diff options
Diffstat (limited to 'meta-security/recipes-kernel/linux/linux-yocto')
3 files changed, 23 insertions, 0 deletions
diff --git a/meta-security/recipes-kernel/linux/linux-yocto/apparmor.cfg b/meta-security/recipes-kernel/linux/linux-yocto/apparmor.cfg new file mode 100644 index 0000000000..1dc4168eea --- /dev/null +++ b/meta-security/recipes-kernel/linux/linux-yocto/apparmor.cfg @@ -0,0 +1,13 @@ +CONFIG_AUDIT=y +CONFIG_AUDITSYSCALL=y +CONFIG_AUDIT_WATCH=y +CONFIG_AUDIT_TREE=y +# CONFIG_NETFILTER_XT_TARGET_AUDIT is not set +CONFIG_SECURITY_PATH=y +# CONFIG_SECURITY_SELINUX is not set +CONFIG_SECURITY_APPARMOR=y +CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_APPARMOR_HASH=y +CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y +CONFIG_INTEGRITY_AUDIT=y +# CONFIG_DEFAULT_SECURITY_APPARMOR is not set diff --git a/meta-security/recipes-kernel/linux/linux-yocto/smack-default-lsm.cfg b/meta-security/recipes-kernel/linux/linux-yocto/smack-default-lsm.cfg new file mode 100644 index 0000000000..b5c48454eb --- /dev/null +++ b/meta-security/recipes-kernel/linux/linux-yocto/smack-default-lsm.cfg @@ -0,0 +1,2 @@ +CONFIG_DEFAULT_SECURITY="smack" +CONFIG_DEFAULT_SECURITY_SMACK=y diff --git a/meta-security/recipes-kernel/linux/linux-yocto/smack.cfg b/meta-security/recipes-kernel/linux/linux-yocto/smack.cfg new file mode 100644 index 0000000000..62f465a452 --- /dev/null +++ b/meta-security/recipes-kernel/linux/linux-yocto/smack.cfg @@ -0,0 +1,8 @@ +CONFIG_IP_NF_SECURITY=m +CONFIG_IP6_NF_SECURITY=m +CONFIG_EXT2_FS_SECURITY=y +CONFIG_EXT3_FS_SECURITY=y +CONFIG_EXT4_FS_SECURITY=y +CONFIG_SECURITY=y +CONFIG_SECURITY_SMACK=y +CONFIG_TMPFS_XATTR=y |