[yocto] [meta-security][PATCH 2/2] smack kernel: add smack kernel config fragments
Armin Kuster
akuster808 at gmail.com
Wed Oct 26 08:00:38 PDT 2016
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
recipes-kernel/linux/linux-yocto-4.8/smack-default-lsm.cfg | 2 ++
recipes-kernel/linux/linux-yocto-4.8/smack.cfg | 8 ++++++++
recipes-kernel/linux/linux-yocto_4.8.bbappend | 5 +++++
3 files changed, 15 insertions(+)
create mode 100644 recipes-kernel/linux/linux-yocto-4.8/smack-default-lsm.cfg
create mode 100644 recipes-kernel/linux/linux-yocto-4.8/smack.cfg
diff --git a/recipes-kernel/linux/linux-yocto-4.8/smack-default-lsm.cfg b/recipes-kernel/linux/linux-yocto-4.8/smack-default-lsm.cfg
new file mode 100644
index 0000000..b5c4845
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto-4.8/smack-default-lsm.cfg
@@ -0,0 +1,2 @@
+CONFIG_DEFAULT_SECURITY="smack"
+CONFIG_DEFAULT_SECURITY_SMACK=y
diff --git a/recipes-kernel/linux/linux-yocto-4.8/smack.cfg b/recipes-kernel/linux/linux-yocto-4.8/smack.cfg
new file mode 100644
index 0000000..62f465a
--- /dev/null
+++ b/recipes-kernel/linux/linux-yocto-4.8/smack.cfg
@@ -0,0 +1,8 @@
+CONFIG_IP_NF_SECURITY=m
+CONFIG_IP6_NF_SECURITY=m
+CONFIG_EXT2_FS_SECURITY=y
+CONFIG_EXT3_FS_SECURITY=y
+CONFIG_EXT4_FS_SECURITY=y
+CONFIG_SECURITY=y
+CONFIG_SECURITY_SMACK=y
+CONFIG_TMPFS_XATTR=y
diff --git a/recipes-kernel/linux/linux-yocto_4.8.bbappend b/recipes-kernel/linux/linux-yocto_4.8.bbappend
index 0e6960e..048e8fd 100644
--- a/recipes-kernel/linux/linux-yocto_4.8.bbappend
+++ b/recipes-kernel/linux/linux-yocto_4.8.bbappend
@@ -5,3 +5,8 @@ SRC_URI += "\
${@bb.utils.contains('DISTRO_FEATURES', 'tpm', ' file://tpm.cfg', '', d)} \
${@bb.utils.contains('DISTRO_FEATURES', 'tpm', ' file://tpm.scc', '', d)} \
"
+
+SRC_URI += "\
+ ${@bb.utils.contains('DISTRO_FEATURES', 'smack', ' file://smack.cfg', '', d)} \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'smack', ' file://smack-default-lsm.cfg', '', d)} \
+"
--
2.7.4
More information about the yocto
mailing list