X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=security%2FKconfig;fp=security%2FKconfig;h=34f593410d57cb12070a154bc0fa0b272467dfeb;hb=43bc926fffd92024b46cafaf7350d669ba9ca884;hp=dcf04a09185de5fbd3507e221de81abbe9be90f1;hpb=cee37fe97739d85991964371c1f3a745c00dd236;p=linux-2.6.git

diff --git a/security/Kconfig b/security/Kconfig
index dcf04a091..34f593410 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -35,6 +35,7 @@ config KEYS_DEBUG_PROC_KEYS
 
 config SECURITY
 	bool "Enable different security models"
+	depends on SYSFS
 	help
 	  This allows you to choose different security modules to be
 	  configured into your kernel.
@@ -53,6 +54,19 @@ config SECURITY_NETWORK
 	  implement socket and networking access controls.
 	  If you are unsure how to answer this question, answer N.
 
+config SECURITY_NETWORK_XFRM
+	bool "XFRM (IPSec) Networking Security Hooks"
+	depends on XFRM && SECURITY_NETWORK
+	help
+	  This enables the XFRM (IPSec) networking security hooks.
+	  If enabled, a security module can use these hooks to
+	  implement per-packet access controls based on labels
+	  derived from IPSec policy.  Non-IPSec communications are
+	  designated as unlabelled, and only sockets authorized
+	  to communicate unlabelled data can send without using
+	  IPSec.
+	  If you are unsure how to answer this question, answer N.
+
 config SECURITY_CAPABILITIES
 	tristate "Default Linux Capabilities"
 	depends on SECURITY