From: Michael Tremer <michael.tremer@ipfire.org>
Date: Fri, 5 Nov 2010 22:39:36 +0000 (+0100)
Subject: kernel: Enable support for SELinux.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6ed30ec4f20c41b0d694f0d2272dc4462c542e3d;p=ipfire-3.x.git

kernel: Enable support for SELinux.
---

diff --git a/pkgs/core/kernel/config b/pkgs/core/kernel/config
index e3bbd9927..b0fee4557 100644
--- a/pkgs/core/kernel/config
+++ b/pkgs/core/kernel/config
@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
 # Linux kernel version: 2.6.35.4
-# Sat Sep 18 18:55:00 2010
+# Fri Nov  5 20:40:34 2010
 #
 # CONFIG_64BIT is not set
 CONFIG_X86_32=y
@@ -620,7 +620,7 @@ CONFIG_IPV6_MROUTE=y
 CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y
 CONFIG_IPV6_PIMSM_V2=y
 # CONFIG_NETLABEL is not set
-# CONFIG_NETWORK_SECMARK is not set
+CONFIG_NETWORK_SECMARK=y
 CONFIG_NETFILTER=y
 # CONFIG_NETFILTER_DEBUG is not set
 CONFIG_NETFILTER_ADVANCED=y
@@ -635,6 +635,7 @@ CONFIG_NETFILTER_NETLINK_LOG=m
 CONFIG_NF_CONNTRACK=m
 CONFIG_NF_CT_ACCT=y
 CONFIG_NF_CONNTRACK_MARK=y
+CONFIG_NF_CONNTRACK_SECMARK=y
 CONFIG_NF_CONNTRACK_ZONES=y
 CONFIG_NF_CONNTRACK_EVENTS=y
 CONFIG_NF_CT_PROTO_DCCP=m
@@ -665,6 +666,7 @@ CONFIG_NETFILTER_XT_CONNMARK=m
 #
 CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m
 CONFIG_NETFILTER_XT_TARGET_CONNMARK=m
+CONFIG_NETFILTER_XT_TARGET_CONNSECMARK=m
 CONFIG_NETFILTER_XT_TARGET_CT=m
 CONFIG_NETFILTER_XT_TARGET_DSCP=m
 CONFIG_NETFILTER_XT_TARGET_HL=m
@@ -677,6 +679,7 @@ CONFIG_NETFILTER_XT_TARGET_RATEEST=m
 CONFIG_NETFILTER_XT_TARGET_TEE=m
 CONFIG_NETFILTER_XT_TARGET_TPROXY=m
 CONFIG_NETFILTER_XT_TARGET_TRACE=m
+CONFIG_NETFILTER_XT_TARGET_SECMARK=m
 CONFIG_NETFILTER_XT_TARGET_TCPMSS=m
 CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP=m
 
@@ -3837,7 +3840,15 @@ CONFIG_SECURITY_NETWORK=y
 CONFIG_SECURITY_NETWORK_XFRM=y
 # CONFIG_SECURITY_PATH is not set
 CONFIG_INTEL_TXT=y
-# CONFIG_SECURITY_SELINUX is not set
+CONFIG_LSM_MMAP_MIN_ADDR=65536
+CONFIG_SECURITY_SELINUX=y
+CONFIG_SECURITY_SELINUX_BOOTPARAM=y
+CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=1
+CONFIG_SECURITY_SELINUX_DISABLE=y
+CONFIG_SECURITY_SELINUX_DEVELOP=y
+CONFIG_SECURITY_SELINUX_AVC_STATS=y
+CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
+# CONFIG_SECURITY_SELINUX_POLICYDB_VERSION_MAX is not set
 # CONFIG_SECURITY_TOMOYO is not set
 # CONFIG_IMA is not set
 # CONFIG_DEFAULT_SECURITY_SELINUX is not set
diff --git a/pkgs/core/kernel/kernel.nm b/pkgs/core/kernel/kernel.nm
index be7887b45..b6159868d 100644
--- a/pkgs/core/kernel/kernel.nm
+++ b/pkgs/core/kernel/kernel.nm
@@ -26,7 +26,7 @@ include $(PKGROOT)/Include
 
 PKG_NAME       = linux
 PKG_VER        = 2.6.35.4
-PKG_REL        = 1
+PKG_REL        = 2
 
 PKG_MAINTAINER = Michael Tremer <michael.tremer@ipfire.org>
 PKG_GROUP      = System/Kernels