summaryrefslogtreecommitdiffstats
path: root/kernel-x86_64.config
diff options
context:
space:
mode:
authorPeter Robinson <pbrobinson@gmail.com>2019-07-17 11:09:36 +0100
committerPeter Robinson <pbrobinson@gmail.com>2019-07-17 11:10:24 +0100
commit89207621e9e4a9abe5b30315ef9ac0b3a7e7efa0 (patch)
tree344d4b243394ee647c0188798bd7959a8ba5a530 /kernel-x86_64.config
parentef64fcc47a9e26f355d3bffa42a91760ca19fe5c (diff)
downloadkernel-89207621e9e4a9abe5b30315ef9ac0b3a7e7efa0.tar.gz
kernel-89207621e9e4a9abe5b30315ef9ac0b3a7e7efa0.tar.xz
kernel-89207621e9e4a9abe5b30315ef9ac0b3a7e7efa0.zip
IMA: change default hash from sha1 to sha256, the later is more secuure and hence should be the default
Diffstat (limited to 'kernel-x86_64.config')
-rw-r--r--kernel-x86_64.config4
1 files changed, 2 insertions, 2 deletions
diff --git a/kernel-x86_64.config b/kernel-x86_64.config
index 0aadcd337..44d238b32 100644
--- a/kernel-x86_64.config
+++ b/kernel-x86_64.config
@@ -2228,8 +2228,8 @@ CONFIG_IIO_TRIGGER=y
CONFIG_IKHEADERS=m
# CONFIG_IMA_APPRAISE is not set
# CONFIG_IMA_ARCH_POLICY is not set
-CONFIG_IMA_DEFAULT_HASH_SHA1=y
-# CONFIG_IMA_DEFAULT_HASH_SHA256 is not set
+# CONFIG_IMA_DEFAULT_HASH_SHA1 is not set
+CONFIG_IMA_DEFAULT_HASH_SHA256=y
CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y
CONFIG_IMA_LSM_RULES=y
CONFIG_IMA_MEASURE_PCR_IDX=10