linux-yocto/6.1: security/cfg: add configs to harden protection - linux/poky.git

diff options

author	Bruce Ashfield <bruce.ashfield@gmail.com>	2024-01-19 16:14:15 -0500
committer	Steve Sakoman <steve@sakoman.com>	2024-01-31 04:10:24 -1000
commit	38da774fe8cdf6561660549178b2be7c98118092 (patch)
tree	1843304f64e88a50f4a7c7dfdd0452e8d765599b /scripts/lib/devtool/runqemu.py
parent	3f65155a060b9d395cbca6731ca40d8498966a6e (diff)
download	poky-38da774fe8cdf6561660549178b2be7c98118092.tar.gz

linux-yocto/6.1: security/cfg: add configs to harden protection

Integrating the following commit(s) to linux-yocto/.: 1/1 [ Author: Xiangyu Chen Email: xiangyu.chen@windriver.com Subject: feature/security: add configs to harden protection Date: Tue, 16 Jan 2024 18:22:31 +0800 Add some configs to harden protection: CONFIG_HW_RANDOM_TPM=y Exposing the TPM's Random Number Generator as a hwrng device. CONFIG_DEBUG_WX=y Warn on W+X mappings at boot. CONFIG_SECURITY_DMESG_RESTRICT=y Restrict unprivileged access to the kernel syslog. CONFIG_LDISC_AUTOLOAD=n Disable automatically load TTY Line Disciplines. Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> ] (From OE-Core rev: 6ee7b17677a39302bd14acbc2a4bfe5cb247f32e) Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 33d3dd8f5469cb0b2999d7f935378899d447b3ce) Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'scripts/lib/devtool/runqemu.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: