| Kentaro Takeda | 00d7d6f | 2009-02-05 17:18:17 +0900 | [diff] [blame] | 1 | config SECURITY_TOMOYO |
| 2 | bool "TOMOYO Linux Support" |
| 3 | depends on SECURITY |
| 4 | select SECURITYFS |
| 5 | select SECURITY_PATH |
| 6 | default n |
| 7 | help |
| 8 | This selects TOMOYO Linux, pathname-based access control. |
| 9 | Required userspace tools and further information may be |
| 10 | found at <http://tomoyo.sourceforge.jp/>. |
| 11 | If you are unsure how to answer this question, answer N. |
| Tetsuo Handa | 0e4ae0e | 2011-06-26 23:22:59 +0900 | [diff] [blame] | 12 | |
| 13 | config SECURITY_TOMOYO_MAX_ACCEPT_ENTRY |
| 14 | int "Default maximal count for learning mode" |
| 15 | default 2048 |
| 16 | range 0 2147483647 |
| 17 | depends on SECURITY_TOMOYO |
| 18 | help |
| 19 | This is the default value for maximal ACL entries |
| 20 | that are automatically appended into policy at "learning mode". |
| 21 | Some programs access thousands of objects, so running |
| 22 | such programs in "learning mode" dulls the system response |
| 23 | and consumes much memory. |
| 24 | This is the safeguard for such programs. |
| 25 | |
| 26 | config SECURITY_TOMOYO_MAX_AUDIT_LOG |
| 27 | int "Default maximal count for audit log" |
| 28 | default 1024 |
| 29 | range 0 2147483647 |
| 30 | depends on SECURITY_TOMOYO |
| 31 | help |
| 32 | This is the default value for maximal entries for |
| 33 | audit logs that the kernel can hold on memory. |
| 34 | You can read the log via /sys/kernel/security/tomoyo/audit. |
| 35 | If you don't need audit logs, you may set this value to 0. |
| 36 | |
| 37 | config SECURITY_TOMOYO_OMIT_USERSPACE_LOADER |
| 38 | bool "Activate without calling userspace policy loader." |
| 39 | default n |
| 40 | depends on SECURITY_TOMOYO |
| 41 | ---help--- |
| 42 | Say Y here if you want to activate access control as soon as built-in |
| 43 | policy was loaded. This option will be useful for systems where |
| 44 | operations which can lead to the hijacking of the boot sequence are |
| 45 | needed before loading the policy. For example, you can activate |
| 46 | immediately after loading the fixed part of policy which will allow |
| 47 | only operations needed for mounting a partition which contains the |
| 48 | variant part of policy and verifying (e.g. running GPG check) and |
| 49 | loading the variant part of policy. Since you can start using |
| 50 | enforcing mode from the beginning, you can reduce the possibility of |
| 51 | hijacking the boot sequence. |
| 52 | |
| 53 | config SECURITY_TOMOYO_POLICY_LOADER |
| 54 | string "Location of userspace policy loader" |
| 55 | default "/sbin/tomoyo-init" |
| 56 | depends on SECURITY_TOMOYO |
| 57 | depends on !SECURITY_TOMOYO_OMIT_USERSPACE_LOADER |
| 58 | ---help--- |
| 59 | This is the default pathname of policy loader which is called before |
| 60 | activation. You can override this setting via TOMOYO_loader= kernel |
| 61 | command line option. |
| 62 | |
| 63 | config SECURITY_TOMOYO_ACTIVATION_TRIGGER |
| 64 | string "Trigger for calling userspace policy loader" |
| 65 | default "/sbin/init" |
| 66 | depends on SECURITY_TOMOYO |
| 67 | depends on !SECURITY_TOMOYO_OMIT_USERSPACE_LOADER |
| 68 | ---help--- |
| 69 | This is the default pathname of activation trigger. |
| 70 | You can override this setting via TOMOYO_trigger= kernel command line |
| 71 | option. For example, if you pass init=/bin/systemd option, you may |
| 72 | want to also pass TOMOYO_trigger=/bin/systemd option. |