[linux-yocto] [PATCH 1/4] kernel-cache: add apparmor fragments
Armin Kuster
akuster808 at gmail.com
Sun Aug 11 09:29:25 PDT 2019
Signed-off-by: Armin Kuster <akuster808 at gmail.com>
---
features/apparmor/apparmor.cfg | 7 +++++++
features/apparmor/apparmor.scc | 5 +++++
features/apparmor/apparmor_on_boot.cfg | 1 +
3 files changed, 13 insertions(+)
create mode 100644 features/apparmor/apparmor.cfg
create mode 100644 features/apparmor/apparmor.scc
create mode 100644 features/apparmor/apparmor_on_boot.cfg
diff --git a/features/apparmor/apparmor.cfg b/features/apparmor/apparmor.cfg
new file mode 100644
index 00000000..de242a20
--- /dev/null
+++ b/features/apparmor/apparmor.cfg
@@ -0,0 +1,7 @@
+CONFIG_SECURITYFS=y
+CONFIG_SECURITY_NETWORK=y
+CONFIG_SECURITY_PATH=y
+CONFIG_SECURITY_APPARMOR=y
+CONFIG_SECURITY_APPARMOR_HASH=y
+CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
+CONFIG_DEFAULT_SECURITY_APPARMOR=y
diff --git a/features/apparmor/apparmor.scc b/features/apparmor/apparmor.scc
new file mode 100644
index 00000000..2ff331c4
--- /dev/null
+++ b/features/apparmor/apparmor.scc
@@ -0,0 +1,5 @@
+define KFEATURE_DESCRIPTION "Enable/disable configurations for apparmor security"
+define KFEATURE_COMPATIBILITY all
+
+kconf non-hardware apparmor.cfg
+kconf non-hardware apparmor_on_boot.cfg
diff --git a/features/apparmor/apparmor_on_boot.cfg b/features/apparmor/apparmor_on_boot.cfg
new file mode 100644
index 00000000..fc357401
--- /dev/null
+++ b/features/apparmor/apparmor_on_boot.cfg
@@ -0,0 +1 @@
+CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1
--
2.17.1
More information about the linux-yocto
mailing list