Module Name: src Committed By: martin Date: Wed May 1 09:47:05 UTC 2019
Added Files: src/sys/dev [netbsd-7]: veriexec.config Log Message: Pull up following revision(s), via patch as options differ on the branch (requested by sevan in ticket #1691): sys/dev/veriexec.config: revision 1.1 Add a configuration file for enabling Veriexec in kernel config(5) files. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1.4.2 src/sys/dev/veriexec.config Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Added files: Index: src/sys/dev/veriexec.config diff -u /dev/null src/sys/dev/veriexec.config:1.1.4.2 --- /dev/null Wed May 1 09:47:05 2019 +++ src/sys/dev/veriexec.config Wed May 1 09:47:05 2019 @@ -0,0 +1,21 @@ +# $NetBSD: veriexec.config,v 1.1.4.2 2019/05/01 09:47:05 martin Exp $ +# +# This file contains all Veriexec related configuration. +# It is suitable for inclusion in a kernel config(5) file. +# + +options FILEASSOC # fileassoc(9) - needed by Veriexec + # and PAX_SEGVGUARD + +# a pseudo device needed for veriexec +pseudo-device veriexec +# +# Note that removing fingerprint methods will have almost no impact on the +# kernel code size. +# +options VERIFIED_EXEC_FP_MD5 +options VERIFIED_EXEC_FP_RMD160 +options VERIFIED_EXEC_FP_SHA1 +options VERIFIED_EXEC_FP_SHA256 +options VERIFIED_EXEC_FP_SHA384 +options VERIFIED_EXEC_FP_SHA512