| Mimi Zohar | 3323eec | 2009-02-04 09:06:58 -0500 | [diff] [blame] | 1 | # IBM Integrity Measurement Architecture |
| 2 | # |
| 3 | config IMA |
| 4 | bool "Integrity Measurement Architecture(IMA)" |
| Mimi Zohar | 6c21a7f | 2009-10-22 17:30:13 -0400 | [diff] [blame] | 5 | depends on SECURITY |
| Mimi Zohar | f381c27 | 2011-03-09 14:13:22 -0500 | [diff] [blame] | 6 | select INTEGRITY |
| Mimi Zohar | 3323eec | 2009-02-04 09:06:58 -0500 | [diff] [blame] | 7 | select SECURITYFS |
| 8 | select CRYPTO |
| 9 | select CRYPTO_HMAC |
| 10 | select CRYPTO_MD5 |
| 11 | select CRYPTO_SHA1 |
| Fabio Estevam | f4a0391 | 2012-01-05 12:49:54 -0200 | [diff] [blame] | 12 | select TCG_TPM if HAS_IOMEM && !UML |
| Randy Dunlap | a69f158 | 2012-02-24 11:28:05 -0800 | [diff] [blame] | 13 | select TCG_TIS if TCG_TPM && X86 |
| Kent Yoder | 20328b5 | 2012-08-22 15:01:47 -0500 | [diff] [blame] | 14 | select TCG_IBMVTPM if TCG_TPM && PPC64 |
| Mimi Zohar | 3323eec | 2009-02-04 09:06:58 -0500 | [diff] [blame] | 15 | help |
| 16 | The Trusted Computing Group(TCG) runtime Integrity |
| 17 | Measurement Architecture(IMA) maintains a list of hash |
| 18 | values of executables and other sensitive system files, |
| 19 | as they are read or executed. If an attacker manages |
| 20 | to change the contents of an important system file |
| 21 | being measured, we can tell. |
| 22 | |
| 23 | If your system has a TPM chip, then IMA also maintains |
| 24 | an aggregate integrity value over this list inside the |
| 25 | TPM hardware, so that the TPM can prove to a third party |
| 26 | whether or not critical system files have been modified. |
| 27 | Read <http://www.usenix.org/events/sec04/tech/sailer.html> |
| 28 | to learn more about IMA. |
| 29 | If unsure, say N. |
| 30 | |
| 31 | config IMA_MEASURE_PCR_IDX |
| 32 | int |
| 33 | depends on IMA |
| 34 | range 8 14 |
| 35 | default 10 |
| 36 | help |
| 37 | IMA_MEASURE_PCR_IDX determines the TPM PCR register index |
| 38 | that IMA uses to maintain the integrity aggregate of the |
| 39 | measurement list. If unsure, use the default 10. |
| 40 | |
| 41 | config IMA_AUDIT |
| Dmitry Kasatkin | 417c6c8 | 2012-06-25 12:18:21 +0300 | [diff] [blame] | 42 | bool "Enables auditing support" |
| Mimi Zohar | 3323eec | 2009-02-04 09:06:58 -0500 | [diff] [blame] | 43 | depends on IMA |
| Dmitry Kasatkin | 417c6c8 | 2012-06-25 12:18:21 +0300 | [diff] [blame] | 44 | depends on AUDIT |
| Mimi Zohar | 3323eec | 2009-02-04 09:06:58 -0500 | [diff] [blame] | 45 | default y |
| 46 | help |
| 47 | This option adds a kernel parameter 'ima_audit', which |
| 48 | allows informational auditing messages to be enabled |
| 49 | at boot. If this option is selected, informational integrity |
| 50 | auditing messages can be enabled with 'ima_audit=1' on |
| 51 | the kernel command line. |
| 52 | |
| Mimi Zohar | 4af4662 | 2009-02-04 09:07:00 -0500 | [diff] [blame] | 53 | config IMA_LSM_RULES |
| 54 | bool |
| Randy Dunlap | b53fab9 | 2009-02-12 09:54:14 -0800 | [diff] [blame] | 55 | depends on IMA && AUDIT && (SECURITY_SELINUX || SECURITY_SMACK) |
| Mimi Zohar | 4af4662 | 2009-02-04 09:07:00 -0500 | [diff] [blame] | 56 | default y |
| 57 | help |
| Randy Dunlap | b53fab9 | 2009-02-12 09:54:14 -0800 | [diff] [blame] | 58 | Disabling this option will disregard LSM based policy rules. |
| Mimi Zohar | 2fe5d6d | 2012-02-13 10:15:05 -0500 | [diff] [blame^] | 59 | |
| 60 | config IMA_APPRAISE |
| 61 | bool "Appraise integrity measurements" |
| 62 | depends on IMA |
| 63 | default n |
| 64 | help |
| 65 | This option enables local measurement integrity appraisal. |
| 66 | It requires the system to be labeled with a security extended |
| 67 | attribute containing the file hash measurement. To protect |
| 68 | the security extended attributes from offline attack, enable |
| 69 | and configure EVM. |
| 70 | |
| 71 | For more information on integrity appraisal refer to: |
| 72 | <http://linux-ima.sourceforge.net> |
| 73 | If unsure, say N. |