git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit

author	Bruce Ashfield <bruce.ashfield@gmail.com>
	Fri, 19 Jan 2024 21:14:15 +0000 (16:14 -0500)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Mon, 22 Jan 2024 13:39:06 +0000 (13:39 +0000)
commit	33d3dd8f5469cb0b2999d7f935378899d447b3ce
tree	8a38a0be69a5dab6cd25b3c56fd8a0413e97c427	tree
parent	a0a7f4e43a306598d79b79d02f2953beef3f4528	commit \| diff

linux-yocto/6.1: security/cfg: add configs to harden protection

Integrating the following commit(s) to linux-yocto/.:

1/1 [
    Author: Xiangyu Chen
    Email: xiangyu.chen@windriver.com
    Subject: feature/security: add configs to harden protection
    Date: Tue, 16 Jan 2024 18:22:31 +0800

    Add some configs to harden protection:
      CONFIG_HW_RANDOM_TPM=y Exposing the TPM's Random Number Generator as a hwrng device.
      CONFIG_DEBUG_WX=y Warn on W+X mappings at boot.
      CONFIG_SECURITY_DMESG_RESTRICT=y Restrict unprivileged access to the kernel syslog.
      CONFIG_LDISC_AUTOLOAD=n Disable automatically load TTY Line Disciplines.

Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-kernel/linux/linux-yocto-rt_6.1.bb		diff \| blob \| blame \| history
meta/recipes-kernel/linux/linux-yocto-tiny_6.1.bb		diff \| blob \| blame \| history
meta/recipes-kernel/linux/linux-yocto_6.1.bb		diff \| blob \| blame \| history