~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/security/smack/Kconfig

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 # SPDX-License-Identifier: GPL-2.0-only
  2 config SECURITY_SMACK
  3         bool "Simplified Mandatory Access Control Kernel Support"
  4         depends on NET
  5         depends on INET
  6         depends on SECURITY
  7         select NETLABEL
  8         select SECURITY_NETWORK
  9         default n
 10         help
 11           This selects the Simplified Mandatory Access Control Kernel.
 12           Smack is useful for sensitivity, integrity, and a variety
 13           of other mandatory security schemes.
 14           If you are unsure how to answer this question, answer N.
 15 
 16 config SECURITY_SMACK_BRINGUP
 17         bool "Reporting on access granted by Smack rules"
 18         depends on SECURITY_SMACK
 19         default n
 20         help
 21           Enable the bring-up ("b") access mode in Smack rules.
 22           When access is granted by a rule with the "b" mode a
 23           message about the access requested is generated. The
 24           intention is that a process can be granted a wide set
 25           of access initially with the bringup mode set on the
 26           rules. The developer can use the information to
 27           identify which rules are necessary and what accesses
 28           may be inappropriate. The developer can reduce the
 29           access rule set once the behavior is well understood.
 30           This is a superior mechanism to the oft abused
 31           "permissive" mode of other systems.
 32           If you are unsure how to answer this question, answer N.
 33 
 34 config SECURITY_SMACK_NETFILTER
 35         bool "Packet marking using secmarks for netfilter"
 36         depends on SECURITY_SMACK
 37         depends on NETWORK_SECMARK
 38         depends on NETFILTER
 39         default n
 40         help
 41           This enables security marking of network packets using
 42           Smack labels.
 43           If you are unsure how to answer this question, answer N.
 44 
 45 config SECURITY_SMACK_APPEND_SIGNALS
 46         bool "Treat delivering signals as an append operation"
 47         depends on SECURITY_SMACK
 48         default n
 49         help
 50           Sending a signal has been treated as a write operation to the
 51           receiving process. If this option is selected, the delivery
 52           will be an append operation instead. This makes it possible
 53           to differentiate between delivering a network packet and
 54           delivering a signal in the Smack rules.
 55           If you are unsure how to answer this question, answer N.

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php