OSCL-LXR linux-6.0.1/​security/​smack/​Kconfig	Source navigation Diff markup Identifier search General search
	Version: linux-6.0.1 spark-3.0.0 hadoop-3.2.0-src hadoop-3.3.0-src spark-2.4.7 linux-4.15.13 hadoop-2.7.4-src Revert   Change

 # SPDX-License-Identifier: GPL-2.0-only
 config SECURITY_SMACK
         bool "Simplified Mandatory Access Control Kernel Support"
         depends on NET
         depends on INET
         depends on SECURITY
         select NETLABEL
         select SECURITY_NETWORK
         default n
         help
           This selects the Simplified Mandatory Access Control Kernel.
           Smack is useful for sensitivity, integrity, and a variety
           of other mandatory security schemes.
           If you are unsure how to answer this question, answer N.
 
 config SECURITY_SMACK_BRINGUP
         bool "Reporting on access granted by Smack rules"
         depends on SECURITY_SMACK
         default n
         help
           Enable the bring-up ("b") access mode in Smack rules.
           When access is granted by a rule with the "b" mode a
           message about the access requested is generated. The
           intention is that a process can be granted a wide set
           of access initially with the bringup mode set on the
           rules. The developer can use the information to
           identify which rules are necessary and what accesses
           may be inappropriate. The developer can reduce the
           access rule set once the behavior is well understood.
           This is a superior mechanism to the oft abused
           "permissive" mode of other systems.
           If you are unsure how to answer this question, answer N.
 
 config SECURITY_SMACK_NETFILTER
         bool "Packet marking using secmarks for netfilter"
         depends on SECURITY_SMACK
         depends on NETWORK_SECMARK
         depends on NETFILTER
         default n
         help
           This enables security marking of network packets using
           Smack labels.
           If you are unsure how to answer this question, answer N.
 
 config SECURITY_SMACK_APPEND_SIGNALS
         bool "Treat delivering signals as an append operation"
         depends on SECURITY_SMACK
         default n
         help
           Sending a signal has been treated as a write operation to the
           receiving process. If this option is selected, the delivery
           will be an append operation instead. This makes it possible
           to differentiate between delivering a network packet and
           delivering a signal in the Smack rules.
           If you are unsure how to answer this question, answer N.

This page was automatically generated by the 2.1.0 LXR engine. The LXR team