mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-25 13:14:07 +08:00
ec8f24b7fa
Add SPDX license identifiers to all Make/Kconfig files which: - Have no license information of any form These files fall under the project license, GPL v2 only. The resulting SPDX license identifier is: GPL-2.0-only Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
21 lines
821 B
Plaintext
21 lines
821 B
Plaintext
# SPDX-License-Identifier: GPL-2.0-only
|
|
config SECURITY_LOADPIN
|
|
bool "Pin load of kernel files (modules, fw, etc) to one filesystem"
|
|
depends on SECURITY && BLOCK
|
|
help
|
|
Any files read through the kernel file reading interface
|
|
(kernel modules, firmware, kexec images, security policy)
|
|
can be pinned to the first filesystem used for loading. When
|
|
enabled, any files that come from other filesystems will be
|
|
rejected. This is best used on systems without an initrd that
|
|
have a root filesystem backed by a read-only device such as
|
|
dm-verity or a CDROM.
|
|
|
|
config SECURITY_LOADPIN_ENFORCE
|
|
bool "Enforce LoadPin at boot"
|
|
depends on SECURITY_LOADPIN
|
|
help
|
|
If selected, LoadPin will enforce pinning at boot. If not
|
|
selected, it can be enabled at boot with the kernel parameter
|
|
"loadpin.enforce=1".
|