summaryrefslogtreecommitdiff
path: root/fs/ubifs/Kconfig
diff options
context:
space:
mode:
authorHyunchul Lee <cheol.lee@lge.com>2017-03-03 16:44:03 +0900
committerRichard Weinberger <richard@nod.at>2017-05-08 20:48:23 +0200
commit8326c1eec2449f0e868f7b19a5fa7bfa0386ab48 (patch)
tree6e960532202962d3b1cda2ce0a8e6a0737518eb5 /fs/ubifs/Kconfig
parent997d30cb7490eb1ac37a3fb02a222fabf1f25fa9 (diff)
ubifs: Add CONFIG_UBIFS_FS_SECURITY to disable/enable security labels
When write syscall is called, every time security label is searched to determine that file's privileges should be changed. If LSM(Linux Security Model) is not used, this is useless. So introduce CONFIG_UBIFS_SECURITY to disable security labels. it's default value is "y". Signed-off-by: Hyunchul Lee <cheol.lee@lge.com> Signed-off-by: Richard Weinberger <richard@nod.at>
Diffstat (limited to 'fs/ubifs/Kconfig')
-rw-r--r--fs/ubifs/Kconfig13
1 files changed, 13 insertions, 0 deletions
diff --git a/fs/ubifs/Kconfig b/fs/ubifs/Kconfig
index b0d0623c83ed..83a961bf7280 100644
--- a/fs/ubifs/Kconfig
+++ b/fs/ubifs/Kconfig
@@ -61,3 +61,16 @@ config UBIFS_FS_ENCRYPTION
feature is similar to ecryptfs, but it is more memory
efficient since it avoids caching the encrypted and
decrypted pages in the page cache.
+
+config UBIFS_FS_SECURITY
+ bool "UBIFS Security Labels"
+ depends on UBIFS_FS
+ default y
+ help
+ Security labels provide an access control facility to support Linux
+ Security Models (LSMs) accepted by AppArmor, SELinux, Smack and TOMOYO
+ Linux. This option enables an extended attribute handler for file
+ security labels in the ubifs filesystem, so that it requires enabling
+ the extended attribute support in advance.
+
+ If you are not using a security module, say N.