--- .config.orig	2008-12-17 13:56:10.000000000 +0900
+++ .config	2008-12-17 13:57:48.000000000 +0900
@@ -56,7 +56,7 @@
 CONFIG_EXPERIMENTAL=y
 CONFIG_LOCK_KERNEL=y
 CONFIG_INIT_ENV_ARG_LIMIT=32
-CONFIG_LOCALVERSION=""
+CONFIG_LOCALVERSION="-xen+ima+vtpm"
 # CONFIG_LOCALVERSION_AUTO is not set
 CONFIG_SWAP=y
 CONFIG_SYSVIPC=y
@@ -2224,7 +2224,7 @@
 CONFIG_TCG_NSC=m
 CONFIG_TCG_ATMEL=m
 CONFIG_TCG_INFINEON=m
-# CONFIG_TCG_XEN is not set
+CONFIG_TCG_XEN=m
 CONFIG_TELCLOCK=m
 CONFIG_DEVPORT=y
 CONFIG_I2C=m
@@ -3446,7 +3446,7 @@
 # CONFIG_XEN_PCIDEV_BACKEND_SLOT is not set
 # CONFIG_XEN_PCIDEV_BACKEND_CONTROLLER is not set
 # CONFIG_XEN_PCIDEV_BE_DEBUG is not set
-# CONFIG_XEN_TPMDEV_BACKEND is not set
+CONFIG_XEN_TPMDEV_BACKEND=m
 CONFIG_XEN_SCSI_BACKEND=m
 CONFIG_XEN_BLKDEV_FRONTEND=y
 CONFIG_XEN_NETDEV_FRONTEND=y
@@ -3807,8 +3807,7 @@
 CONFIG_SECURITY=y
 CONFIG_SECURITY_NETWORK=y
 CONFIG_SECURITY_NETWORK_XFRM=y
-CONFIG_SECURITY_CAPABILITIES=y
-CONFIG_SECURITY_FILE_CAPABILITIES=y
+# CONFIG_SECURITY_CAPABILITIES is not set
 CONFIG_SECURITY_DEFAULT_MMAP_MIN_ADDR=0
 CONFIG_SECURITY_SELINUX=y
 CONFIG_SECURITY_SELINUX_BOOTPARAM=y
@@ -3819,6 +3818,14 @@
 CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
 # CONFIG_SECURITY_SELINUX_ENABLE_SECMARK_DEFAULT is not set
 # CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set
+CONFIG_IMA_MEASURE=y
+CONFIG_IMA_TEST_MODE=y
+CONFIG_IMA_MEASURE_PCR_IDX=10
+# CONFIG_IMA_SKIP_BOOT_AGGREGATE is not set
+# CONFIG_IMA_KMEM_BYPASS_PROTECTION is not set
+# CONFIG_IMA_RAM_BYPASS_PROTECTION is not set
+# CONFIG_IMA_HD_SD_BYPASS_PROTECTION is not set
+# CONFIG_IMA_MEM_BYPASS_PROTECTION is not set
 CONFIG_XOR_BLOCKS=m
 CONFIG_ASYNC_CORE=m
 CONFIG_ASYNC_MEMCPY=m
@@ -3870,7 +3877,7 @@
 CONFIG_CRYPTO_MD4=m
 CONFIG_CRYPTO_MD5=y
 CONFIG_CRYPTO_MICHAEL_MIC=m
-CONFIG_CRYPTO_SHA1=m
+CONFIG_CRYPTO_SHA1=y
 CONFIG_CRYPTO_SHA256=m
 CONFIG_CRYPTO_SHA512=m
 CONFIG_CRYPTO_TGR192=m