diff options
| author | Seung-Woo Kim <sw0312.kim@samsung.com> | 2016-08-25 17:16:03 +0900 |
|---|---|---|
| committer | Seung-Woo Kim <sw0312.kim@samsung.com> | 2016-12-14 13:52:44 +0900 |
| commit | add7549f057b9147f5cd64f60917d47dc8eb209d (patch) | |
| tree | 2374eb9279bcae038d5548ac5d71cbd916d0175e | |
| parent | 4b2a5d82e11c21942015c7e02c1ae441955b5d27 (diff) | |
arm64: defconfig: tm2: enable SMACK and AUDIT options for NETFILTER
To support security check of network packet from Tizen platform,
it is required to enable the configs for SMACK_NETFILTER dependent
on NETWORK_SECMARK and AUDIT of NETFILTER.
Change-Id: I684ce5771dbd6e52ee529ede647d36c6561e549e
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
| -rw-r--r-- | arch/arm64/configs/tizen_tm2_defconfig | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/arch/arm64/configs/tizen_tm2_defconfig b/arch/arm64/configs/tizen_tm2_defconfig index 7978f81716c7..dedc842212b0 100644 --- a/arch/arm64/configs/tizen_tm2_defconfig +++ b/arch/arm64/configs/tizen_tm2_defconfig @@ -607,7 +607,7 @@ CONFIG_IPV6_MULTIPLE_TABLES=y # CONFIG_IPV6_SUBTREES is not set # CONFIG_IPV6_MROUTE is not set CONFIG_NETLABEL=y -# CONFIG_NETWORK_SECMARK is not set +CONFIG_NETWORK_SECMARK=y # CONFIG_NET_PTP_CLASSIFY is not set # CONFIG_NETWORK_PHY_TIMESTAMPING is not set CONFIG_NETFILTER=y @@ -625,6 +625,7 @@ CONFIG_NETFILTER_NETLINK_LOG=y CONFIG_NF_CONNTRACK=y CONFIG_NF_LOG_COMMON=y CONFIG_NF_CONNTRACK_MARK=y +# CONFIG_NF_CONNTRACK_SECMARK is not set CONFIG_NF_CONNTRACK_PROCFS=y CONFIG_NF_CONNTRACK_EVENTS=y # CONFIG_NF_CONNTRACK_TIMEOUT is not set @@ -686,7 +687,7 @@ CONFIG_NETFILTER_XT_CONNMARK=y # # Xtables targets # -# CONFIG_NETFILTER_XT_TARGET_AUDIT is not set +CONFIG_NETFILTER_XT_TARGET_AUDIT=y CONFIG_NETFILTER_XT_TARGET_CHECKSUM=y CONFIG_NETFILTER_XT_TARGET_CLASSIFY=y CONFIG_NETFILTER_XT_TARGET_CONNMARK=y @@ -708,6 +709,7 @@ CONFIG_NETFILTER_XT_TARGET_REDIRECT=y # CONFIG_NETFILTER_XT_TARGET_TEE is not set # CONFIG_NETFILTER_XT_TARGET_TPROXY is not set # CONFIG_NETFILTER_XT_TARGET_TRACE is not set +# CONFIG_NETFILTER_XT_TARGET_SECMARK is not set # CONFIG_NETFILTER_XT_TARGET_TCPMSS is not set # CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP is not set @@ -4485,6 +4487,7 @@ CONFIG_SECURITY_NETWORK=y # CONFIG_SECURITY_SELINUX is not set CONFIG_SECURITY_SMACK=y # CONFIG_SECURITY_SMACK_BRINGUP is not set +CONFIG_SECURITY_SMACK_NETFILTER=y # CONFIG_SECURITY_SMACK_PERMISSIVE_MODE is not set # CONFIG_SECURITY_TOMOYO is not set # CONFIG_SECURITY_APPARMOR is not set |