summaryrefslogtreecommitdiff
path: root/meta-security/meta-integrity/recipes-kernel/linux/linux/ima.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'meta-security/meta-integrity/recipes-kernel/linux/linux/ima.cfg')
-rw-r--r--meta-security/meta-integrity/recipes-kernel/linux/linux/ima.cfg18
1 files changed, 18 insertions, 0 deletions
diff --git a/meta-security/meta-integrity/recipes-kernel/linux/linux/ima.cfg b/meta-security/meta-integrity/recipes-kernel/linux/linux/ima.cfg
new file mode 100644
index 000000000..b3e47ba37
--- /dev/null
+++ b/meta-security/meta-integrity/recipes-kernel/linux/linux/ima.cfg
@@ -0,0 +1,18 @@
+CONFIG_IMA=y
+CONFIG_IMA_MEASURE_PCR_IDX=10
+CONFIG_IMA_NG_TEMPLATE=y
+CONFIG_IMA_DEFAULT_TEMPLATE="ima-ng"
+CONFIG_IMA_DEFAULT_HASH_SHA1=y
+CONFIG_IMA_DEFAULT_HASH="sha1"
+CONFIG_IMA_APPRAISE=y
+CONFIG_IMA_APPRAISE_BOOTPARAM=y
+CONFIG_IMA_TRUSTED_KEYRING=y
+CONFIG_SIGNATURE=y
+CONFIG_IMA_WRITE_POLICY=y
+CONFIG_IMA_READ_POLICY=y
+CONFIG_IMA_LOAD_X509=y
+CONFIG_IMA_X509_PATH="/etc/keys/x509_ima.der"
+
+#CONFIG_INTEGRITY_SIGNATURE=y
+#CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y
+#CONFIG_INTEGRITY_TRUSTED_KEYRING=y
generated by cgit v1.2.3 (git 2.39.0) at 2024-06-01 14:50:25 +0300