Halaman utama Jelajahi Bantuan
Masuk
phreedom2600net
/
linux-libre
Liatin 2
Bintangi 0
Fork 0
Berkas Masalah 0 Tarik Permintaan 0 Wiki
Pohon: 0d5005ec5c
Ranting Tag
linux-libre
/
security
/
loadpin
/
Kconfig

Kconfig 781 B
Riwayat Mentahan

1234567891011121314151617181920 
  1. config SECURITY_LOADPIN
    2. 

  2. 	bool "Pin load of kernel files (modules, fw, etc) to one filesystem"
    3. 

  3. 	depends on SECURITY && BLOCK
    4. 

  4. 	help
    5. 

  5. 	  Any files read through the kernel file reading interface
    6. 

  6. 	  (kernel modules, firmware, kexec images, security policy)
    7. 

  7. 	  can be pinned to the first filesystem used for loading. When
    8. 

  8. 	  enabled, any files that come from other filesystems will be
    9. 

  9. 	  rejected. This is best used on systems without an initrd that
    10. 

  10. 	  have a root filesystem backed by a read-only device such as
    11. 

  11. 	  dm-verity or a CDROM.
    12. 

  12. 

  13. config SECURITY_LOADPIN_ENABLED
    14. 

  14. 	bool "Enforce LoadPin at boot"
    15. 

  15. 	depends on SECURITY_LOADPIN
    16. 

  16. 	help
    17. 

  17. 	  If selected, LoadPin will enforce pinning at boot. If not
    18. 

  18. 	  selected, it can be enabled at boot with the kernel parameter
    19. 

  19. 	  "loadpin.enabled=1".
    20. 

  20.