Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 4af4662fa4a9dc62289c580337ae2506339c4729^! / . / security / integrity / ima / Kconfig
commit4af4662fa4a9dc62289c580337ae2506339c4729[log] [tgz]
authorMimi Zohar <zohar@linux.vnet.ibm.com>Wed Feb 04 09:07:00 2009 -0500
committerJames Morris <jmorris@namei.org>Fri Feb 06 09:05:31 2009 +1100
treefaec95258d2456eb35515f289eb688914ce3b54f
parentbab739378758a1e2b2d7ddcee7bc06cf4c591c3c [diff] [blame]
integrity: IMA policy

Support for a user loadable policy through securityfs
with support for LSM specific policy data.
- free invalid rule in ima_parse_add_rule()

Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>

diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig
index 2a761c8..3d2b6ee 100644
--- a/security/integrity/ima/Kconfig
+++ b/security/integrity/ima/Kconfig

@@ -47,3 +47,9 @@
 	  auditing messages can be enabled with 'ima_audit=1' on
 	  the kernel command line.
 
+config IMA_LSM_RULES
+	bool
+	depends on IMA && (SECURITY_SELINUX || SECURITY_SMACK)
+	default y
+	help
+	  Disabling this option will disregard LSM based policy rules