Andrew Geissler | dc9d614 | 2023-05-19 09:38:37 -0500 | [diff] [blame^] | 1 | CONFIG_KEYS=y |
| 2 | CONFIG_ASYMMETRIC_KEY_TYPE=y |
| 3 | CONFIG_SYSTEM_TRUSTED_KEYRING=y |
| 4 | CONFIG_SYSTEM_TRUSTED_KEYS="${IMA_EVM_ROOT_CA}" |
| 5 | CONFIG_SECONDARY_TRUSTED_KEYRING=y |
| 6 | CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y |
| 7 | CONFIG_X509_CERTIFICATE_PARSER=y |
| 8 | CONFIG_PKCS8_PRIVATE_KEY_PARSER=y |
| 9 | CONFIG_CRYPTO_ECDSA=y |
| 10 | CONFIG_SECURITY=y |
| 11 | CONFIG_SECURITYFS=y |
| 12 | CONFIG_INTEGRITY=y |
| 13 | CONFIG_INTEGRITY_SIGNATURE=y |
| 14 | CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y |
| 15 | CONFIG_INTEGRITY_TRUSTED_KEYRING=y |
| 16 | CONFIG_IMA=y |
| 17 | CONFIG_IMA_MEASURE_PCR_IDX=10 |
| 18 | CONFIG_IMA_LSM_RULES=y |
| 19 | # CONFIG_IMA_TEMPLATE is not set |
| 20 | # CONFIG_IMA_NG_TEMPLATE is not set |
| 21 | CONFIG_IMA_SIG_TEMPLATE=y |
| 22 | CONFIG_IMA_DEFAULT_TEMPLATE="ima-sig" |
| 23 | # CONFIG_IMA_DEFAULT_HASH_SHA1 is not set |
| 24 | CONFIG_IMA_DEFAULT_HASH_SHA256=y |
| 25 | # CONFIG_IMA_DEFAULT_HASH_SHA512 is not set |
| 26 | CONFIG_IMA_DEFAULT_HASH="sha256" |
| 27 | CONFIG_IMA_WRITE_POLICY=y |
| 28 | CONFIG_IMA_READ_POLICY=y |
| 29 | CONFIG_IMA_APPRAISE=y |
| 30 | CONFIG_IMA_ARCH_POLICY=y |
| 31 | CONFIG_IMA_APPRAISE_BUILD_POLICY=y |
| 32 | CONFIG_IMA_APPRAISE_REQUIRE_POLICY_SIGS=y |
| 33 | # CONFIG_IMA_APPRAISE_BOOTPARAM is not set |
| 34 | # CONFIG_IMA_APPRAISE_MODSIG is not set |
| 35 | CONFIG_IMA_TRUSTED_KEYRING=y |
| 36 | CONFIG_IMA_KEYRINGS_PERMIT_SIGNED_BY_BUILTIN_OR_SECONDARY=y |
| 37 | # CONFIG_IMA_BLACKLIST_KEYRING is not set |
| 38 | # CONFIG_IMA_LOAD_X509 is not set |
| 39 | CONFIG_IMA_APPRAISE_SIGNED_INIT=y |
| 40 | CONFIG_IMA_MEASURE_ASYMMETRIC_KEYS=y |
| 41 | CONFIG_IMA_QUEUE_EARLY_BOOT_KEYS=y |
| 42 | CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT=y |
| 43 | # CONFIG_IMA_DISABLE_HTABLE is not set |
| 44 | CONFIG_EVM=y |
| 45 | # CONFIG_EVM_LOAD_X509 is not set |