From patchwork Sun Apr 20 18:54:03 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Eric Le Bihan <eric.le.bihan.dev@free.fr>
X-Patchwork-Id: 340532
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from whitealder.osuosl.org (whitealder.osuosl.org
	[140.211.166.138])
	by ozlabs.org (Postfix) with ESMTP id 9D8EB14008B
	for <incoming@patchwork.ozlabs.org>;
	Mon, 21 Apr 2014 04:54:20 +1000 (EST)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id 9AED08D29F;
	Sun, 20 Apr 2014 18:54:19 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id fBm4+pRfnDBU; Sun, 20 Apr 2014 18:54:15 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by whitealder.osuosl.org (Postfix) with ESMTP id 7355B8D297;
	Sun, 20 Apr 2014 18:54:14 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from whitealder.osuosl.org (whitealder.osuosl.org
	[140.211.166.138])
	by ash.osuosl.org (Postfix) with ESMTP id 505251BF859
	for <buildroot@lists.busybox.net>;
	Sun, 20 Apr 2014 18:54:12 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id 4D07D8AD5B
	for <buildroot@lists.busybox.net>;
	Sun, 20 Apr 2014 18:54:12 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id AUPrAox+GKbW for <buildroot@lists.busybox.net>;
	Sun, 20 Apr 2014 18:54:10 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from smtp6-g21.free.fr (smtp6-g21.free.fr [212.27.42.6])
	by whitealder.osuosl.org (Postfix) with ESMTP id 3C8CC8B02B
	for <buildroot@buildroot.org>; Sun, 20 Apr 2014 18:54:10 +0000 (UTC)
Received: from localhost.localdomain (unknown [82.227.241.205])
	(Authenticated sender: eric.le.bihan.dev)
	by smtp6-g21.free.fr (Postfix) with ESMTPSA id CD4B782262
	for <buildroot@buildroot.org>; Sun, 20 Apr 2014 20:53:55 +0200 (CEST)
From: Eric Le Bihan <eric.le.bihan.dev@free.fr>
To: buildroot@buildroot.org
Date: Sun, 20 Apr 2014 20:54:03 +0200
Message-Id: <1398020044-21021-2-git-send-email-eric.le.bihan.dev@free.fr>
X-Mailer: git-send-email 1.9.0
In-Reply-To: <1398020044-21021-1-git-send-email-eric.le.bihan.dev@free.fr>
References: <1398020044-21021-1-git-send-email-eric.le.bihan.dev@free.fr>
Subject: [Buildroot] [PATCH 1/2] smack: new package.
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: buildroot-bounces@busybox.net
Sender: buildroot-bounces@busybox.net

SMACK stands for Simplified Mandatory Access Control Kernel. It is a Linux
Security Module which provides a Mandatory Access Control mechanism,
like SELinux, but aiming towards simplicity.

This package provides the tools to load/unload the policy from the
kernel as well as a library allowing applications to interact with
SMACK. The proper kernel options are also set.

Signed-off-by: Eric Le Bihan <eric.le.bihan.dev@free.fr>
---
 linux/linux.mk          |  4 ++++
 package/Config.in       |  1 +
 package/smack/Config.in | 28 ++++++++++++++++++++++++++++
 package/smack/smack.mk  | 14 ++++++++++++++
 4 files changed, 47 insertions(+)
 create mode 100644 package/smack/Config.in
 create mode 100644 package/smack/smack.mk

diff --git a/linux/linux.mk b/linux/linux.mk
index e270705..bd3f2ac 100644
--- a/linux/linux.mk
+++ b/linux/linux.mk
@@ -200,6 +200,10 @@ define LINUX_CONFIGURE_CMDS
 		$(call KCONFIG_ENABLE_OPT,CONFIG_AUTOFS4_FS,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_TMPFS_POSIX_ACL,$(@D)/.config)
 		$(call KCONFIG_ENABLE_OPT,CONFIG_TMPFS_POSIX_XATTR,$(@D)/.config))
+	$(if $(BR2_PACKAGE_SMACK),
+		$(call KCONFIG_ENABLE_OPT,CONFIG_SECURITY,$(@D)/.config)
+		$(call KCONFIG_ENABLE_OPT,CONFIG_SECURITY_SMACK,$(@D)/.config)
+		$(call KCONFIG_ENABLE_OPT,CONFIG_SECURITY_NETWORK,$(@D)/.config))
 	$(if $(BR2_LINUX_KERNEL_APPENDED_DTB),
 		$(call KCONFIG_ENABLE_OPT,CONFIG_ARM_APPENDED_DTB,$(@D)/.config))
 	yes '' | $(TARGET_MAKE_ENV) $(MAKE1) $(LINUX_MAKE_FLAGS) -C $(@D) oldconfig
diff --git a/package/Config.in b/package/Config.in
index 44c35ea..323596e 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1104,6 +1104,7 @@ source "package/quota/Config.in"
 if BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
 source "package/rsyslog/Config.in"
 endif
+source "package/smack/Config.in"
 source "package/supervisor/Config.in"
 if BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
 source "package/sysklogd/Config.in"
diff --git a/package/smack/Config.in b/package/smack/Config.in
new file mode 100644
index 0000000..971b79a
--- /dev/null
+++ b/package/smack/Config.in
@@ -0,0 +1,28 @@
+config BR2_PACKAGE_SMACK
+	bool "smack"
+	help
+	  User space programs and libraries for SMACK.
+
+	  SMACK stands for Simplified Mandatory Access Control Kernel.
+	  It is a Linux Security Module which provides a Mandatory Access
+	  Control mechanism, aimed towards simplicity.
+
+	  This package provides a library which allows applications to work
+	  with SMACK and tools to load/unload rules from the kernel, as well
+	  as query the policy.
+
+	  SMACK requires the following kernel options to be enabled:
+
+	  - CONFIG_SECURITY
+	  - CONFIG_SECURITY_SMACK
+	  - CONFIG_SECURITY_NETWORK
+
+	  These options will be automatically enabled by Buildroot if it is
+	  responsible for building the kernel. Otherwise, if you are building
+	  your kernel outside of Buildroot, make sure these options are
+	  enabled.
+
+	  To activate SMACK, do not forget to add "security=smack" to your
+	  kernel command line.
+
+	  https://github.com/smack-team/smack
diff --git a/package/smack/smack.mk b/package/smack/smack.mk
new file mode 100644
index 0000000..41f71a4
--- /dev/null
+++ b/package/smack/smack.mk
@@ -0,0 +1,14 @@
+################################################################################
+#
+# smack
+#
+################################################################################
+
+SMACK_VERSION = 1.0.4
+SMACK_SITE = $(call github,smack-team,smack,v$(SMACK_VERSION))
+SMACK_LICENSE = LGPLv2.1+
+SMACK_LICENSE_FILES = COPYING
+SMACK_INSTALL_STAGING = YES
+SMACK_AUTORECONF = YES
+
+$(eval $(autotools-package))