From 23fa18eaa71266feff7ba8d83022d9e1cc83c65a Mon Sep 17 00:00:00 2001 From: hc <hc@nodka.com> Date: Fri, 10 May 2024 07:42:03 +0000 Subject: [PATCH] disable pwm7 --- kernel/security/tomoyo/Kconfig | 17 ++++++++++++++--- 1 files changed, 14 insertions(+), 3 deletions(-) diff --git a/kernel/security/tomoyo/Kconfig b/kernel/security/tomoyo/Kconfig index 404dce6..b9f8671 100644 --- a/kernel/security/tomoyo/Kconfig +++ b/kernel/security/tomoyo/Kconfig @@ -1,3 +1,4 @@ +# SPDX-License-Identifier: GPL-2.0-only config SECURITY_TOMOYO bool "TOMOYO Linux Support" depends on SECURITY @@ -42,7 +43,7 @@ bool "Activate without calling userspace policy loader." default n depends on SECURITY_TOMOYO - ---help--- + help Say Y here if you want to activate access control as soon as built-in policy was loaded. This option will be useful for systems where operations which can lead to the hijacking of the boot sequence are @@ -59,7 +60,7 @@ default "/sbin/tomoyo-init" depends on SECURITY_TOMOYO depends on !SECURITY_TOMOYO_OMIT_USERSPACE_LOADER - ---help--- + help This is the default pathname of policy loader which is called before activation. You can override this setting via TOMOYO_loader= kernel command line option. @@ -69,8 +70,18 @@ default "/sbin/init" depends on SECURITY_TOMOYO depends on !SECURITY_TOMOYO_OMIT_USERSPACE_LOADER - ---help--- + help This is the default pathname of activation trigger. You can override this setting via TOMOYO_trigger= kernel command line option. For example, if you pass init=/bin/systemd option, you may want to also pass TOMOYO_trigger=/bin/systemd option. + +config SECURITY_TOMOYO_INSECURE_BUILTIN_SETTING + bool "Use insecure built-in settings for fuzzing tests." + default n + depends on SECURITY_TOMOYO + select SECURITY_TOMOYO_OMIT_USERSPACE_LOADER + help + Enabling this option forces minimal built-in policy and disables + domain/program checks for run-time policy modifications. Please enable + this option only if this kernel is built for doing fuzzing tests. -- Gitblit v1.6.2