projects / cascardo / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 86ee306)
CHROMIUM: config: enable Yama
authorKees Cook <keescook@chromium.org>
Mon, 28 Nov 2011 23:39:36 +0000 (15:39 -0800)
committerGrant Grundler <grundler@google.com>
Thu, 24 May 2012 22:06:07 +0000 (15:06 -0700)
Enable the Yama LSM, gaining symlink, hardlink, and ptrace restrictions.

BUG=chromium-os:22137
TEST=x86-alex build, boot, suite_Smoke passes, logging_UserCrash passes,
 security_SymlinkRestrictions, security_HardlinkRestrictions,
 security_ptraceRestriction.
STATUS=Fixed

Change-Id: If55aaff3e6f79a6cc839fca1377d701f2cb0d169
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/12409
Reviewed-by: Olof Johansson <olofj@chromium.org>
chromeos/config/base.config patch | blob | history

diff --git a/chromeos/config/base.config b/chromeos/config/base.config
index c9c07fb..6bf53fa 100644 (file)
--- a/chromeos/config/base.config
+++ b/chromeos/config/base.config
@@ -1223,6 +1223,7 @@ CONFIG_SECURITY_NETWORK=y
 # CONFIG_SECURITY_NETWORK_XFRM is not set
 CONFIG_SECURITY_PATH=y
 # CONFIG_SECURITY_TOMOYO is not set
+CONFIG_SECURITY_YAMA=y
 CONFIG_SELECT_MEMORY_MODEL=y
 # CONFIG_SENSORS_AD7414 is not set
 # CONFIG_SENSORS_AD7418 is not set
Unnamed repository; edit this file 'description' to name the repository.