summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorJakub Kicinski <kuba@kernel.org>2020-12-12 12:28:41 -0800
committerJakub Kicinski <kuba@kernel.org>2020-12-12 12:28:42 -0800
commite2437ac2f59d96a5f3a2969ac59fa53edd4ee850 (patch)
tree7891f85695cf8bfd662de6167c02fa277c2fdb03 /security
parente5795aacd71b697c739f2d193b0e275993d93187 (diff)
parentc7a5899eb26e2a4d516d53f65b6dd67be2228041 (diff)
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
Steffen Klassert says: ==================== pull request (net-next): ipsec-next 2020-12-12 Just one patch this time: 1) Redact the SA keys with kernel lockdown confidentiality. If enabled, no secret keys are sent to uuserspace. From Antony Antony. * 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next: xfrm: redact SA secret with lockdown confidentiality ==================== Link: https://lore.kernel.org/r/20201212085737.2101294-1-steffen.klassert@secunet.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'security')
-rw-r--r--security/security.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/security/security.c b/security/security.c
index 6509f95d203f..fe33c0af264f 100644
--- a/security/security.c
+++ b/security/security.c
@@ -65,6 +65,7 @@ const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1] = {
[LOCKDOWN_PERF] = "unsafe use of perf",
[LOCKDOWN_TRACEFS] = "use of tracefs",
[LOCKDOWN_XMON_RW] = "xmon read and write access",
+ [LOCKDOWN_XFRM_SECRET] = "xfrm SA secret",
[LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality",
};