summaryrefslogtreecommitdiffstats
path: root/kernel-aarch64-debug.config
diff options
context:
space:
mode:
authorPeter Robinson <pbrobinson@gmail.com>2019-07-17 11:09:36 +0100
committerPeter Robinson <pbrobinson@gmail.com>2019-07-17 11:13:35 +0100
commit9311d0121abc45953d53de794e926eeabb13af2d (patch)
treed0d5ee5d948818cc9cdde0a6a73e87c5efc2fc80 /kernel-aarch64-debug.config
parent5c2ab4e801af208f640dc06a07e6a55cca2c1d74 (diff)
downloadkernel-9311d0121abc45953d53de794e926eeabb13af2d.tar.gz
kernel-9311d0121abc45953d53de794e926eeabb13af2d.tar.xz
kernel-9311d0121abc45953d53de794e926eeabb13af2d.zip
IMA: change default hash from sha1 to sha256, the later is more secuure and hence should be the default
Diffstat (limited to 'kernel-aarch64-debug.config')
-rw-r--r--kernel-aarch64-debug.config4
1 files changed, 2 insertions, 2 deletions
diff --git a/kernel-aarch64-debug.config b/kernel-aarch64-debug.config
index a8820aee9..a21830e78 100644
--- a/kernel-aarch64-debug.config
+++ b/kernel-aarch64-debug.config
@@ -2432,8 +2432,8 @@ CONFIG_IIO_TRIGGER=y
# CONFIG_IKCONFIG is not set
CONFIG_IKHEADERS=m
# CONFIG_IMA_APPRAISE is not set
-CONFIG_IMA_DEFAULT_HASH_SHA1=y
-# CONFIG_IMA_DEFAULT_HASH_SHA256 is not set
+# CONFIG_IMA_DEFAULT_HASH_SHA1 is not set
+CONFIG_IMA_DEFAULT_HASH_SHA256=y
CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y
CONFIG_IMA_LSM_RULES=y
CONFIG_IMA_MEASURE_PCR_IDX=10