[OS-BUILD PATCH 2/2] redhat/configs: automotive: Disable IPsec Protocols and XFRM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

From: Dorinda Bassey <dbassey@xxxxxxxxxx>

redhat/configs: automotive: Disable IPsec Protocols and XFRM

Upstream Status: RHEL only

Disable The IPsec Protocols and XFRM (IPSec) Networking
Security Hooks and it's related dependencies.

CONFIG_XFRM_* has a dependency on CONFIG_INET_* and
CONFIG_IPV6. Hence, the following:
CONFIG_INET_AH
CONFIG_INET6_AH
CONFIG_INET6_ESP
CONFIG_INET6_IPCOMP
CONFIG_INET6_XFRM_TUNNEL
CONFIG_IPV6
needs to be disabled in automotive.

This is needed to satisfy a requirement of FuSa efforts
for RHIVOS.

Link: https://issues.redhat.com/browse/RHEL-75561

Signed-off-by: Dorinda Bassey <dbassey@xxxxxxxxxx>

diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET6_AH b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_AH
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_AH
@@ -0,0 +1 @@
+# CONFIG_INET6_AH is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET6_XFRM_TUNNEL b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_XFRM_TUNNEL
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_XFRM_TUNNEL
@@ -0,0 +1 @@
+# CONFIG_INET6_XFRM_TUNNEL is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET_AH b/redhat/configs/rhel/automotive/generic/CONFIG_INET_AH
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET_AH
@@ -0,0 +1 @@
+# CONFIG_INET_AH is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET_ESP b/redhat/configs/rhel/automotive/generic/CONFIG_INET_ESP
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET_ESP
@@ -0,0 +1 @@
+# CONFIG_INET_ESP is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET_IPCOMP b/redhat/configs/rhel/automotive/generic/CONFIG_INET_IPCOMP
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET_IPCOMP
@@ -0,0 +1 @@
+# CONFIG_INET_IPCOMP is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_NET_IPVTI b/redhat/configs/rhel/automotive/generic/CONFIG_NET_IPVTI
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_NET_IPVTI
@@ -0,0 +1 @@
+# CONFIG_NET_IPVTI is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_SECURITY_NETWORK_XFRM b/redhat/configs/rhel/automotive/generic/CONFIG_SECURITY_NETWORK_XFRM
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_SECURITY_NETWORK_XFRM
@@ -0,0 +1 @@
+# CONFIG_SECURITY_NETWORK_XFRM is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM
@@ -0,0 +1 @@
+# CONFIG_XFRM is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_AH b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_AH
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_AH
@@ -0,0 +1 @@
+# CONFIG_XFRM_AH is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ALGO b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ALGO
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ALGO
@@ -0,0 +1 @@
+# CONFIG_XFRM_ALGO is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESP b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESP
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESP
@@ -0,0 +1 @@
+# CONFIG_XFRM_ESP is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESPINTCP b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESPINTCP
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESPINTCP
@@ -0,0 +1 @@
+# CONFIG_XFRM_ESPINTCP is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_INTERFACE b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_INTERFACE
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_INTERFACE
@@ -0,0 +1 @@
+# CONFIG_XFRM_INTERFACE is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_IPCOMP b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_IPCOMP
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_IPCOMP
@@ -0,0 +1 @@
+# CONFIG_XFRM_IPCOMP is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_MIGRATE b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_MIGRATE
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_MIGRATE
@@ -0,0 +1 @@
+# CONFIG_XFRM_MIGRATE is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_OFFLOAD b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_OFFLOAD
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_OFFLOAD
@@ -0,0 +1 @@
+# CONFIG_XFRM_OFFLOAD is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_STATISTICS b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_STATISTICS
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_STATISTICS
@@ -0,0 +1 @@
+# CONFIG_XFRM_STATISTICS is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_SUB_POLICY b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_SUB_POLICY
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_SUB_POLICY
@@ -0,0 +1 @@
+# CONFIG_XFRM_SUB_POLICY is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER
@@ -0,0 +1 @@
+# CONFIG_XFRM_USER is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER_COMPAT b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER_COMPAT
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER_COMPAT
@@ -0,0 +1 @@
+# CONFIG_XFRM_USER_COMPAT is not set

--
https://gitlab.com/cki-project/kernel-ark/-/merge_requests/3617

-- 
_______________________________________________
kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/kernel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Fedora General Discussion]     [Older Fedora Users Archive]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Announce]     [Fedora Package Review]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Coolkey]     [Yum Users]     [Tux]     [Yosemite News]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [USB]     [Asterisk PBX]

  Powered by Linux