[OS-BUILD PATCHv5] redhat/configs: automotive: Disable IPsec Protocols and XFRM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

From: Dorinda Bassey <dbassey@xxxxxxxxxx>

redhat/configs: automotive: Disable IPsec Protocols and XFRM

Upstream Status: RHEL only

Disable The IPsec Protocols and XFRM (IPSec) Networking
Security Hooks and it's related dependencies.

CONFIG_XFRM_* has a dependency on CONFIG_INET_* and
CONFIG_IPV6. Hence, the following:
CONFIG_INET_AH
CONFIG_INET_ESP
CONFIG_INET_IPCOMP
CONFIG_NET_IPVTI
CONFIG_INET6_AH
CONFIG_INET6_ESP
CONFIG_INET6_IPCOMP
CONFIG_IPV6_VTI
CONFIG_IPV6_MIP6
needs to be disabled in automotive.

This is needed to satisfy a requirement of FuSa efforts
for RHIVOS.

Link: https://issues.redhat.com/browse/RHEL-75561

Signed-off-by: Dorinda Bassey <dbassey@xxxxxxxxxx>

diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET6_AH b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_AH
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_AH
@@ -0,0 +1 @@
+# CONFIG_INET6_AH is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET6_ESP b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_ESP
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_ESP
@@ -0,0 +1 @@
+# CONFIG_INET6_ESP is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET6_IPCOMP b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_IPCOMP
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_IPCOMP
@@ -0,0 +1 @@
+# CONFIG_INET6_IPCOMP is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET_AH b/redhat/configs/rhel/automotive/generic/CONFIG_INET_AH
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET_AH
@@ -0,0 +1 @@
+# CONFIG_INET_AH is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET_ESP b/redhat/configs/rhel/automotive/generic/CONFIG_INET_ESP
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET_ESP
@@ -0,0 +1 @@
+# CONFIG_INET_ESP is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET_IPCOMP b/redhat/configs/rhel/automotive/generic/CONFIG_INET_IPCOMP
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET_IPCOMP
@@ -0,0 +1 @@
+# CONFIG_INET_IPCOMP is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_IPV6_MIP6 b/redhat/configs/rhel/automotive/generic/CONFIG_IPV6_MIP6
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_IPV6_MIP6
@@ -0,0 +1 @@
+# CONFIG_IPV6_MIP6 is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_IPV6_VTI b/redhat/configs/rhel/automotive/generic/CONFIG_IPV6_VTI
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_IPV6_VTI
@@ -0,0 +1 @@
+# CONFIG_IPV6_VTI is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_NET_IPVTI b/redhat/configs/rhel/automotive/generic/CONFIG_NET_IPVTI
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_NET_IPVTI
@@ -0,0 +1 @@
+# CONFIG_NET_IPVTI is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_INTERFACE b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_INTERFACE
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_INTERFACE
@@ -0,0 +1 @@
+# CONFIG_XFRM_INTERFACE is not set
diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER
new file mode 100644
index blahblah..blahblah 100644
--- /dev/null
+++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER
@@ -0,0 +1 @@
+# CONFIG_XFRM_USER is not set

--
https://gitlab.com/cki-project/kernel-ark/-/merge_requests/3617

-- 
_______________________________________________
kernel mailing list -- kernel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to kernel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/kernel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Fedora General Discussion]     [Older Fedora Users Archive]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Announce]     [Fedora Package Review]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Coolkey]     [Yum Users]     [Tux]     [Yosemite News]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [USB]     [Asterisk PBX]

  Powered by Linux