Kconfig - cachepc-linux - Fork of AMDESE/linux with modifications for CachePC side-channel attack

	cachepc-linux Fork of AMDESE/linux with modifications for CachePC side-channel attack
	git clone https://git.sinitax.com/sinitax/cachepc-linux
	Log \| Files \| Refs \| README \| LICENSE \| sfeed.txt

Kconfig (2040B)

      1# SPDX-License-Identifier: GPL-2.0-only
      2config SECURITY_SMACK
      3	bool "Simplified Mandatory Access Control Kernel Support"
      4	depends on NET
      5	depends on INET
      6	depends on SECURITY
      7	select NETLABEL
      8	select SECURITY_NETWORK
      9	default n
     10	help
     11	  This selects the Simplified Mandatory Access Control Kernel.
     12	  Smack is useful for sensitivity, integrity, and a variety
     13	  of other mandatory security schemes.
     14	  If you are unsure how to answer this question, answer N.
     15
     16config SECURITY_SMACK_BRINGUP
     17	bool "Reporting on access granted by Smack rules"
     18	depends on SECURITY_SMACK
     19	default n
     20	help
     21	  Enable the bring-up ("b") access mode in Smack rules.
     22	  When access is granted by a rule with the "b" mode a
     23	  message about the access requested is generated. The
     24	  intention is that a process can be granted a wide set
     25	  of access initially with the bringup mode set on the
     26	  rules. The developer can use the information to
     27	  identify which rules are necessary and what accesses
     28	  may be inappropriate. The developer can reduce the
     29	  access rule set once the behavior is well understood.
     30	  This is a superior mechanism to the oft abused
     31	  "permissive" mode of other systems.
     32	  If you are unsure how to answer this question, answer N.
     33
     34config SECURITY_SMACK_NETFILTER
     35	bool "Packet marking using secmarks for netfilter"
     36	depends on SECURITY_SMACK
     37	depends on NETWORK_SECMARK
     38	depends on NETFILTER
     39	default n
     40	help
     41	  This enables security marking of network packets using
     42	  Smack labels.
     43	  If you are unsure how to answer this question, answer N.
     44
     45config SECURITY_SMACK_APPEND_SIGNALS
     46	bool "Treat delivering signals as an append operation"
     47	depends on SECURITY_SMACK
     48	default n
     49	help
     50	  Sending a signal has been treated as a write operation to the
     51	  receiving process. If this option is selected, the delivery
     52	  will be an append operation instead. This makes it possible
     53	  to differentiate between delivering a network packet and
     54	  delivering a signal in the Smack rules.
     55	  If you are unsure how to answer this question, answer N.