| Mimi Zohar | 66dbc325 | 2011-03-15 16:12:09 -0400 | [diff] [blame] | 1 | config EVM |
| 2 | boolean "EVM support" |
| Dmitry Kasatkin | a3aef94 | 2014-02-28 14:18:09 +0200 | [diff] [blame] | 3 | depends on SECURITY |
| 4 | select KEYS |
| 5 | select ENCRYPTED_KEYS |
| Mimi Zohar | 66dbc325 | 2011-03-15 16:12:09 -0400 | [diff] [blame] | 6 | select CRYPTO_HMAC |
| Mimi Zohar | 66dbc325 | 2011-03-15 16:12:09 -0400 | [diff] [blame] | 7 | select CRYPTO_SHA1 |
| Mimi Zohar | 66dbc325 | 2011-03-15 16:12:09 -0400 | [diff] [blame] | 8 | default n |
| 9 | help |
| 10 | EVM protects a file's security extended attributes against |
| 11 | integrity attacks. |
| 12 | |
| 13 | If you are unsure how to answer this question, answer N. |
| Dmitry Kasatkin | 74de668 | 2012-09-10 10:37:20 +0300 | [diff] [blame] | 14 | |
| 15 | config EVM_HMAC_VERSION |
| 16 | int "EVM HMAC version" |
| 17 | depends on EVM |
| 18 | default 2 |
| 19 | help |
| 20 | This options adds EVM HMAC version support. |
| 21 | 1 - original version |
| 22 | 2 - add per filesystem unique identifier (UUID) (default) |
| 23 | |
| 24 | WARNING: changing the HMAC calculation method or adding |
| 25 | additional info to the calculation, requires existing EVM |
| 26 | labeled file systems to be relabeled. |