security: add PFT to the default security LSM list
Allow selecting PFT as the chosen LSM (Linux Security Module). Change-Id: I45f403535e72cf9374b0d8c0263f6f64e4d710e6 Signed-off-by: Amir Samuelov <amirs@codeaurora.org>
This commit is contained in:
parent
0396aa3003
commit
70154ae7c7
|
@ -70,6 +70,16 @@ config SECURITY_PATH
|
|||
implement pathname based access controls.
|
||||
If you are unsure how to answer this question, answer N.
|
||||
|
||||
config SECURITY_PFT
|
||||
bool "Security hooks for Per File Encryption"
|
||||
depends on SECURITY
|
||||
depends on PFT
|
||||
help
|
||||
This enables the security hooks for Per File Encryption.
|
||||
If enabled, a security module can use these hooks to
|
||||
implement file based access controls and encryption.
|
||||
If you are unsure how to answer this question, answer N.
|
||||
|
||||
config INTEL_TXT
|
||||
bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)"
|
||||
depends on HAVE_INTEL_TXT
|
||||
|
@ -132,6 +142,7 @@ choice
|
|||
default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO
|
||||
default DEFAULT_SECURITY_APPARMOR if SECURITY_APPARMOR
|
||||
default DEFAULT_SECURITY_YAMA if SECURITY_YAMA
|
||||
default DEFAULT_SECURITY_PFT if SECURITY_PFT
|
||||
default DEFAULT_SECURITY_DAC
|
||||
|
||||
help
|
||||
|
@ -153,6 +164,9 @@ choice
|
|||
config DEFAULT_SECURITY_YAMA
|
||||
bool "Yama" if SECURITY_YAMA=y
|
||||
|
||||
config DEFAULT_SECURITY_PFT
|
||||
bool "PFT" if SECURITY_PFT=y
|
||||
|
||||
config DEFAULT_SECURITY_DAC
|
||||
bool "Unix Discretionary Access Controls"
|
||||
|
||||
|
@ -165,6 +179,7 @@ config DEFAULT_SECURITY
|
|||
default "tomoyo" if DEFAULT_SECURITY_TOMOYO
|
||||
default "apparmor" if DEFAULT_SECURITY_APPARMOR
|
||||
default "yama" if DEFAULT_SECURITY_YAMA
|
||||
default "pft" if DEFAULT_SECURITY_PFT
|
||||
default "" if DEFAULT_SECURITY_DAC
|
||||
|
||||
endmenu
|
||||
|
|
Loading…
Reference in New Issue