Lines Matching +full:kernel +full:- +full:policy

1 # SPDX-License-Identifier: GPL-2.0-only
11 	  This selects TOMOYO Linux, pathname-based access control.
23 	  that are automatically appended into policy at "learning mode".
36 	  audit logs that the kernel can hold on memory.
37 	  You can read the log via /sys/kernel/security/tomoyo/audit.
41 	bool "Activate without calling userspace policy loader."
45 	  Say Y here if you want to activate access control as soon as built-in
46 	  policy was loaded. This option will be useful for systems where
48 	  needed before loading the policy. For example, you can activate
49 	  immediately after loading the fixed part of policy which will allow
51 	  variant part of policy and verifying (e.g. running GPG check) and
52 	  loading the variant part of policy. Since you can start using
57 	string "Location of userspace policy loader"
58 	default "/sbin/tomoyo-init"
62 	  This is the default pathname of policy loader which is called before
63 	  activation. You can override this setting via TOMOYO_loader= kernel
67 	string "Trigger for calling userspace policy loader"
73 	  You can override this setting via TOMOYO_trigger= kernel command line
78 	bool "Use insecure built-in settings for fuzzing tests."
83 	  Enabling this option forces minimal built-in policy and disables
84 	  domain/program checks for run-time policy modifications. Please enable
85 	  this option only if this kernel is built for doing fuzzing tests.