# SPDX-License-Identifier: GPL-2.0-only
config SECURITY_SELINUX
- bool "NSA SELinux Support"
+ bool "SELinux Support"
depends on SECURITY_NETWORK && AUDIT && NET && INET
select NETWORK_SECMARK
default n
help
- This selects NSA Security-Enhanced Linux (SELinux).
+ This selects Security-Enhanced Linux (SELinux).
You will also need a policy configuration and a labeled filesystem.
If you are unsure how to answer this question, answer N.
config SECURITY_SELINUX_BOOTPARAM
- bool "NSA SELinux boot parameter"
+ bool "SELinux boot parameter"
depends on SECURITY_SELINUX
default n
help
If you are unsure how to answer this question, answer N.
config SECURITY_SELINUX_DEVELOP
- bool "NSA SELinux Development Support"
+ bool "SELinux Development Support"
depends on SECURITY_SELINUX
default y
help
- This enables the development support option of NSA SELinux,
+ This enables the development support option of SELinux,
which is useful for experimenting with SELinux and developing
policies. If unsure, say Y. With this option enabled, the
kernel will start in permissive mode (log everything, deny nothing)
/sys/fs/selinux/enforce.
config SECURITY_SELINUX_AVC_STATS
- bool "NSA SELinux AVC Statistics"
+ bool "SELinux AVC Statistics"
depends on SECURITY_SELINUX
default y
help
tools such as avcstat.
config SECURITY_SELINUX_SIDTAB_HASH_BITS
- int "NSA SELinux sidtab hashtable size"
+ int "SELinux sidtab hashtable size"
depends on SECURITY_SELINUX
range 8 13
default 9
will ensure that lookups times are short and stable.
config SECURITY_SELINUX_SID2STR_CACHE_SIZE
- int "NSA SELinux SID to context string translation cache size"
+ int "SELinux SID to context string translation cache size"
depends on SECURITY_SELINUX
default 256
help
projects / thirdparty / kernel / linux.git / commitdiff
