--- zzzz-none-000/linux-3.10.107/security/integrity/Kconfig	2017-06-27 09:49:32.000000000 +0000
+++ scorpion-7490-727/linux-3.10.107/security/integrity/Kconfig	2021-02-04 17:41:59.000000000 +0000
@@ -1,11 +1,23 @@
 #
 config INTEGRITY
-	def_bool y
-	depends on IMA || EVM
+	bool "Integrity subsystem"
+	depends on SECURITY
+	default y
+	help
+	  This option enables the integrity subsystem, which is comprised
+	  of a number of different components including the Integrity
+	  Measurement Architecture (IMA), Extended Verification Module
+	  (EVM), IMA-appraisal extension, digital signature verification
+	  extension and audit measurement log support.
+
+	  Each of these components can be enabled/disabled separately.
+	  Refer to the individual components for additional details.
+
+if INTEGRITY
 
 config INTEGRITY_SIGNATURE
-	boolean "Digital signature verification using multiple keyrings"
-	depends on INTEGRITY && KEYS
+	bool "Digital signature verification using multiple keyrings"
+	depends on KEYS
 	default n
 	select SIGNATURE
 	help
@@ -18,7 +30,7 @@
 	  usually only added from initramfs.
 
 config INTEGRITY_ASYMMETRIC_KEYS
-	boolean "Enable asymmetric keys support"
+	bool "Enable asymmetric keys support"
 	depends on INTEGRITY_SIGNATURE
 	default n
         select ASYMMETRIC_KEY_TYPE
@@ -29,5 +41,22 @@
 	  This option enables digital signature verification using
 	  asymmetric keys.
 
+config INTEGRITY_AUDIT
+	bool "Enables integrity auditing support "
+	depends on AUDIT
+	default y
+	help
+	  In addition to enabling integrity auditing support, this
+	  option adds a kernel parameter 'integrity_audit', which
+	  controls the level of integrity auditing messages.
+	  0 - basic integrity auditing messages (default)
+	  1 - additional integrity auditing messages
+
+	  Additional informational integrity auditing messages would
+	  be enabled by specifying 'integrity_audit=1' on the kernel
+	  command line.
+
 source security/integrity/ima/Kconfig
 source security/integrity/evm/Kconfig
+
+endif   # if INTEGRITY