diff options
Diffstat (limited to 'security/Kconfig')
| -rw-r--r-- | security/Kconfig | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig index 64d3f1e9ca85..34f593410d57 100644 --- a/security/Kconfig +++ b/security/Kconfig | |||
| @@ -54,6 +54,19 @@ config SECURITY_NETWORK | |||
| 54 | implement socket and networking access controls. | 54 | implement socket and networking access controls. |
| 55 | If you are unsure how to answer this question, answer N. | 55 | If you are unsure how to answer this question, answer N. |
| 56 | 56 | ||
| 57 | config SECURITY_NETWORK_XFRM | ||
| 58 | bool "XFRM (IPSec) Networking Security Hooks" | ||
| 59 | depends on XFRM && SECURITY_NETWORK | ||
| 60 | help | ||
| 61 | This enables the XFRM (IPSec) networking security hooks. | ||
| 62 | If enabled, a security module can use these hooks to | ||
| 63 | implement per-packet access controls based on labels | ||
| 64 | derived from IPSec policy. Non-IPSec communications are | ||
| 65 | designated as unlabelled, and only sockets authorized | ||
| 66 | to communicate unlabelled data can send without using | ||
| 67 | IPSec. | ||
| 68 | If you are unsure how to answer this question, answer N. | ||
| 69 | |||
| 57 | config SECURITY_CAPABILITIES | 70 | config SECURITY_CAPABILITIES |
| 58 | tristate "Default Linux Capabilities" | 71 | tristate "Default Linux Capabilities" |
| 59 | depends on SECURITY | 72 | depends on SECURITY |