summaryrefslogtreecommitdiff
path: root/security/ipe/Kconfig
diff options
context:
space:
mode:
Diffstat (limited to 'security/ipe/Kconfig')
-rw-r--r--security/ipe/Kconfig17
1 files changed, 17 insertions, 0 deletions
diff --git a/security/ipe/Kconfig b/security/ipe/Kconfig
new file mode 100644
index 000000000000..e4875fb04883
--- /dev/null
+++ b/security/ipe/Kconfig
@@ -0,0 +1,17 @@
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Integrity Policy Enforcement (IPE) configuration
+#
+
+menuconfig SECURITY_IPE
+ bool "Integrity Policy Enforcement (IPE)"
+ depends on SECURITY && SECURITYFS
+ select PKCS7_MESSAGE_PARSER
+ select SYSTEM_DATA_VERIFICATION
+ help
+ This option enables the Integrity Policy Enforcement LSM
+ allowing users to define a policy to enforce a trust-based access
+ control. A key feature of IPE is a customizable policy to allow
+ admins to reconfigure trust requirements on the fly.
+
+ If unsure, answer N.
generated by cgit v1.2.3-58-ga151 (git 2.39.0) at 2024-11-28 22:27:27 +0000