summaryrefslogtreecommitdiff
path: root/fs/verity/Kconfig
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2019-07-22 09:26:23 -0700
committerEric Biggers <ebiggers@google.com>2019-08-12 19:33:50 -0700
commit432434c9f8e18cb4cf0fe05bc3eeceada0e10dc6 (patch)
treecfcf57b2bb1fbdb1e9b5739f020b0311405363c0 /fs/verity/Kconfig
parentadd890c9f9d2d1d79184ded72f23b37b164fc673 (diff)
fs-verity: support builtin file signatures
To meet some users' needs, add optional support for having fs-verity handle a portion of the authentication policy in the kernel. An ".fs-verity" keyring is created to which X.509 certificates can be added; then a sysctl 'fs.verity.require_signatures' can be set to cause the kernel to enforce that all fs-verity files contain a signature of their file measurement by a key in this keyring. See the "Built-in signature verification" section of Documentation/filesystems/fsverity.rst for the full documentation. Reviewed-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Eric Biggers <ebiggers@google.com>
Diffstat (limited to 'fs/verity/Kconfig')
-rw-r--r--fs/verity/Kconfig17
1 files changed, 17 insertions, 0 deletions
diff --git a/fs/verity/Kconfig b/fs/verity/Kconfig
index c2bca0b01ecf..88fb25119899 100644
--- a/fs/verity/Kconfig
+++ b/fs/verity/Kconfig
@@ -36,3 +36,20 @@ config FS_VERITY_DEBUG
Enable debugging messages related to fs-verity by default.
Say N unless you are an fs-verity developer.
+
+config FS_VERITY_BUILTIN_SIGNATURES
+ bool "FS Verity builtin signature support"
+ depends on FS_VERITY
+ select SYSTEM_DATA_VERIFICATION
+ help
+ Support verifying signatures of verity files against the X.509
+ certificates that have been loaded into the ".fs-verity"
+ kernel keyring.
+
+ This is meant as a relatively simple mechanism that can be
+ used to provide an authenticity guarantee for verity files, as
+ an alternative to IMA appraisal. Userspace programs still
+ need to check that the verity bit is set in order to get an
+ authenticity guarantee.
+
+ If unsure, say N.