apparmor: add the ability to report a sha1 hash of loaded policy Provide userspace the ability to introspect a sha1 hash value for each profile currently loaded. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com>

commit: f8eb8a1324e81927b2c64823b2fc38386efd3fef [log] [tgz]
author: John Johansen <john.johansen@canonical.com> Wed Aug 14 11:27:36 2013 -0700
committer: John Johansen <john.johansen@canonical.com> Wed Aug 14 11:42:08 2013 -0700
tree: 78ef80523807aeb5b084b29f8b698601c71292b2
parent: 84f1f787421cd83bb7dfb34d584586f6a5fe7baa [diff] [blame]
diff --git a/security/apparmor/Kconfig b/security/apparmor/Kconfig
index 9b9013b..d49c539 100644
--- a/security/apparmor/Kconfig
+++ b/security/apparmor/Kconfig

@@ -29,3 +29,15 @@
 	  boot.
 
 	  If you are unsure how to answer this question, answer 1.
+
+config SECURITY_APPARMOR_HASH
+	bool "SHA1 hash of loaded profiles"
+	depends on SECURITY_APPARMOR
+	depends on CRYPTO
+	select CRYPTO_SHA1
+	default y
+
+	help
+	  This option selects whether sha1 hashing is done against loaded
+          profiles and exported for inspection to user space via the apparmor
+          filesystem.
commit	f8eb8a1324e81927b2c64823b2fc38386efd3fef	[log] [tgz]
author	John Johansen <john.johansen@canonical.com>	Wed Aug 14 11:27:36 2013 -0700
committer	John Johansen <john.johansen@canonical.com>	Wed Aug 14 11:42:08 2013 -0700
tree	78ef80523807aeb5b084b29f8b698601c71292b2
parent	84f1f787421cd83bb7dfb34d584586f6a5fe7baa [diff] [blame]