Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6

author: Linus Torvalds <torvalds@g5.osdl.org> 2006-01-04 16:27:41 -0800
committer: Linus Torvalds <torvalds@g5.osdl.org> 2006-01-04 16:27:41 -0800
commit: d347da0deffa1d8f88f0d270eab040e4707c9916 (patch)
tree: e0911f2ef4d36a7b44f7a5379feabebbd37dcfc4 /security/Kconfig
parent: c6c88bbde4d8b2ffe9886b7130b2e23781d424e5 (diff)
parent: 74cb8798222bb7d1aecb0acb91e6eeedf5feb948 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig
index 64d3f1e9ca8..34f593410d5 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -54,6 +54,19 @@ config SECURITY_NETWORK
 	  implement socket and networking access controls.
 	  If you are unsure how to answer this question, answer N.
 
+config SECURITY_NETWORK_XFRM
+	bool "XFRM (IPSec) Networking Security Hooks"
+	depends on XFRM && SECURITY_NETWORK
+	help
+	  This enables the XFRM (IPSec) networking security hooks.
+	  If enabled, a security module can use these hooks to
+	  implement per-packet access controls based on labels
+	  derived from IPSec policy.  Non-IPSec communications are
+	  designated as unlabelled, and only sockets authorized
+	  to communicate unlabelled data can send without using
+	  IPSec.
+	  If you are unsure how to answer this question, answer N.
+
 config SECURITY_CAPABILITIES
 	tristate "Default Linux Capabilities"
 	depends on SECURITY
author	Linus Torvalds <torvalds@g5.osdl.org>	2006-01-04 16:27:41 -0800
committer	Linus Torvalds <torvalds@g5.osdl.org>	2006-01-04 16:27:41 -0800
commit	d347da0deffa1d8f88f0d270eab040e4707c9916 (patch)
tree	e0911f2ef4d36a7b44f7a5379feabebbd37dcfc4 /security/Kconfig
parent	c6c88bbde4d8b2ffe9886b7130b2e23781d424e5 (diff)
parent	74cb8798222bb7d1aecb0acb91e6eeedf5feb948 (diff)