#config INTEGRITYbool "Integrity subsystem"depends on SECURITYdefault yhelpThis option enables the integrity subsystem, which is comprisedof a number of different components including the IntegrityMeasurement Architecture (IMA), Extended Verification Module(EVM), IMA-appraisal extension, digital signature verificationextension and audit measurement log support.Each of these components can be enabled/disabled separately.Refer to the individual components for additional details.if INTEGRITYconfig INTEGRITY_SIGNATUREbool "Digital signature verification using multiple keyrings"depends on KEYSdefault nselect SIGNATUREhelpThis option enables digital signature verification supportusing multiple keyrings. It defines separate keyrings for eachof the different use cases - evm, ima, and modules.Different keyrings improves search performance, but also allowto "lock" certain keyring to prevent adding new keys.This is useful for evm and module keyrings, when keys areusually only added from initramfs.config INTEGRITY_ASYMMETRIC_KEYSbool "Enable asymmetric keys support"depends on INTEGRITY_SIGNATUREdefault nselect ASYMMETRIC_KEY_TYPEselect ASYMMETRIC_PUBLIC_KEY_SUBTYPEselect PUBLIC_KEY_ALGO_RSAselect X509_CERTIFICATE_PARSERhelpThis option enables digital signature verification usingasymmetric keys.config INTEGRITY_AUDITbool "Enables integrity auditing support "depends on AUDITdefault yhelpIn addition to enabling integrity auditing support, thisoption adds a kernel parameter 'integrity_audit', whichcontrols the level of integrity auditing messages.0 - basic integrity auditing messages (default)1 - additional integrity auditing messagesAdditional informational integrity auditing messages wouldbe enabled by specifying 'integrity_audit=1' on the kernelcommand line.source security/integrity/ima/Kconfigsource security/integrity/evm/Kconfigendif # if INTEGRITY
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。