arm64: configs: tizen_*: Enable SECURITY_SMACK and disable all other LSM

author Hoegeun Kwon <hoegeun.kwon@samsung.com>

Fri, 4 Dec 2020 04:30:53 +0000 (13:30 +0900)

committer Seung-Woo Kim <sw0312.kim@samsung.com>

Fri, 4 Dec 2020 06:54:29 +0000 (15:54 +0900)
author Hoegeun Kwon <hoegeun.kwon@samsung.com>
Fri, 4 Dec 2020 04:30:53 +0000 (13:30 +0900)
committer Seung-Woo Kim <sw0312.kim@samsung.com>
Fri, 4 Dec 2020 06:54:29 +0000 (15:54 +0900)
diff --git a/arch/arm64/configs/tizen_kvims_defconfig b/arch/arm64/configs/tizen_kvims_defconfig

index 327dd5cec5968690518a00d2439c783b490bfdbe..47d1a657ee04372fad1e790fad231b491d148144 100644 (file)
--- a/arch/arm64/configs/tizen_kvims_defconfig
+++ b/arch/arm64/configs/tizen_kvims_defconfig
@@ -113,6 +113,7 @@ CONFIG_IPV6_MIP6=y
  CONFIG_IPV6_VTI=y
  CONFIG_IPV6_MULTIPLE_TABLES=y
  # CONFIG_ANDROID_PARANOID_NETWORK is not set
+CONFIG_NETWORK_SECMARK=y
  CONFIG_NETFILTER=y
  CONFIG_BRIDGE_NETFILTER=y
  CONFIG_NF_CONNTRACK=y
@@ -771,10 +772,10 @@ CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y
  CONFIG_SECURITY=y
  CONFIG_SECURITYFS=y
  CONFIG_SECURITY_PATH=y
-CONFIG_LSM_MMAP_MIN_ADDR=0
  CONFIG_HARDENED_USERCOPY=y
-CONFIG_SECURITY_SELINUX=y
  CONFIG_SECURITY_SMACK=y
+CONFIG_SECURITY_SMACK_NETFILTER=y
+CONFIG_SECURITY_SMACK_APPEND_SIGNALS=y
  CONFIG_CRYPTO_MICHAEL_MIC=y
  CONFIG_CRYPTO_SHA512=y
  CONFIG_CRYPTO_ANUBIS=m
diff --git a/arch/arm64/configs/tizen_odroidg12_defconfig b/arch/arm64/configs/tizen_odroidg12_defconfig

index 06f821e6040fa539d8ff21b91116ec479f248152..6a42d33e3b5773b637e8d8cf0230c9fce81b037e 100644 (file)
--- a/arch/arm64/configs/tizen_odroidg12_defconfig
+++ b/arch/arm64/configs/tizen_odroidg12_defconfig
@@ -1,6 +1,7 @@
  # CONFIG_LOCALVERSION_AUTO is not set
  CONFIG_SYSVIPC=y
  CONFIG_POSIX_MQUEUE=y
+CONFIG_AUDIT=y
  CONFIG_NO_HZ=y
  CONFIG_HIGH_RES_TIMERS=y
  CONFIG_SCHED_WALT=y
@@ -154,6 +155,7 @@ CONFIG_IPV6_MROUTE=y
  CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y
  CONFIG_IPV6_PIMSM_V2=y
  # CONFIG_ANDROID_PARANOID_NETWORK is not set
+CONFIG_NETWORK_SECMARK=y
  CONFIG_NETFILTER=y
  CONFIG_NETFILTER_DEBUG=y
  CONFIG_NETFILTER_NETLINK_QUEUE=y
@@ -1626,16 +1628,17 @@ CONFIG_AMLOGIC_USER_FAULT=y
  CONFIG_SECURITY_DMESG_RESTRICT=y
  CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y
  CONFIG_SECURITY=y
-CONFIG_LSM_MMAP_MIN_ADDR=0
+CONFIG_SECURITYFS=y
+CONFIG_SECURITY_PATH=y
  CONFIG_HARDENED_USERCOPY=y
-CONFIG_SECURITY_SELINUX=y
  CONFIG_SECURITY_SMACK=y
-CONFIG_SECURITY_APPARMOR=y
-CONFIG_DEFAULT_SECURITY_APPARMOR=y
+CONFIG_SECURITY_SMACK_NETFILTER=y
+CONFIG_SECURITY_SMACK_APPEND_SIGNALS=y
  CONFIG_CRYPTO_AUTHENC=y
  CONFIG_CRYPTO_ECHAINIV=y
  CONFIG_CRYPTO_CMAC=y
  CONFIG_CRYPTO_MICHAEL_MIC=y
+CONFIG_CRYPTO_SHA1=y
  CONFIG_CRYPTO_SHA512=y
  CONFIG_CRYPTO_ANUBIS=m
  CONFIG_CRYPTO_BLOWFISH=m
author	Hoegeun Kwon <hoegeun.kwon@samsung.com>
	Fri, 4 Dec 2020 04:30:53 +0000 (13:30 +0900)
committer	Seung-Woo Kim <sw0312.kim@samsung.com>
	Fri, 4 Dec 2020 06:54:29 +0000 (15:54 +0900)
arch/arm64/configs/tizen_kvims_defconfig		patch \| blob \| history
arch/arm64/configs/tizen_odroidg12_defconfig		patch \| blob \| history