diff options
author | Peter Robinson <pbrobinson@gmail.com> | 2019-07-31 13:58:31 +0100 |
---|---|---|
committer | Peter Robinson <pbrobinson@gmail.com> | 2019-07-31 13:58:31 +0100 |
commit | adfbac47b62c420b2438325283f3ca58d10094ec (patch) | |
tree | c63983d6c4c5dbadb4c572dc2987efed8cd4a8f9 /kernel-aarch64-debug.config | |
parent | ffc1fce93e41c87f9f27fe1e6703a33011133064 (diff) | |
download | kernel-adfbac47b62c420b2438325283f3ca58d10094ec.tar.gz kernel-adfbac47b62c420b2438325283f3ca58d10094ec.tar.xz kernel-adfbac47b62c420b2438325283f3ca58d10094ec.zip |
Enable IMA Appraisal - related rhbz 790008 1554474
Diffstat (limited to 'kernel-aarch64-debug.config')
-rw-r--r-- | kernel-aarch64-debug.config | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/kernel-aarch64-debug.config b/kernel-aarch64-debug.config index 488cc5d09..b948b2cc5 100644 --- a/kernel-aarch64-debug.config +++ b/kernel-aarch64-debug.config @@ -2412,17 +2412,23 @@ CONFIG_IIO_TRIGGERED_BUFFER=m CONFIG_IIO_TRIGGER=y # CONFIG_IKCONFIG is not set CONFIG_IKHEADERS=m -# CONFIG_IMA_APPRAISE is not set +CONFIG_IMA_APPRAISE_BOOTPARAM=y +# CONFIG_IMA_APPRAISE_BUILD_POLICY is not set +CONFIG_IMA_APPRAISE=y +# CONFIG_IMA_ARCH_POLICY is not set +# CONFIG_IMA_BLACKLIST_KEYRING is not set # CONFIG_IMA_DEFAULT_HASH_SHA1 is not set CONFIG_IMA_DEFAULT_HASH_SHA256=y CONFIG_IMA_KEXEC=y CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y +# CONFIG_IMA_LOAD_X509 is not set CONFIG_IMA_LSM_RULES=y CONFIG_IMA_MEASURE_PCR_IDX=10 CONFIG_IMA_NG_TEMPLATE=y CONFIG_IMA_READ_POLICY=y # CONFIG_IMA_SIG_TEMPLATE is not set # CONFIG_IMA_TEMPLATE is not set +# CONFIG_IMA_TRUSTED_KEYRING is not set CONFIG_IMA_WRITE_POLICY=y CONFIG_IMA=y # CONFIG_IMG_ASCII_LCD is not set @@ -2557,6 +2563,7 @@ CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y CONFIG_INTEGRITY_AUDIT=y # CONFIG_INTEGRITY_PLATFORM_KEYRING is not set CONFIG_INTEGRITY_SIGNATURE=y +CONFIG_INTEGRITY_TRUSTED_KEYRING=y CONFIG_INTEGRITY=y # CONFIG_INTEL_IDMA64 is not set CONFIG_INTEL_SOC_PMIC_CHTDC_TI=m @@ -6210,7 +6217,7 @@ CONFIG_TCG_NSC=m CONFIG_TCG_TIS_I2C_ATMEL=m CONFIG_TCG_TIS_I2C_INFINEON=m # CONFIG_TCG_TIS_I2C_NUVOTON is not set -# CONFIG_TCG_TIS_SPI is not set +CONFIG_TCG_TIS_SPI=m # CONFIG_TCG_TIS_ST33ZP24_I2C is not set # CONFIG_TCG_TIS_ST33ZP24_SPI is not set CONFIG_TCG_TIS=y |