diff options
author | Jakub Kicinski <kuba@kernel.org> | 2020-12-12 12:28:41 -0800 |
---|---|---|
committer | Jakub Kicinski <kuba@kernel.org> | 2020-12-12 12:28:42 -0800 |
commit | e2437ac2f59d96a5f3a2969ac59fa53edd4ee850 (patch) | |
tree | 7891f85695cf8bfd662de6167c02fa277c2fdb03 /security | |
parent | e5795aacd71b697c739f2d193b0e275993d93187 (diff) | |
parent | c7a5899eb26e2a4d516d53f65b6dd67be2228041 (diff) |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
Steffen Klassert says:
====================
pull request (net-next): ipsec-next 2020-12-12
Just one patch this time:
1) Redact the SA keys with kernel lockdown confidentiality.
If enabled, no secret keys are sent to uuserspace.
From Antony Antony.
* 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next:
xfrm: redact SA secret with lockdown confidentiality
====================
Link: https://lore.kernel.org/r/20201212085737.2101294-1-steffen.klassert@secunet.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/security.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/security.c b/security/security.c index 6509f95d203f..fe33c0af264f 100644 --- a/security/security.c +++ b/security/security.c @@ -65,6 +65,7 @@ const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1] = { [LOCKDOWN_PERF] = "unsafe use of perf", [LOCKDOWN_TRACEFS] = "use of tracefs", [LOCKDOWN_XMON_RW] = "xmon read and write access", + [LOCKDOWN_XFRM_SECRET] = "xfrm SA secret", [LOCKDOWN_CONFIDENTIALITY_MAX] = "confidentiality", }; |