1 |
config CCSECURITY |
2 |
bool "CCSecurity support" |
3 |
default y |
4 |
help |
5 |
Say Y here to support non-LSM version of TOMOYO Linux. |
6 |
http://tomoyo.sourceforge.jp/ |
7 |
|
8 |
config CCSECURITY_LKM |
9 |
bool "Compile as loadable kernel module" |
10 |
default n |
11 |
depends on CCSECURITY && MODULES |
12 |
help |
13 |
This version of TOMOYO depends on patching the kernel source in order |
14 |
to insert some hooks which LSM does not provide. Therefore, |
15 |
recompiling the kernel is inevitable. But if you want to keep |
16 |
vmlinux's size as small as possible, you can compile most part of |
17 |
TOMOYO as a loadable kernel module by saying Y here. |
18 |
|
19 |
config CCSECURITY_DISABLE_BY_DEFAULT |
20 |
bool "Disable by default" |
21 |
default n |
22 |
depends on CCSECURITY |
23 |
help |
24 |
Say Y here if you want TOMOYO disabled by default. |
25 |
To enable TOMOYO, pass ccsecurity=on to kernel command line. |
26 |
To disable TOMOYO, pass ccsecurity=off to kernel command line. |
27 |
|
28 |
config CCSECURITY_USE_EXTERNAL_TASK_SECURITY |
29 |
bool "Do not modify 'struct task_struct' in order to keep KABI" |
30 |
default n |
31 |
depends on CCSECURITY |
32 |
help |
33 |
Say Y here if you want to keep KABI for prebuilt kernel modules |
34 |
unchanged. TOMOYO needs "struct ccs_domain_info *" and "u32" for each |
35 |
"struct task_struct". But embedding these variables into |
36 |
"struct task_struct" breaks KABI for prebuilt kernel modules (which |
37 |
means that you will need to rebuild prebuilt kernel modules). |
38 |
If you say Y here, these variables are managed outside |
39 |
"struct task_struct" rather than embedding into "struct task_struct", |
40 |
but accessing these variables becomes slower because lookup operation |
41 |
is performed every time the current thread needs to access them. |
42 |
|
43 |
config CCSECURITY_MAX_ACCEPT_ENTRY |
44 |
int "Default maximal count for learning mode" |
45 |
default 2048 |
46 |
range 0 2147483647 |
47 |
depends on CCSECURITY |
48 |
help |
49 |
This is the default value for maximal ACL entries |
50 |
that are automatically appended into policy at "learning mode". |
51 |
Some programs access thousands of objects, so running |
52 |
such programs in "learning mode" dulls the system response |
53 |
and consumes much memory. |
54 |
This is the safeguard for such programs. |
55 |
|
56 |
config CCSECURITY_MAX_AUDIT_LOG |
57 |
int "Default maximal count for audit log" |
58 |
default 1024 |
59 |
range 0 2147483647 |
60 |
depends on CCSECURITY |
61 |
help |
62 |
This is the default value for maximal entries for |
63 |
audit logs that the kernel can hold on memory. |
64 |
You can read the log via /proc/ccs/audit. |
65 |
If you don't need audit logs, you may set this value to 0. |
66 |
|
67 |
config CCSECURITY_OMIT_USERSPACE_LOADER |
68 |
bool "Activate without calling userspace policy loader." |
69 |
default n |
70 |
depends on CCSECURITY |
71 |
---help--- |
72 |
Say Y here if you want to activate access control as soon as built-in |
73 |
policy was loaded. This option will be useful for systems where |
74 |
operations which can lead to the hijacking of the boot sequence are |
75 |
needed before loading the policy. For example, you can activate |
76 |
immediately after loading the fixed part of policy which will allow |
77 |
only operations needed for mounting a partition which contains the |
78 |
variant part of policy and verifying (e.g. running GPG check) and |
79 |
loading the variant part of policy. Since you can start using |
80 |
enforcing mode from the beginning, you can reduce the possibility of |
81 |
hijacking the boot sequence. |
82 |
|
83 |
config CCSECURITY_POLICY_LOADER |
84 |
string "Location of userspace policy loader" |
85 |
default "/sbin/ccs-init" |
86 |
depends on CCSECURITY |
87 |
depends on !CCSECURITY_OMIT_USERSPACE_LOADER |
88 |
---help--- |
89 |
This is the pathname of policy loader which is called before |
90 |
activation. |
91 |
|
92 |
config CCSECURITY_ACTIVATION_TRIGGER |
93 |
string "Trigger for calling userspace policy loader" |
94 |
default "/sbin/init" |
95 |
depends on CCSECURITY |
96 |
depends on !CCSECURITY_OMIT_USERSPACE_LOADER |
97 |
---help--- |
98 |
Some environments do not have /sbin/init . In such environments, |
99 |
we need to use different program's pathname (e.g. /init or /linuxrc ) |
100 |
as activation trigger. |