[TOMOYO #16 25/25] TOMOYO: Update Kconfig and Makefile.

From: Tetsuo Handa
Date: Sun Oct 04 2009 - 09:02:17 EST


This patch switches from TOMOYO 2.2.0 to TOMOYO 2.3.0 .

Signed-off-by: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
---
security/tomoyo/Kconfig | 67 +++++++++++++++++++++++++++++++++++++++++++++++
security/tomoyo/Makefile | 2 -
2 files changed, 68 insertions(+), 1 deletion(-)

--- security-testing-2.6.orig/security/tomoyo/Kconfig
+++ security-testing-2.6/security/tomoyo/Kconfig
@@ -3,9 +3,76 @@ config SECURITY_TOMOYO
depends on SECURITY
select SECURITYFS
select SECURITY_PATH
+ select SECURITY_NETWORK
default n
help
This selects TOMOYO Linux, pathname-based access control.
Required userspace tools and further information may be
found at <http://tomoyo.sourceforge.jp/>.
If you are unsure how to answer this question, answer N.
+
+config SECURITY_TOMOYO_MAX_ACCEPT_ENTRY
+ int "Default maximal count for learning mode"
+ default 2048
+ range 0 2147483647
+ depends on SECURITY_TOMOYO
+ help
+ This is the default value for maximal ACL entries
+ that are automatically appended into policy at "learning mode".
+ Some programs access thousands of objects, so running
+ such programs in "learning mode" dulls the system response
+ and consumes much memory.
+ This is the safeguard for such programs.
+
+config SECURITY_TOMOYO_BUILTIN_INITIALIZERS
+ string "Built-in domain initializer programs"
+ default "/sbin/modprobe /sbin/hotplug"
+ depends on SECURITY_TOMOYO
+ ---help---
+ Some programs are executed from initrd/initramfs before /sbin/init
+ starts.
+
+ Since policy is loaded when /sbin/init starts, it is impossible to
+ run such programs outside the <kernel> domain. Usually it is fine.
+
+ But if such programs continue running when /sbin/init starts, such
+ programs will reside in the <kernel> domain.
+ If such programs executes /bin/sh , you will give the <kernel> domain
+ permission to execute /bin/sh ; I think you don't want to do so.
+
+ This option allows you to chase such programs away from the <kernel>
+ domain so that you won't give the <kernel> domain permission to
+ execute /bin/sh .
+
+config SECURITY_TOMOYO_AUDIT
+ bool "Auditing interface support"
+ default y
+ depends on SECURITY_TOMOYO
+ help
+ This option enables /sys/kernel/security/tomoyo/grant_log and /sys/kernel/security/tomoyo/reject_log
+ interfaces. You may disable these interfaces if you want to apply for
+ HDD-less systems (e.g. embedded systems).
+
+config SECURITY_TOMOYO_MAX_GRANT_LOG
+ int "Default maximal count for grant log"
+ default 1024
+ range 0 2147483647
+ depends on SECURITY_TOMOYO_AUDIT
+ help
+ This is the default value for maximal entries for
+ access grant logs that the kernel can hold on memory.
+ You can read the log via /sys/kernel/security/tomoyo/grant_log.
+ If you don't need access grant logs,
+ you may set this value to 0.
+
+config SECURITY_TOMOYO_MAX_REJECT_LOG
+ int "Default maximal count for reject log"
+ default 1024
+ range 0 2147483647
+ depends on SECURITY_TOMOYO_AUDIT
+ help
+ This is the default value for maximal entries for
+ access reject logs that the kernel can hold on memory.
+ You can read the log via /sys/kernel/security/tomoyo/reject_log.
+ If you don't need access reject logs,
+ you may set this value to 0.
--- security-testing-2.6.orig/security/tomoyo/Makefile
+++ security-testing-2.6/security/tomoyo/Makefile
@@ -1 +1 @@
-obj-y = common.o realpath.o tomoyo.o domain.o file.o
+obj-y = address_group.o gc.o mount.o new-file.o path_group.o audit.o environ.o load_policy.o network.o new-realpath.o securityfs_if.o util.o capability.o condition.o memory.o new-domain.o number_group.o policy_io.o lsm.o

--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/