Module Name: src
Committed By: sevan
Date: Fri Apr 26 18:41:25 UTC 2019
Added Files:
src/sys/dev: veriexec.config
Log Message:
Add a configuration file for enabling Veriexec in kernel config(5) files.
To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1 src/sys/dev/veriexec.config
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Added files:
Index: src/sys/dev/veriexec.config
diff -u /dev/null src/sys/dev/veriexec.config:1.1
--- /dev/null Fri Apr 26 18:41:25 2019
+++ src/sys/dev/veriexec.config Fri Apr 26 18:41:24 2019
@@ -0,0 +1,18 @@
+# $NetBSD: veriexec.config,v 1.1 2019/04/26 18:41:24 sevan Exp $
+#
+# This file contains all Veriexec related configuration.
+# It is suitable for inclusion in a kernel config(5) file.
+#
+
+options FILEASSOC # fileassoc(9) - needed by Veriexec
+ # and PAX_SEGVGUARD
+
+# a pseudo device needed for veriexec
+pseudo-device veriexec
+#
+# Note that removing fingerprint methods will have almost no impact on the
+# kernel code size.
+#
+options VERIFIED_EXEC_FP_SHA256
+options VERIFIED_EXEC_FP_SHA384
+options VERIFIED_EXEC_FP_SHA512
