summaryrefslogtreecommitdiffstats
path: root/kernel-armv7hl.config
diff options
context:
space:
mode:
authorPeter Robinson <pbrobinson@gmail.com>2019-07-31 13:58:31 +0100
committerPeter Robinson <pbrobinson@gmail.com>2019-07-31 13:58:31 +0100
commitadfbac47b62c420b2438325283f3ca58d10094ec (patch)
treec63983d6c4c5dbadb4c572dc2987efed8cd4a8f9 /kernel-armv7hl.config
parentffc1fce93e41c87f9f27fe1e6703a33011133064 (diff)
downloadkernel-adfbac47b62c420b2438325283f3ca58d10094ec.tar.gz
kernel-adfbac47b62c420b2438325283f3ca58d10094ec.tar.xz
kernel-adfbac47b62c420b2438325283f3ca58d10094ec.zip
Enable IMA Appraisal - related rhbz 790008 1554474
Diffstat (limited to 'kernel-armv7hl.config')
-rw-r--r--kernel-armv7hl.config11
1 files changed, 9 insertions, 2 deletions
diff --git a/kernel-armv7hl.config b/kernel-armv7hl.config
index c9b0a7acd..62e006001 100644
--- a/kernel-armv7hl.config
+++ b/kernel-armv7hl.config
@@ -2427,17 +2427,23 @@ CONFIG_IIO_TRIGGERED_BUFFER=m
CONFIG_IIO_TRIGGER=y
# CONFIG_IKCONFIG is not set
CONFIG_IKHEADERS=m
-# CONFIG_IMA_APPRAISE is not set
+CONFIG_IMA_APPRAISE_BOOTPARAM=y
+# CONFIG_IMA_APPRAISE_BUILD_POLICY is not set
+CONFIG_IMA_APPRAISE=y
+# CONFIG_IMA_ARCH_POLICY is not set
+# CONFIG_IMA_BLACKLIST_KEYRING is not set
# CONFIG_IMA_DEFAULT_HASH_SHA1 is not set
CONFIG_IMA_DEFAULT_HASH_SHA256=y
CONFIG_IMA_KEXEC=y
CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y
+# CONFIG_IMA_LOAD_X509 is not set
CONFIG_IMA_LSM_RULES=y
CONFIG_IMA_MEASURE_PCR_IDX=10
CONFIG_IMA_NG_TEMPLATE=y
CONFIG_IMA_READ_POLICY=y
# CONFIG_IMA_SIG_TEMPLATE is not set
# CONFIG_IMA_TEMPLATE is not set
+# CONFIG_IMA_TRUSTED_KEYRING is not set
CONFIG_IMA_WRITE_POLICY=y
CONFIG_IMA=y
# CONFIG_IMG_ASCII_LCD is not set
@@ -2580,6 +2586,7 @@ CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y
CONFIG_INTEGRITY_AUDIT=y
# CONFIG_INTEGRITY_PLATFORM_KEYRING is not set
CONFIG_INTEGRITY_SIGNATURE=y
+CONFIG_INTEGRITY_TRUSTED_KEYRING=y
CONFIG_INTEGRITY=y
# CONFIG_INTEL_IDMA64 is not set
CONFIG_INTEL_SOC_PMIC_CHTDC_TI=m
@@ -6441,7 +6448,7 @@ CONFIG_TCG_NSC=m
CONFIG_TCG_TIS_I2C_ATMEL=m
CONFIG_TCG_TIS_I2C_INFINEON=m
# CONFIG_TCG_TIS_I2C_NUVOTON is not set
-# CONFIG_TCG_TIS_SPI is not set
+CONFIG_TCG_TIS_SPI=m
# CONFIG_TCG_TIS_ST33ZP24_I2C is not set
# CONFIG_TCG_TIS_ST33ZP24_SPI is not set
CONFIG_TCG_TIS=y