diff options
author | Mimi Zohar <zohar@linux.vnet.ibm.com> | 2009-02-04 09:07:00 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-02-06 09:05:31 +1100 |
commit | 4af4662fa4a9dc62289c580337ae2506339c4729 (patch) | |
tree | faec95258d2456eb35515f289eb688914ce3b54f /security/integrity/ima/Kconfig | |
parent | bab739378758a1e2b2d7ddcee7bc06cf4c591c3c (diff) | |
download | lwn-4af4662fa4a9dc62289c580337ae2506339c4729.tar.gz lwn-4af4662fa4a9dc62289c580337ae2506339c4729.zip |
integrity: IMA policy
Support for a user loadable policy through securityfs
with support for LSM specific policy data.
- free invalid rule in ima_parse_add_rule()
Signed-off-by: Mimi Zohar <zohar@us.ibm.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/integrity/ima/Kconfig')
-rw-r--r-- | security/integrity/ima/Kconfig | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/security/integrity/ima/Kconfig b/security/integrity/ima/Kconfig index 2a761c8ac996..3d2b6ee778a0 100644 --- a/security/integrity/ima/Kconfig +++ b/security/integrity/ima/Kconfig @@ -47,3 +47,9 @@ config IMA_AUDIT auditing messages can be enabled with 'ima_audit=1' on the kernel command line. +config IMA_LSM_RULES + bool + depends on IMA && (SECURITY_SELINUX || SECURITY_SMACK) + default y + help + Disabling this option will disregard LSM based policy rules |