summaryrefslogtreecommitdiffstats
path: root/meta-agl-core/recipes-kernel/linux
diff options
context:
space:
mode:
Diffstat (limited to 'meta-agl-core/recipes-kernel/linux')
-rw-r--r--meta-agl-core/recipes-kernel/linux/linux-agl-config.inc1
-rw-r--r--meta-agl-core/recipes-kernel/linux/linux/selinux.cfg18
2 files changed, 19 insertions, 0 deletions
diff --git a/meta-agl-core/recipes-kernel/linux/linux-agl-config.inc b/meta-agl-core/recipes-kernel/linux/linux-agl-config.inc
index 81cf0189d..b3ac7373e 100644
--- a/meta-agl-core/recipes-kernel/linux/linux-agl-config.inc
+++ b/meta-agl-core/recipes-kernel/linux/linux-agl-config.inc
@@ -39,6 +39,7 @@ AGL_KCONFIG_FRAGMENTS += " \
can-bus.cfg \
fanotify.cfg \
overlayfs.cfg \
+ ${@bb.utils.contains('DISTRO_FEATURES', 'selinux', 'selinux.cfg', '', d)} \
"
AGL_KCONFIG_FRAGMENTS += " ${@bb.utils.contains('AGL_XEN_GUEST_WANTED','1','xen_domu.cfg','',d)}"
diff --git a/meta-agl-core/recipes-kernel/linux/linux/selinux.cfg b/meta-agl-core/recipes-kernel/linux/linux/selinux.cfg
new file mode 100644
index 000000000..86330f110
--- /dev/null
+++ b/meta-agl-core/recipes-kernel/linux/linux/selinux.cfg
@@ -0,0 +1,18 @@
+CONFIG_AUDIT=y
+CONFIG_AUDIT_GENERIC=y
+CONFIG_NETWORK_SECMARK=y
+CONFIG_EXT2_FS_SECURITY=y
+CONFIG_EXT3_FS_SECURITY=y
+CONFIG_EXT4_FS_SECURITY=y
+CONFIG_JFS_SECURITY=y
+CONFIG_REISERFS_FS_SECURITY=y
+CONFIG_JFFS2_FS_SECURITY=y
+CONFIG_SECURITY=y
+CONFIG_SECURITYFS=y
+CONFIG_SECURITY_NETWORK=y
+CONFIG_SECURITY_SELINUX=y
+CONFIG_SECURITY_SELINUX_BOOTPARAM=y
+CONFIG_SECURITY_SELINUX_DISABLE=y
+CONFIG_SECURITY_SELINUX_DEVELOP=y
+CONFIG_SECURITY_SELINUX_AVC_STATS=y
+CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1