a SysRq key
+ combination on a wired keyboard.
+
+config LOCK_DOWN_IN_EFI_SECURE_BOOT
+ bool "Lock down the kernel in EFI Secure Boot mode"
+ default n
+ select LOCK_DOWN_KERNEL
+ depends on EFI
+ help
+ UEFI Secure Boot provides a mechanism for ensuring that the firmware
+ will only load signed bootloaders and kernels. Secure boot mode may
+ be determined from EFI variables provided by the system firmware if
+ not indicated by the boot parameters.
+
+ Enabling this option turns on results in kernel lockdown being
+ triggered if EFI Secure Boot is set.
+
+
source security/selinux/Kconfig
source security/smack/Kconfig
source security/tomoyo/Kconfig
source security/integrity/Kconfig
+menu "Security Module Selection"
+ visible if !SECURITY_STACKING
+
choice
prompt "Default security module"
default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX
bool "Unix Discretionary Access Controls"
endchoice
+endmenu
+
+menu "Default Security Module or Modules"
+ visible if SECURITY_STACKING
+
+ config SECURITY_SELINUX_STACKED
+ bool "SELinux" if SECURITY_SELINUX && !SECURITY_SMACK_STACKED
+ help
+ Add the SELinux security module to the stack.
+ Please be sure your user space code is accomodating of
+ this security module.
+ Ensure that your network configuration is compatible
+ with your combination of security modules.
+
+ Incompatible with Smack being stacked.
+
+ If you are unsure how to answer this question, answer N
+
+ config SECURITY_SMACK_STACKED
+ bool "Simplified Mandatory Access Control" if SECURITY_SMACK
+ help
+ Add the Smack security module to the stack.
+ Please be sure your user space code is accomodating of
+ this security module.
+ Ensure that your network configuration is compatible
+ with your combination of security modules.
+
+ Incompatible with SeLinux being stacked.
+
+ If you are unsure how to answer this question, answer
+
+ config SECURITY_TOMOYO_STACKED
+ bool "TOMOYO support is enabled by default" if SECURITY_TOMOYO
+ default n
+ help
+ This option instructs the system to use the TOMOYO checks.
+ If not selected the module will not be invoked.
+ Stacked security modules may interact in unexpected ways.
+
+ If you are unsure how to answer this question, answer N.
+
+ config SECURITY_APPARMOR_STACKED
+ bool "AppArmor" if SECURITY_APPARMOR
+ help
+ This option instructs the system to use the AppArmor checks.
+
+ If you are unsure how to answer this question, answer N.
+
+ config SECURITY_DAC_STACKED
+ bool "Unix Discretionary Access Controls" if !SECURITY_SELINUX_STACKED && !SECURITY_SMACK_STACKED && !SECURITY_TOMOYO_STACKED && !SECURITY_APPARMOR_STACKED
+ default y if !SECURITY_SELINUX_STACKED && !SECURITY_SMACK_STACKED && !SECURITY_TOMOYO_STACKED && !SECURITY_APPARMOR_STACKED
+ help
+ This option instructs the system to not use security modules
+ by default. This choice can be over ridden by specifying
+ the desired module using the security= parameter.
+
+ This option is incompatible with selecting selinux, smack,
+ tomoyo, or apparmor.
+
+ config DEFAULT_SECURITY_SELINUX
+ bool
+ default y if SECURITY_SELINUX_STACKED
+
+ config DEFAULT_SECURITY_SMACK
+ bool
+ default y if SECURITY_SMACK_STACKED
+
+ config DEFAULT_SECURITY_TOMOYO
+ bool
+ default y if SECURITY_TOMOYO_STACKED
+
+ config DEFAULT_SECURITY_APPARMOR
+ bool
+ default y if SECURITY_APPARMOR_STACKED
+
+ config DEFAULT_SECURITY_DAC
+ bool
+ default y if SECURITY_DAC_STACKED
+
+choice
+ depends on SECURITY_STACKING && !SECURITY_DAC_STACKED
+ prompt "Default LSM for legacy interfaces"
+ default SECURITY_DEFAULT_DISPLAY_SELINUX if SECURITY_SELINUX_STACKED
+ default SECURITY_DEFAULT_DISPLAY_SMACK if SECURITY_SMACK_STACKED
+ default SECURITY_DEFAULT_DISPLAY_TOMOYO if SECURITY_TOMOYO_STACKED
+ default SECURITY_DEFAULT_DISPALY_APPARMOR if SECURITY_APPARMOR_STACKED
+ default SECURITY_DEFAULT_DISPLAY_FIRST
+
+ help
+ Select the security module context that will be displayed by
+ default on legacy interfaces if the kernel parameter
+ security.display= is not specified.
+
+ config SECURITY_DEFAULT_DISPLAY_SELINUX
+ bool "SELinux" if SECURITY_SELINUX_STACKED=y
+
+ config SECURITY_DEFAULT_DISPLAY_SMACK
+ bool "Simplified Mandatory Access Control" if SECURITY_SMACK_STACKED
+
+ config SECURITY_DEFAULT_DISPLAY_TOMOYO
+ bool "TOMOYO" if SECURITY_TOMOYO_STACKED
+
+ config SECURITY_DEFAULT_DISPLAY_APPARMOR
+ bool "AppArmor" if SECURITY_APPARMOR_STACKED
+
+endchoice
+
+config SECURITY_DEFAULT_DISPLAY_NAME
+ string
+ default "selinux" if SECURITY_DEFAULT_DISPLAY_SELINUX
+ default "smack" if SECURITY_DEFAULT_DISPLAY_SMACK
+ default "tomoyo" if SECURITY_DEFAULT_DISPLAY_TOMOYO
+ default "apparmor" if SECURITY_DEFAULT_DISPLAY_APPARMOR
+ default "" if DEFAULT_SECURITY_DAC
+
+endmenu
config DEFAULT_SECURITY
string
+ default "selinux,smack,tomoyo,apparmor" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_TOMOYO && DEFAULT_SECURITY_APPARMOR
+ default "selinux,smack,tomoyo" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_TOMOYO
+ default "selinux,smack,apparmor" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_APPARMOR
+ default "selinux,tomoyo,apparmor" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_TOMOYO && DEFAULT_SECURITY_APPARMOR
+ default "smack,tomoyo,apparmor" if DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_TOMOYO && DEFAULT_SECURITY_APPARMOR
+ default "selinux,smack" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_SMACK
+ default "selinux,tomoyo" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_TOMOYO
+ default "selinux,apparmor" if DEFAULT_SECURITY_SELINUX && DEFAULT_SECURITY_APPARMOR
+ default "smack,tomoyo" if DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_TOMOYO
+ default "smack,apparmor" if DEFAULT_SECURITY_SMACK && DEFAULT_SECURITY_APPARMOR
+ default "tomoyo,apparmor" if DEFAULT_SECURITY_TOMOYO && DEFAULT_SECURITY_APPARMOR
default "selinux" if DEFAULT_SECURITY_SELINUX
default "smack" if DEFAULT_SECURITY_SMACK
default "tomoyo" if DEFAULT_SECURITY_TOMOYO
default "apparmor" if DEFAULT_SECURITY_APPARMOR
default "" if DEFAULT_SECURITY_DAC
-
endmenu
-