summaryrefslogtreecommitdiff
path: root/meta-security/recipes-kernel
diff options
context:
space:
mode:
Diffstat (limited to 'meta-security/recipes-kernel')
-rw-r--r--meta-security/recipes-kernel/linux/linux-stable_5.2.bbappend4
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto-5.0/apparmor.cfg9
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto-5.0/apparmor_on_boot.cfg1
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto-5.0/smack-default-lsm.cfg2
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto-5.0/smack.cfg7
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto-dev.bbappend2
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto/apparmor.cfg15
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto/apparmor_on_boot.cfg1
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto/smack-default-lsm.cfg2
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto/smack.cfg8
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto_4.%.bbappend13
-rw-r--r--meta-security/recipes-kernel/linux/linux-yocto_5.0.%.bbappend11
12 files changed, 8 insertions, 67 deletions
diff --git a/meta-security/recipes-kernel/linux/linux-stable_5.2.bbappend b/meta-security/recipes-kernel/linux/linux-stable_5.2.bbappend
new file mode 100644
index 0000000000..76b5df55ba
--- /dev/null
+++ b/meta-security/recipes-kernel/linux/linux-stable_5.2.bbappend
@@ -0,0 +1,4 @@
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "yama", " features/yama/yama.scc", "" ,d)}"
+
diff --git a/meta-security/recipes-kernel/linux/linux-yocto-5.0/apparmor.cfg b/meta-security/recipes-kernel/linux/linux-yocto-5.0/apparmor.cfg
deleted file mode 100644
index ae6cdcdf0a..0000000000
--- a/meta-security/recipes-kernel/linux/linux-yocto-5.0/apparmor.cfg
+++ /dev/null
@@ -1,9 +0,0 @@
-CONFIG_AUDIT=y
-CONFIG_SECURITY_PATH=y
-CONFIG_SECURITY_APPARMOR=y
-CONFIG_SECURITY_APPARMOR_HASH=y
-CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
-CONFIG_INTEGRITY_AUDIT=y
-CONFIG_DEFAULT_SECURITY_APPARMOR=y
-CONFIG_DEFAULT_SECURITY="apparmor"
-CONFIG_AUDIT_GENERIC=y
diff --git a/meta-security/recipes-kernel/linux/linux-yocto-5.0/apparmor_on_boot.cfg b/meta-security/recipes-kernel/linux/linux-yocto-5.0/apparmor_on_boot.cfg
deleted file mode 100644
index fc35740156..0000000000
--- a/meta-security/recipes-kernel/linux/linux-yocto-5.0/apparmor_on_boot.cfg
+++ /dev/null
@@ -1 +0,0 @@
-CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
diff --git a/meta-security/recipes-kernel/linux/linux-yocto-5.0/smack-default-lsm.cfg b/meta-security/recipes-kernel/linux/linux-yocto-5.0/smack-default-lsm.cfg
deleted file mode 100644
index b5c48454eb..0000000000
--- a/meta-security/recipes-kernel/linux/linux-yocto-5.0/smack-default-lsm.cfg
+++ /dev/null
@@ -1,2 +0,0 @@
-CONFIG_DEFAULT_SECURITY="smack"
-CONFIG_DEFAULT_SECURITY_SMACK=y
diff --git a/meta-security/recipes-kernel/linux/linux-yocto-5.0/smack.cfg b/meta-security/recipes-kernel/linux/linux-yocto-5.0/smack.cfg
deleted file mode 100644
index 0d5fc645c0..0000000000
--- a/meta-security/recipes-kernel/linux/linux-yocto-5.0/smack.cfg
+++ /dev/null
@@ -1,7 +0,0 @@
-CONFIG_NETLABEL=y
-CONFIG_SECURITY_NETWORK=y
-# CONFIG_SECURITY_NETWORK_XFRM is not set
-CONFIG_SECURITY_SMACK=y
-CONFIG_SECURITY_SMACK_BRINGUP=y
-CONFIG_SECURITY_SMACK_APPEND_SIGNALS=y
-CONFIG_TMPFS_XATTR=y
diff --git a/meta-security/recipes-kernel/linux/linux-yocto-dev.bbappend b/meta-security/recipes-kernel/linux/linux-yocto-dev.bbappend
new file mode 100644
index 0000000000..239e30e707
--- /dev/null
+++ b/meta-security/recipes-kernel/linux/linux-yocto-dev.bbappend
@@ -0,0 +1,2 @@
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
++KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
diff --git a/meta-security/recipes-kernel/linux/linux-yocto/apparmor.cfg b/meta-security/recipes-kernel/linux/linux-yocto/apparmor.cfg
deleted file mode 100644
index b5f9bb2a66..0000000000
--- a/meta-security/recipes-kernel/linux/linux-yocto/apparmor.cfg
+++ /dev/null
@@ -1,15 +0,0 @@
-CONFIG_AUDIT=y
-# CONFIG_NETFILTER_XT_TARGET_AUDIT is not set
-CONFIG_SECURITY_NETWORK=y
-# CONFIG_SECURITY_NETWORK_XFRM is not set
-CONFIG_SECURITY_PATH=y
-# CONFIG_SECURITY_SELINUX is not set
-CONFIG_SECURITY_APPARMOR=y
-CONFIG_SECURITY_APPARMOR_HASH=y
-CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
-# CONFIG_SECURITY_APPARMOR_DEBUG is not set
-CONFIG_INTEGRITY_AUDIT=y
-CONFIG_DEFAULT_SECURITY_APPARMOR=y
-# CONFIG_DEFAULT_SECURITY_DAC is not set
-CONFIG_DEFAULT_SECURITY="apparmor"
-CONFIG_AUDIT_GENERIC=y
diff --git a/meta-security/recipes-kernel/linux/linux-yocto/apparmor_on_boot.cfg b/meta-security/recipes-kernel/linux/linux-yocto/apparmor_on_boot.cfg
deleted file mode 100644
index fc35740156..0000000000
--- a/meta-security/recipes-kernel/linux/linux-yocto/apparmor_on_boot.cfg
+++ /dev/null
@@ -1 +0,0 @@
-CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
diff --git a/meta-security/recipes-kernel/linux/linux-yocto/smack-default-lsm.cfg b/meta-security/recipes-kernel/linux/linux-yocto/smack-default-lsm.cfg
deleted file mode 100644
index b5c48454eb..0000000000
--- a/meta-security/recipes-kernel/linux/linux-yocto/smack-default-lsm.cfg
+++ /dev/null
@@ -1,2 +0,0 @@
-CONFIG_DEFAULT_SECURITY="smack"
-CONFIG_DEFAULT_SECURITY_SMACK=y
diff --git a/meta-security/recipes-kernel/linux/linux-yocto/smack.cfg b/meta-security/recipes-kernel/linux/linux-yocto/smack.cfg
deleted file mode 100644
index 62f465a452..0000000000
--- a/meta-security/recipes-kernel/linux/linux-yocto/smack.cfg
+++ /dev/null
@@ -1,8 +0,0 @@
-CONFIG_IP_NF_SECURITY=m
-CONFIG_IP6_NF_SECURITY=m
-CONFIG_EXT2_FS_SECURITY=y
-CONFIG_EXT3_FS_SECURITY=y
-CONFIG_EXT4_FS_SECURITY=y
-CONFIG_SECURITY=y
-CONFIG_SECURITY_SMACK=y
-CONFIG_TMPFS_XATTR=y
diff --git a/meta-security/recipes-kernel/linux/linux-yocto_4.%.bbappend b/meta-security/recipes-kernel/linux/linux-yocto_4.%.bbappend
index 321392c0b4..39d4e6f502 100644
--- a/meta-security/recipes-kernel/linux/linux-yocto_4.%.bbappend
+++ b/meta-security/recipes-kernel/linux/linux-yocto_4.%.bbappend
@@ -1,11 +1,2 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-
-SRC_URI += "\
- ${@bb.utils.contains('DISTRO_FEATURES', 'apparmor', ' file://apparmor.cfg', '', d)} \
- ${@bb.utils.contains('DISTRO_FEATURES', 'apparmor', ' file://apparmor_on_boot.cfg', '', d)} \
-"
-
-SRC_URI += "\
- ${@bb.utils.contains('DISTRO_FEATURES', 'smack', ' file://smack.cfg', '', d)} \
- ${@bb.utils.contains('DISTRO_FEATURES', 'smack', ' file://smack-default-lsm.cfg', '', d)} \
-"
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
diff --git a/meta-security/recipes-kernel/linux/linux-yocto_5.0.%.bbappend b/meta-security/recipes-kernel/linux/linux-yocto_5.0.%.bbappend
deleted file mode 100644
index f810e21120..0000000000
--- a/meta-security/recipes-kernel/linux/linux-yocto_5.0.%.bbappend
+++ /dev/null
@@ -1,11 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}-5.0:"
-
-SRC_URI += "\
- ${@bb.utils.contains('DISTRO_FEATURES', 'apparmor', ' file://apparmor.cfg', '', d)} \
- ${@bb.utils.contains('DISTRO_FEATURES', 'apparmor', ' file://apparmor_on_boot.cfg', '', d)} \
-"
-
-SRC_URI += "\
- ${@bb.utils.contains('DISTRO_FEATURES', 'smack', ' file://smack.cfg', '', d)} \
- ${@bb.utils.contains('DISTRO_FEATURES', 'smack', ' file://smack-default-lsm.cfg', '', d)} \
-"
generated by cgit v1.2.3 (git 2.39.0) at 2024-07-29 05:16:35 +0300