# SPDX-License-Identifier: GPL-2.0-only
#
# TKernel configuration
#
menuconfig TKERNEL
	bool "Tencent Kernel Features"
	default y

if TKERNEL

config TKERNEL_NONPRIV_NETBIND
	bool "Allow non-privileged user to bind specific low ports"
	default n

config TKERNEL_TTOOLS
	tristate "Tencent Kernel TTools"
	default n

config TKERNEL_NETATOP
	tristate 'Netatop support'
	default n
	depends on NETFILTER
	help
		Netatop module from TKernel

config TKERNEL_SHIELD_MOUNTS
	bool 'Shield mount'
	default n

config TKERNEL_SECURITY_MONITOR
	bool "security monitor"
	default y
	help
		Allow user to add security monitor

config TKERNEL_AEGIS_MODULE
	tristate "ONION aegis module"
	default n
	help
		ONION aegis module

config TKERNEL_IRQ_LATENCY
	tristate "irq latency debug"
	depends on STACKTRACE
	default m
	help
	  This option adds support for irq latency debug.

config TKERNEL_KILL_HOOK
	bool "kill hook"
	default n
	help
	  This option enables the kill hook interface to support
	  kill interception.

config TKERNEL_KILL_BLOCK
	tristate "block kill signal"
	default m
	depends on CGROUPS
	select GLOB
	select TKERNEL_KILL_HOOK
	help
	  This option enables the kill block feature.
	  If the kill signal match the block rule, it will be blocked.
	  This feature is useful to some k8s user who don't allow k8s
	  kill user process.

config TKERNEL_KILL_PROTECT
	tristate "Protect some processes from being killed"
	default m
	select KILL_HOOK
	help
	  This option enables the kill protect feature.
	  If the kill signal match the protect rule, it will be ignored.
	  This feature is useful to some user who don't allow being killed
	  by SIGKILL and SIGTERM.

endif
