tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1# IBM Integrity Measurement Architecture
2#
3config IMA
4 bool "Integrity Measurement Architecture(IMA)"
5 depends on SECURITY
6 select INTEGRITY
7 select SECURITYFS
8 select CRYPTO
9 select CRYPTO_HMAC
10 select CRYPTO_MD5
11 select CRYPTO_SHA1
12 select CRYPTO_HASH_INFO
13 select TCG_TPM if HAS_IOMEM && !UML
14 select TCG_TIS if TCG_TPM && X86
15 select TCG_IBMVTPM if TCG_TPM && PPC64
16 help
17 The Trusted Computing Group(TCG) runtime Integrity
18 Measurement Architecture(IMA) maintains a list of hash
19 values of executables and other sensitive system files,
20 as they are read or executed. If an attacker manages
21 to change the contents of an important system file
22 being measured, we can tell.
23
24 If your system has a TPM chip, then IMA also maintains
25 an aggregate integrity value over this list inside the
26 TPM hardware, so that the TPM can prove to a third party
27 whether or not critical system files have been modified.
28 Read <http://www.usenix.org/events/sec04/tech/sailer.html>
29 to learn more about IMA.
30 If unsure, say N.
31
32config IMA_MEASURE_PCR_IDX
33 int
34 depends on IMA
35 range 8 14
36 default 10
37 help
38 IMA_MEASURE_PCR_IDX determines the TPM PCR register index
39 that IMA uses to maintain the integrity aggregate of the
40 measurement list. If unsure, use the default 10.
41
42config IMA_LSM_RULES
43 bool
44 depends on IMA && AUDIT && (SECURITY_SELINUX || SECURITY_SMACK)
45 default y
46 help
47 Disabling this option will disregard LSM based policy rules.
48
49choice
50 prompt "Default template"
51 default IMA_NG_TEMPLATE
52 depends on IMA
53 help
54 Select the default IMA measurement template.
55
56 The original 'ima' measurement list template contains a
57 hash, defined as 20 bytes, and a null terminated pathname,
58 limited to 255 characters. The 'ima-ng' measurement list
59 template permits both larger hash digests and longer
60 pathnames.
61
62 config IMA_TEMPLATE
63 bool "ima"
64 config IMA_NG_TEMPLATE
65 bool "ima-ng (default)"
66 config IMA_SIG_TEMPLATE
67 bool "ima-sig"
68endchoice
69
70config IMA_DEFAULT_TEMPLATE
71 string
72 depends on IMA
73 default "ima" if IMA_TEMPLATE
74 default "ima-ng" if IMA_NG_TEMPLATE
75 default "ima-sig" if IMA_SIG_TEMPLATE
76
77choice
78 prompt "Default integrity hash algorithm"
79 default IMA_DEFAULT_HASH_SHA1
80 depends on IMA
81 help
82 Select the default hash algorithm used for the measurement
83 list, integrity appraisal and audit log. The compiled default
84 hash algorithm can be overwritten using the kernel command
85 line 'ima_hash=' option.
86
87 config IMA_DEFAULT_HASH_SHA1
88 bool "SHA1 (default)"
89 depends on CRYPTO_SHA1
90
91 config IMA_DEFAULT_HASH_SHA256
92 bool "SHA256"
93 depends on CRYPTO_SHA256 && !IMA_TEMPLATE
94
95 config IMA_DEFAULT_HASH_SHA512
96 bool "SHA512"
97 depends on CRYPTO_SHA512 && !IMA_TEMPLATE
98
99 config IMA_DEFAULT_HASH_WP512
100 bool "WP512"
101 depends on CRYPTO_WP512 && !IMA_TEMPLATE
102endchoice
103
104config IMA_DEFAULT_HASH
105 string
106 depends on IMA
107 default "sha1" if IMA_DEFAULT_HASH_SHA1
108 default "sha256" if IMA_DEFAULT_HASH_SHA256
109 default "sha512" if IMA_DEFAULT_HASH_SHA512
110 default "wp512" if IMA_DEFAULT_HASH_WP512
111
112config IMA_APPRAISE
113 bool "Appraise integrity measurements"
114 depends on IMA
115 default n
116 help
117 This option enables local measurement integrity appraisal.
118 It requires the system to be labeled with a security extended
119 attribute containing the file hash measurement. To protect
120 the security extended attributes from offline attack, enable
121 and configure EVM.
122
123 For more information on integrity appraisal refer to:
124 <http://linux-ima.sourceforge.net>
125 If unsure, say N.