##// END OF EJS Templates
function call fixed
Unknown -
r570:17358baad92c
parent child
Show More
@@ -161,20 +161,20 if [ "$BUILD_KERNEL" = true ] ; then
161 161 set_kernel_config CONFIG_AUDIT y
162 162
163 163 # harden strcpy and memcpy
164 set_kernel_config CONFIG_HARDENED_USERCOPY=y
165 set_kernel_config CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y
166 set_kernel_config CONFIG_FORTIFY_SOURCE=y
164 set_kernel_config CONFIG_HARDENED_USERCOPY y
165 set_kernel_config CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR y
166 set_kernel_config CONFIG_FORTIFY_SOURCE y
167 167
168 168 # integrity sub-system
169 set_kernel_config CONFIG_INTEGRITY=y
170 set_kernel_config CONFIG_INTEGRITY_ASYMMETRIC_KEYS=y
171 set_kernel_config CONFIG_INTEGRITY_AUDIT=y
172 set_kernel_config CONFIG_INTEGRITY_SIGNATURE=y
173 set_kernel_config CONFIG_INTEGRITY_TRUSTED_KEYRING=y
169 set_kernel_config CONFIG_INTEGRITY y
170 set_kernel_config CONFIG_INTEGRITY_ASYMMETRIC_KEYS y
171 set_kernel_config CONFIG_INTEGRITY_AUDIT y
172 set_kernel_config CONFIG_INTEGRITY_SIGNATURE y
173 set_kernel_config CONFIG_INTEGRITY_TRUSTED_KEYRING y
174 174
175 175 # This option provides support for retaining authentication tokens and access keys in the kernel.
176 set_kernel_config CONFIG_KEYS=y
177 set_kernel_config CONFIG_KEYS_COMPAT=y
176 set_kernel_config CONFIG_KEYS y
177 set_kernel_config CONFIG_KEYS_COMPAT y
178 178
179 179 # Apparmor
180 180 set_kernel_config CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE 0
@@ -185,13 +185,13 if [ "$BUILD_KERNEL" = true ] ; then
185 185 set_kernel_config CONFIG_DEFAULT_SECURITY "apparmor"
186 186
187 187 # restrictions on unprivileged users reading the kernel
188 set_kernel_config CONFIG_SECURITY_DMESG_RESTRICT=y
188 set_kernel_config CONFIG_SECURITY_DMESG_RESTRICT y
189 189
190 190 # network security hooks
191 191 set_kernel_config CONFIG_SECURITY_NETWORK y
192 set_kernel_config CONFIG_SECURITY_NETWORK_XFRM=y
193 set_kernel_config CONFIG_SECURITY_PATH=y
194 set_kernel_config CONFIG_SECURITY_YAMA=y
192 set_kernel_config CONFIG_SECURITY_NETWORK_XFRM y
193 set_kernel_config CONFIG_SECURITY_PATH y
194 set_kernel_config CONFIG_SECURITY_YAMA n
195 195
196 196 # New Options
197 197 if [ "$KERNEL_NF" = true ] ; then
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant