Home
last modified time | relevance | path

Searched refs:option (Results 1 – 16 of 16) sorted by relevance

/security/selinux/
DKconfig17 This option adds a kernel parameter 'selinux', which allows SELinux
18 to be disabled at boot. If this option is selected, SELinux
20 command line. The purpose of this option is to allow a single
32 This option enables writing to a selinuxfs node 'disable', which
35 This option is similar to the selinux=0 boot parameter, but is to
40 NOTE: selecting this option will disable the '__ro_after_init'
43 option.
52 This enables the development support option of NSA SELinux,
54 policies. If unsure, say Y. With this option enabled, the
65 This option collects access vector cache statistics to
[all …]
Dhooks.c1040 static int selinux_add_mnt_opt(const char *option, const char *val, int len, in selinux_add_mnt_opt() argument
1047 if (strcmp(option, tokens[i].name) == 0) { in selinux_add_mnt_opt()
/security/tomoyo/
DKconfig48 policy was loaded. This option will be useful for systems where
66 command line option.
76 option. For example, if you pass init=/bin/systemd option, you may
77 want to also pass TOMOYO_trigger=/bin/systemd option.
85 Enabling this option forces minimal built-in policy and disables
87 this option only if this kernel is built for doing fuzzing tests.
/security/integrity/ima/
DKconfig60 Disabling this option will disregard LSM based policy rules.
98 line 'ima_hash=' option.
144 This option allows the root user to see the current policy rules.
151 This option enables local measurement integrity appraisal.
167 This option enables loading an IMA architecture specific policy
175 This option defines an IMA appraisal policy at build time, which
190 This option defines a policy requiring all firmware to be signed,
191 including the regulatory.db. If both this option and
233 This option enables the different "ima_appraise=" modes
256 This option requires that all keys added to the .ima
[all …]
/security/integrity/
DKconfig8 This option enables the integrity subsystem, which is comprised
25 This option enables digital signature verification support
42 This option enables digital signature verification using
51 This option requires that all keys added to the .ima and
81 option adds a kernel parameter 'integrity_audit', which
/security/keys/
DKconfig10 This option provides support for retaining authentication tokens and
32 This option causes the result of the last successful request_key()
50 This option provides a register of persistent per-UID keyrings,
71 This option provides support for holding large keys within the kernel
85 This option provides support for creating, sealing, and unsealing
103 This option provides support for create/encrypting/decrypting keys
118 This option provides support for calculating Diffie-Hellman
Dcompat.c55 COMPAT_SYSCALL_DEFINE5(keyctl, u32, option, in COMPAT_SYSCALL_DEFINE5() argument
58 switch (option) { in COMPAT_SYSCALL_DEFINE5()
150 return keyctl_pkey_e_d_s(option, in COMPAT_SYSCALL_DEFINE5()
Dkeyctl.c1714 SYSCALL_DEFINE5(keyctl, int, option, unsigned long, arg2, unsigned long, arg3, in SYSCALL_DEFINE5() argument
1717 switch (option) { in SYSCALL_DEFINE5()
1838 option, in SYSCALL_DEFINE5()
/security/integrity/evm/
DKconfig39 in the HMAC calculation, enabling this option includes newly defined
54 When this option is enabled, root can add additional xattrs to the
65 This option enables X509 certificate loading from the kernel
74 This option defines X509 certificate path.
/security/
DKconfig17 If this option is not selected, no restrictions will be enforced
30 If this option is not selected, the default Linux security
103 This option enables support for booting the kernel with the
158 This option checks for obviously wrong memory regions when
171 This is a temporary option that allows missing usercopy whitelists
175 whitelist size. This option will be removed once it seems like
205 option. However, some of these are dynamically created at
217 disabled, choose this option and then set
DKconfig.hardening23 def_bool $(cc-option,-ftrivial-auto-var-init=pattern)
31 This option enables initialization of stack variables at
108 This option will cause a warning to be printed each time the
118 This option makes the kernel erase the kernel stack before
166 This option provides 'stack_erasing' sysctl, which can be used in
Dcommoncap.c1169 int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3, in cap_task_prctl() argument
1175 switch (option) { in cap_task_prctl()
Dsecurity.c894 int security_add_mnt_opt(const char *option, const char *val, int len, in security_add_mnt_opt() argument
898 option, val, len, mnt_opts); in security_add_mnt_opt()
1708 int security_task_prctl(int option, unsigned long arg2, unsigned long arg3, in security_task_prctl() argument
1716 thisrc = hp->hook.task_prctl(option, arg2, arg3, arg4, arg5); in security_task_prctl()
/security/apparmor/
DKconfig25 This option selects whether introspection of loaded policy
33 This option selects whether sha1 hashing of loaded policy
/security/yama/
Dyama_lsm.c221 static int yama_task_prctl(int option, unsigned long arg2, unsigned long arg3, in yama_task_prctl() argument
227 switch (option) { in yama_task_prctl()
/security/smack/
DKconfig51 receiving process. If this option is selected, the delivery