summaryrefslogtreecommitdiffstats
path: root/kernel-aarch64.config
diff options
context:
space:
mode:
authorLaura Abbott <labbott@redhat.com>2018-02-19 10:40:39 -0800
committerLaura Abbott <labbott@redhat.com>2018-02-19 10:54:11 -0800
commitbb540d20c6388d18e5977f14f35f96318be223e1 (patch)
treef5166330c1a93deb7e1847c180522fe05d75c740 /kernel-aarch64.config
parent08732ed8268cbd9fd23dfae32ffa18ea320b910e (diff)
downloadkernel-bb540d20c6388d18e5977f14f35f96318be223e1.tar.gz
kernel-bb540d20c6388d18e5977f14f35f96318be223e1.tar.xz
kernel-bb540d20c6388d18e5977f14f35f96318be223e1.zip
Enable IMA (rhbz 790008)
Diffstat (limited to 'kernel-aarch64.config')
-rw-r--r--kernel-aarch64.config19
1 files changed, 15 insertions, 4 deletions
diff --git a/kernel-aarch64.config b/kernel-aarch64.config
index f7dd6976b..c48f5703a 100644
--- a/kernel-aarch64.config
+++ b/kernel-aarch64.config
@@ -2185,9 +2185,17 @@ CONFIG_IIO_TIGHTLOOP_TRIGGER=m
CONFIG_IIO_TRIGGERED_BUFFER=m
CONFIG_IIO_TRIGGER=y
# CONFIG_IKCONFIG is not set
-# CONFIG_IMA is not set
+CONFIG_IMA_APPRAISE_BOOTPARAM=y
+CONFIG_IMA_APPRAISE=y
+# CONFIG_IMA_BLACKLIST_KEYRING is not set
+CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y
+# CONFIG_IMA_LOAD_X509 is not set
CONFIG_IMA_LSM_RULES=y
CONFIG_IMA_MEASURE_PCR_IDX=10
+CONFIG_IMA_READ_POLICY=y
+CONFIG_IMA_TRUSTED_KEYRING=y
+CONFIG_IMA_WRITE_POLICY=y
+CONFIG_IMA=y
# CONFIG_IMG_ASCII_LCD is not set
# CONFIG_IMX_IPUV3_CORE is not set
# CONFIG_INA2XX_ADC is not set
@@ -2307,7 +2315,10 @@ CONFIG_INPUT_WISTRON_BTNS=m
CONFIG_INPUT_WM831X_ON=m
CONFIG_INPUT=y
CONFIG_INPUT_YEALINK=m
-# CONFIG_INTEGRITY is not set
+CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y
+CONFIG_INTEGRITY_AUDIT=y
+CONFIG_INTEGRITY_SIGNATURE=y
+CONFIG_INTEGRITY=y
# CONFIG_INTEL_IDMA64 is not set
CONFIG_INTEL_SOC_PMIC_CHTDC_TI=m
# CONFIG_INTEL_SOC_PMIC is not set
@@ -5655,12 +5666,12 @@ CONFIG_TCG_NSC=m
CONFIG_TCG_TIS_I2C_ATMEL=m
# CONFIG_TCG_TIS_I2C_INFINEON is not set
# CONFIG_TCG_TIS_I2C_NUVOTON is not set
-CONFIG_TCG_TIS=m
# CONFIG_TCG_TIS_SPI is not set
# CONFIG_TCG_TIS_ST33ZP24_I2C is not set
# CONFIG_TCG_TIS_ST33ZP24 is not set
# CONFIG_TCG_TIS_ST33ZP24_SPI is not set
-CONFIG_TCG_TPM=m
+CONFIG_TCG_TIS=y
+CONFIG_TCG_TPM=y
# CONFIG_TCG_VTPM_PROXY is not set
# CONFIG_TCG_XEN is not set
CONFIG_TCM_FC=m