diff options
author | Peter Robinson <pbrobinson@gmail.com> | 2019-07-17 11:09:36 +0100 |
---|---|---|
committer | Peter Robinson <pbrobinson@gmail.com> | 2019-07-17 11:10:24 +0100 |
commit | 89207621e9e4a9abe5b30315ef9ac0b3a7e7efa0 (patch) | |
tree | 344d4b243394ee647c0188798bd7959a8ba5a530 /kernel-x86_64.config | |
parent | ef64fcc47a9e26f355d3bffa42a91760ca19fe5c (diff) | |
download | kernel-89207621e9e4a9abe5b30315ef9ac0b3a7e7efa0.tar.gz kernel-89207621e9e4a9abe5b30315ef9ac0b3a7e7efa0.tar.xz kernel-89207621e9e4a9abe5b30315ef9ac0b3a7e7efa0.zip |
IMA: change default hash from sha1 to sha256, the later is more secuure and hence should be the default
Diffstat (limited to 'kernel-x86_64.config')
-rw-r--r-- | kernel-x86_64.config | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/kernel-x86_64.config b/kernel-x86_64.config index 0aadcd337..44d238b32 100644 --- a/kernel-x86_64.config +++ b/kernel-x86_64.config @@ -2228,8 +2228,8 @@ CONFIG_IIO_TRIGGER=y CONFIG_IKHEADERS=m # CONFIG_IMA_APPRAISE is not set # CONFIG_IMA_ARCH_POLICY is not set -CONFIG_IMA_DEFAULT_HASH_SHA1=y -# CONFIG_IMA_DEFAULT_HASH_SHA256 is not set +# CONFIG_IMA_DEFAULT_HASH_SHA1 is not set +CONFIG_IMA_DEFAULT_HASH_SHA256=y CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y CONFIG_IMA_LSM_RULES=y CONFIG_IMA_MEASURE_PCR_IDX=10 |