[4/8] UBUNTU: [Config] Sync LSM config options

Message ID	1403911188-32182-5-git-send-email-tyhicks@canonical.com
State	New
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> From: Tyler Hicks <tyhicks@canonical.com> To: kernel-team@lists.ubuntu.com Subject: [PATCH 4/8] UBUNTU: [Config] Sync LSM config options Date: Fri, 27 Jun 2014 18:19:44 -0500 Message-Id: <1403911188-32182-5-git-send-email-tyhicks@canonical.com> In-Reply-To: <1403911188-32182-1-git-send-email-tyhicks@canonical.com> References: <1403911188-32182-1-git-send-email-tyhicks@canonical.com> Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: kernel-team-bounces@lists.ubuntu.com

Message ID

1403911188-32182-5-git-send-email-tyhicks@canonical.com

State

New

Headers

From: Tyler Hicks <tyhicks@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [PATCH 4/8] UBUNTU: [Config] Sync LSM config options
Date: Fri, 27 Jun 2014 18:19:44 -0500
Message-Id: <1403911188-32182-5-git-send-email-tyhicks@canonical.com>
In-Reply-To: <1403911188-32182-1-git-send-email-tyhicks@canonical.com>
References: <1403911188-32182-1-git-send-email-tyhicks@canonical.com>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: kernel-team-bounces@lists.ubuntu.com

Commit Message

Tyler Hicks June 27, 2014, 11:19 p.m. UTC

Sync with the traditional Ubuntu kernel config options in regards to LSM
options.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
---
 debian.goldfish/config/armhf/config.common.armhf |  1 -
 debian.goldfish/config/config.common.ubuntu      | 13 ++++++++++---
 debian.goldfish/config/i386/config.common.i386   |  1 -
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/debian.goldfish/config/armhf/config.common.armhf b/debian.goldfish/config/armhf/config.common.armhf
index b75129e..9261fc9 100644
--- a/debian.goldfish/config/armhf/config.common.armhf
+++ b/debian.goldfish/config/armhf/config.common.armhf
@@ -186,7 +186,6 @@  CONFIG_RTC_HCTOSYS=y
 CONFIG_RWSEM_GENERIC_SPINLOCK=y
 # CONFIG_SCSI is not set
 # CONFIG_SCSI_DMA is not set
-CONFIG_SECURITY_SMACK=y
 CONFIG_SENSORS_TSL2550=m
 # CONFIG_SERIAL_NONSTANDARD is not set
 CONFIG_SERIO=y
diff --git a/debian.goldfish/config/config.common.ubuntu b/debian.goldfish/config/config.common.ubuntu
index 7c5ef1a..96b0ace 100644
--- a/debian.goldfish/config/config.common.ubuntu
+++ b/debian.goldfish/config/config.common.ubuntu
@@ -705,6 +705,7 @@  CONFIG_DEFAULT_SECURITY_APPARMOR=y
 # CONFIG_DEFAULT_SECURITY_DAC is not set
 # CONFIG_DEFAULT_SECURITY_SELINUX is not set
 # CONFIG_DEFAULT_SECURITY_SMACK is not set
+# CONFIG_DEFAULT_SECURITY_TOMOYO is not set
 # CONFIG_DEFAULT_SECURITY_YAMA is not set
 CONFIG_DEFAULT_TCP_CONG="cubic"
 CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
@@ -2556,12 +2557,18 @@  CONFIG_SECURITY_PATH=y
 CONFIG_SECURITY_SELINUX=y
 CONFIG_SECURITY_SELINUX_AVC_STATS=y
 CONFIG_SECURITY_SELINUX_BOOTPARAM=y
-CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
+CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=0
 CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
 CONFIG_SECURITY_SELINUX_DEVELOP=y
-# CONFIG_SECURITY_SELINUX_DISABLE is not set
+CONFIG_SECURITY_SELINUX_DISABLE=y
 # CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set
-# CONFIG_SECURITY_TOMOYO is not set
+CONFIG_SECURITY_SMACK=y
+CONFIG_SECURITY_TOMOYO=y
+CONFIG_SECURITY_TOMOYO_ACTIVATION_TRIGGER="/sbin/init"
+CONFIG_SECURITY_TOMOYO_MAX_ACCEPT_ENTRY=2048
+CONFIG_SECURITY_TOMOYO_MAX_AUDIT_LOG=1024
+# CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER is not set
+CONFIG_SECURITY_TOMOYO_POLICY_LOADER="/sbin/tomoyo-init"
 CONFIG_SECURITY_YAMA=y
 CONFIG_SECURITY_YAMA_STACKED=y
 # CONFIG_SEEQ8005 is not set
diff --git a/debian.goldfish/config/i386/config.common.i386 b/debian.goldfish/config/i386/config.common.i386
index 696561f..3656ed3 100644
--- a/debian.goldfish/config/i386/config.common.i386
+++ b/debian.goldfish/config/i386/config.common.i386
@@ -186,7 +186,6 @@  CONFIG_RTC_DRV_CMOS=y
 # CONFIG_RWSEM_GENERIC_SPINLOCK is not set
 CONFIG_SCSI=y
 CONFIG_SCSI_DMA=y
-# CONFIG_SECURITY_SMACK is not set
 # CONFIG_SENSORS_TSL2550 is not set
 CONFIG_SERIAL_NONSTANDARD=y
 CONFIG_SERIO=m

[4/8] UBUNTU: [Config] Sync LSM config options

Commit Message

Patch