1 # SPDX-License-Identifier: GPL-2.0-only 2 config SECURITY_SMACK 3 bool "Simplified Mandatory Access Control Kernel Support" 4 depends on NET 5 depends on INET 6 depends on SECURITY 7 select NETLABEL 8 select SECURITY_NETWORK 9 default n 10 help 11 This selects the Simplified Mandatory Access Control Kernel. 12 Smack is useful for sensitivity, integrity, and a variety 13 of other mandatory security schemes. 14 If you are unsure how to answer this question, answer N. 15 16 config SECURITY_SMACK_BRINGUP 17 bool "Reporting on access granted by Smack rules" 18 depends on SECURITY_SMACK 19 default n 20 help 21 Enable the bring-up ("b") access mode in Smack rules. 22 When access is granted by a rule with the "b" mode a 23 message about the access requested is generated. The 24 intention is that a process can be granted a wide set 25 of access initially with the bringup mode set on the 26 rules. The developer can use the information to 27 identify which rules are necessary and what accesses 28 may be inappropriate. The developer can reduce the 29 access rule set once the behavior is well understood. 30 This is a superior mechanism to the oft abused 31 "permissive" mode of other systems. 32 If you are unsure how to answer this question, answer N. 33 34 config SECURITY_SMACK_NETFILTER 35 bool "Packet marking using secmarks for netfilter" 36 depends on SECURITY_SMACK 37 depends on NETWORK_SECMARK 38 depends on NETFILTER 39 default n 40 help 41 This enables security marking of network packets using 42 Smack labels. 43 If you are unsure how to answer this question, answer N. 44 45 config SECURITY_SMACK_APPEND_SIGNALS 46 bool "Treat delivering signals as an append operation" 47 depends on SECURITY_SMACK 48 default n 49 help 50 Sending a signal has been treated as a write operation to the 51 receiving process. If this option is selected, the delivery 52 will be an append operation instead. This makes it possible 53 to differentiate between delivering a network packet and 54 delivering a signal in the Smack rules. 55 If you are unsure how to answer this question, answer N.
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.