[yocto] [meta-security][PATCH] toyomo: Add kconfig

[Armin Kuster]

Add kernel config to enable toyomo

Signed-off-by: Armin Kuster <akuster at mvista.com>
---
 recipes-kernel/linux/linux-yocto/tomoyo.cfg    | 8 ++++++++
 recipes-kernel/linux/linux-yocto/tomoyo.scc    | 4 ++++
 recipes-kernel/linux/linux-yocto_3.14.bbappend | 4 ++++
 3 files changed, 16 insertions(+)
 create mode 100644 recipes-kernel/linux/linux-yocto/tomoyo.cfg
 create mode 100644 recipes-kernel/linux/linux-yocto/tomoyo.scc
 create mode 100644 recipes-kernel/linux/linux-yocto_3.14.bbappend

diff --git a/recipes-kernel/linux/linux-yocto/tomoyo.cfg b/recipes-kernel/linux/linux-yocto/tomoyo.cfg
new file mode 100644
index 0000000..9fb8228
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto/tomoyo.cfg
@@ -0,0 +1,8 @@
+CONFIG_SECURITY_TOMOYO=y
+CONFIG_SECURITY_TOMOYO_MAX_ACCEPT_ENTRY=2048
+CONFIG_SECURITY_TOMOYO_MAX_AUDIT_LOG=1024
+CONFIG_SECURITY_TOMOYO_POLICY_LOADER="/sbin/tomoyo-init"
+CONFIG_SECURITY_TOMOYO_ACTIVATION_TRIGGER="/sbin/init"
+CONFIG_DEFAULT_SECURITY_TOMOYO=y
+CONFIG_DEFAULT_SECURITY="tomoyo"
+
diff --git a/recipes-kernel/linux/linux-yocto/tomoyo.scc b/recipes-kernel/linux/linux-yocto/tomoyo.scc
new file mode 100644
index 0000000..9080934
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto/tomoyo.scc
@@ -0,0 +1,4 @@
+define KFEATURE_DESCRIPTION "Toyomo Kernel Support"
+define KFEATURE_COMPATIBILITY arch
+
+kconf non-hardware toyomo.cfg
diff --git a/recipes-kernel/linux/linux-yocto_3.14.bbappend b/recipes-kernel/linux/linux-yocto_3.14.bbappend
new file mode 100644
index 0000000..0c742c1
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto_3.14.bbappend
@@ -0,0 +1,4 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+
+# Toyomo kernel support
+SRC_URI += "${@base_contains('DISTRO_FEATURES', 'tomoyo', ' file://tomoyo.cfg', '', d)}"
-- 
1.9.1