1 files changed, 17 insertions, 8 deletions

diff --git a/security/selinux/Kconfig b/security/selinux/Kconfig
index 95a186ec0fcb..d30348fbe0df 100644
--- a/security/selinux/Kconfig
+++ b/security/selinux/Kconfig
@@ -1,16 +1,16 @@
 # SPDX-License-Identifier: GPL-2.0-only
 config SECURITY_SELINUX
-	bool "NSA SELinux Support"
+	bool "SELinux Support"
 	depends on SECURITY_NETWORK && AUDIT && NET && INET
 	select NETWORK_SECMARK
 	default n
 	help
-	  This selects NSA Security-Enhanced Linux (SELinux).
+	  This selects Security-Enhanced Linux (SELinux).
 	  You will also need a policy configuration and a labeled filesystem.
 	  If you are unsure how to answer this question, answer N.
 
 config SECURITY_SELINUX_BOOTPARAM
-	bool "NSA SELinux boot parameter"
+	bool "SELinux boot parameter"
 	depends on SECURITY_SELINUX
 	default n
 	help
@@ -24,11 +24,11 @@ config SECURITY_SELINUX_BOOTPARAM
 	  If you are unsure how to answer this question, answer N.
 
 config SECURITY_SELINUX_DEVELOP
-	bool "NSA SELinux Development Support"
+	bool "SELinux Development Support"
 	depends on SECURITY_SELINUX
 	default y
 	help
-	  This enables the development support option of NSA SELinux,
+	  This enables the development support option of SELinux,
 	  which is useful for experimenting with SELinux and developing
 	  policies.  If unsure, say Y.  With this option enabled, the
 	  kernel will start in permissive mode (log everything, deny nothing)
@@ -38,7 +38,7 @@ config SECURITY_SELINUX_DEVELOP
 	  /sys/fs/selinux/enforce.
 
 config SECURITY_SELINUX_AVC_STATS
-	bool "NSA SELinux AVC Statistics"
+	bool "SELinux AVC Statistics"
 	depends on SECURITY_SELINUX
 	default y
 	help
@@ -47,7 +47,7 @@ config SECURITY_SELINUX_AVC_STATS
 	  tools such as avcstat.
 
 config SECURITY_SELINUX_SIDTAB_HASH_BITS
-	int "NSA SELinux sidtab hashtable size"
+	int "SELinux sidtab hashtable size"
 	depends on SECURITY_SELINUX
 	range 8 13
 	default 9
@@ -59,7 +59,7 @@ config SECURITY_SELINUX_SIDTAB_HASH_BITS
 	  will ensure that lookups times are short and stable.
 
 config SECURITY_SELINUX_SID2STR_CACHE_SIZE
-	int "NSA SELinux SID to context string translation cache size"
+	int "SELinux SID to context string translation cache size"
 	depends on SECURITY_SELINUX
 	default 256
 	help
@@ -68,3 +68,12 @@ config SECURITY_SELINUX_SID2STR_CACHE_SIZE
 	  conversion.  Setting this option to 0 disables the cache completely.
 
 	  If unsure, keep the default value.
+
+config SECURITY_SELINUX_DEBUG
+	bool "SELinux kernel debugging support"
+	depends on SECURITY_SELINUX
+	default n
+	help
+	  This enables debugging code designed to help SELinux kernel
+	  developers, unless you know what this does in the kernel code you
+	  should leave this disabled.