Module Name: src
Committed By: martin
Date: Wed May 1 09:47:05 UTC 2019
Added Files:
src/sys/dev [netbsd-7]: veriexec.config
Log Message:
Pull up following revision(s), via patch as options
differ on the branch (requested by sevan in ticket #1691):
sys/dev/veriexec.config: revision 1.1
Add a configuration file for enabling Veriexec in kernel config(5) files.
To generate a diff of this commit:
cvs rdiff -u -r0 -r1.1.4.2 src/sys/dev/veriexec.config
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Added files:
Index: src/sys/dev/veriexec.config
diff -u /dev/null src/sys/dev/veriexec.config:1.1.4.2
--- /dev/null Wed May 1 09:47:05 2019
+++ src/sys/dev/veriexec.config Wed May 1 09:47:05 2019
@@ -0,0 +1,21 @@
+# $NetBSD: veriexec.config,v 1.1.4.2 2019/05/01 09:47:05 martin Exp $
+#
+# This file contains all Veriexec related configuration.
+# It is suitable for inclusion in a kernel config(5) file.
+#
+
+options FILEASSOC # fileassoc(9) - needed by Veriexec
+ # and PAX_SEGVGUARD
+
+# a pseudo device needed for veriexec
+pseudo-device veriexec
+#
+# Note that removing fingerprint methods will have almost no impact on the
+# kernel code size.
+#
+options VERIFIED_EXEC_FP_MD5
+options VERIFIED_EXEC_FP_RMD160
+options VERIFIED_EXEC_FP_SHA1
+options VERIFIED_EXEC_FP_SHA256
+options VERIFIED_EXEC_FP_SHA384
+options VERIFIED_EXEC_FP_SHA512
