mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-12-28 03:58:02 +07:00
a3aef94b31
If keys are not enabled, EVM is not visible in the configuration menu. It may be difficult to figure out what to do unless you really know. Other subsystems as NFS, CIFS select keys automatically. This patch does the same. This patch also removes '(TRUSTED_KEYS=y || TRUSTED_KEYS=n)' dependency, which is unnecessary. EVM does not depend on trusted keys, but on encrypted keys. evm.h provides compile time dependency. Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
27 lines
672 B
Plaintext
27 lines
672 B
Plaintext
config EVM
|
|
boolean "EVM support"
|
|
depends on SECURITY
|
|
select KEYS
|
|
select ENCRYPTED_KEYS
|
|
select CRYPTO_HMAC
|
|
select CRYPTO_SHA1
|
|
default n
|
|
help
|
|
EVM protects a file's security extended attributes against
|
|
integrity attacks.
|
|
|
|
If you are unsure how to answer this question, answer N.
|
|
|
|
config EVM_HMAC_VERSION
|
|
int "EVM HMAC version"
|
|
depends on EVM
|
|
default 2
|
|
help
|
|
This options adds EVM HMAC version support.
|
|
1 - original version
|
|
2 - add per filesystem unique identifier (UUID) (default)
|
|
|
|
WARNING: changing the HMAC calculation method or adding
|
|
additional info to the calculation, requires existing EVM
|
|
labeled file systems to be relabeled.
|