Initial import

1 files changed, 43 insertions, 0 deletions

diff --git a/security/apparmor/Kconfig b/security/apparmor/Kconfig
new file mode 100644
index 000000000..d49c53960
--- /dev/null
+++ b/security/apparmor/Kconfig
@@ -0,0 +1,43 @@
+config SECURITY_APPARMOR
+	bool "AppArmor support"
+	depends on SECURITY && NET
+	select AUDIT
+	select SECURITY_PATH
+	select SECURITYFS
+	select SECURITY_NETWORK
+	default n
+	help
+	  This enables the AppArmor security module.
+	  Required userspace tools (if they are not included in your
+	  distribution) and further information may be found at
+	  http://apparmor.wiki.kernel.org
+
+	  If you are unsure how to answer this question, answer N.
+
+config SECURITY_APPARMOR_BOOTPARAM_VALUE
+	int "AppArmor boot parameter default value"
+	depends on SECURITY_APPARMOR
+	range 0 1
+	default 1
+	help
+	  This option sets the default value for the kernel parameter
+	  'apparmor', which allows AppArmor to be enabled or disabled
+          at boot.  If this option is set to 0 (zero), the AppArmor
+	  kernel parameter will default to 0, disabling AppArmor at
+	  boot.  If this option is set to 1 (one), the AppArmor
+	  kernel parameter will default to 1, enabling AppArmor at
+	  boot.
+
+	  If you are unsure how to answer this question, answer 1.
+
+config SECURITY_APPARMOR_HASH
+	bool "SHA1 hash of loaded profiles"
+	depends on SECURITY_APPARMOR
+	depends on CRYPTO
+	select CRYPTO_SHA1
+	default y
+
+	help
+	  This option selects whether sha1 hashing is done against loaded
+          profiles and exported for inspection to user space via the apparmor
+          filesystem.