diff options
| author | Thomas Petazzoni <thomas.petazzoni@bootlin.com> | 2020-08-23 21:45:52 -0500 |
|---|---|---|
| committer | Daniel Golle <daniel@makrotopia.org> | 2020-08-31 01:15:41 +0100 |
| commit | 168faef4430240e997c1e85fd32a532bcc9742bd (patch) | |
| tree | 20af4405afa11da932965a3280867fa3c00dc0c0 /config | |
| parent | d3d40cd6a41c2c5a6bd1173ad4471d40a2d3e515 (diff) | |
| download | upstream-168faef4430240e997c1e85fd32a532bcc9742bd.tar.gz upstream-168faef4430240e997c1e85fd32a532bcc9742bd.tar.bz2 upstream-168faef4430240e997c1e85fd32a532bcc9742bd.zip | |
kernel: add options needed for SELinux
This adds a number of options to config/Config-kernel.in so that
packages related to SELinux support can enable the appropriate Linux
kernel support.
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[rebase; add ext4, F2FS, UBIFS, and JFFS2 support; add commit message]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Diffstat (limited to 'config')
| -rw-r--r-- | config/Config-kernel.in | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/config/Config-kernel.in b/config/Config-kernel.in index d666176064..4eaaa4afae 100644 --- a/config/Config-kernel.in +++ b/config/Config-kernel.in @@ -1081,6 +1081,9 @@ config KERNEL_SQUASHFS_FRAGMENT_CACHE_SIZE default 2 if (SMALL_FLASH && !LOW_MEMORY_FOOTPRINT) default 3 +config KERNEL_SQUASHFS_XATTR + bool "Squashfs XATTR support" + # # compile optimiziation setting # @@ -1102,3 +1105,55 @@ config KERNEL_CC_OPTIMIZE_FOR_SIZE your compiler resulting in a smaller kernel. endchoice + +config KERNEL_AUDIT + bool "Auditing support" + +config KERNEL_SECURITY + bool "Enable different security models" + +config KERNEL_SECURITY_NETWORK + bool "Socket and Networking Security Hooks" + select KERNEL_SECURITY + +config KERNEL_SECURITY_SELINUX + bool "NSA SELinux Support" + select KERNEL_SECURITY_NETWORK + select KERNEL_AUDIT + +config KERNEL_SECURITY_SELINUX_BOOTPARAM + bool "NSA SELinux boot parameter" + depends on KERNEL_SECURITY_SELINUX + +config KERNEL_SECURITY_SELINUX_DISABLE + bool "NSA SELinux runtime disable" + depends on KERNEL_SECURITY_SELINUX + +config KERNEL_SECURITY_SELINUX_DEVELOP + bool "NSA SELinux Development Support" + depends on KERNEL_SECURITY_SELINUX + +choice + prompt "First legacy 'major LSM' to be initialized" + depends on KERNEL_SECURITY_SELINUX + default KERNEL_DEFAULT_SECURITY_SELINUX + + config KERNEL_DEFAULT_SECURITY_SELINUX + bool "SELinux" + + config KERNEL_DEFAULT_SECURITY_DAC + bool "Unix Discretionary Access Controls" + +endchoice + +config KERNEL_EXT4_FS_SECURITY + bool "Ext4 Security Labels" + +config KERNEL_F2FS_FS_SECURITY + bool "F2FS Security Labels" + +config KERNEL_UBIFS_FS_SECURITY + bool "UBIFS Security Labels" + +config KERNEL_JFFS2_FS_SECURITY + bool "JFFS2 Security Labels" |