linux-imx

choice

    prompt "First legacy 'major LSM' to be initialized"

    default DEFAULT_SECURITY_SELINUX if SECURITY_SELINUX

    default DEFAULT_SECURITY_SMACK if SECURITY_SMACK

    default DEFAULT_SECURITY_TOMOYO if SECURITY_TOMOYO

    default DEFAULT_SECURITY_APPARMOR if SECURITY_APPARMOR

    default DEFAULT_SECURITY_DAC

​

    help

      This choice is there only for converting CONFIG_DEFAULT_SECURITY

      in old kernel configs to CONFIG_LSM in new kernel configs. Don't

      change this choice unless you are creating a fresh kernel config,

      for this choice will be ignored after CONFIG_LSM has been set.

​

      Selects the legacy "major security module" that will be

      initialized first. Overridden by non-default CONFIG_LSM.

​

    config DEFAULT_SECURITY_SELINUX

        bool "SELinux" if SECURITY_SELINUX=y

​

    config DEFAULT_SECURITY_SMACK

        bool "Simplified Mandatory Access Control" if SECURITY_SMACK=y

​

    config DEFAULT_SECURITY_TOMOYO

        bool "TOMOYO" if SECURITY_TOMOYO=y

​

    config DEFAULT_SECURITY_APPARMOR

        bool "AppArmor" if SECURITY_APPARMOR=y

​

    config DEFAULT_SECURITY_DAC

        bool "Unix Discretionary Access Controls"

​

endchoice

​

    default "yama,loadpin,safesetid,integrity,smack,selinux,tomoyo,apparmor" if DEFAULT_SECURITY_SMACK

    default "yama,loadpin,safesetid,integrity,apparmor,selinux,smack,tomoyo" if DEFAULT_SECURITY_APPARMOR

    default "yama,loadpin,safesetid,integrity,tomoyo" if DEFAULT_SECURITY_TOMOYO

    default "yama,loadpin,safesetid,integrity" if DEFAULT_SECURITY_DAC