From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michael Tremer To: development@lists.ipfire.org Subject: [PATCH 08/13] kernel: Disable network security hooks Date: Fri, 17 Sep 2021 11:42:24 +0000 Message-ID: <20210917114229.10704-8-michael.tremer@ipfire.org> In-Reply-To: <20210917114229.10704-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============6284041438552054204==" List-Id: --===============6284041438552054204== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable This is a feature we do not use and it should therefore be disabled Signed-off-by: Michael Tremer --- config/kernel/kernel.config.aarch64-ipfire | 3 +-- config/kernel/kernel.config.armv6l-ipfire | 3 +-- config/kernel/kernel.config.i586-ipfire | 3 +-- config/kernel/kernel.config.x86_64-ipfire | 3 +-- 4 files changed, 4 insertions(+), 8 deletions(-) diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kerne= l.config.aarch64-ipfire index dbd730e80..15f8cfc6b 100644 --- a/config/kernel/kernel.config.aarch64-ipfire +++ b/config/kernel/kernel.config.aarch64-ipfire @@ -7274,8 +7274,7 @@ CONFIG_KEYS=3Dy CONFIG_SECURITY_DMESG_RESTRICT=3Dy CONFIG_SECURITY=3Dy CONFIG_SECURITYFS=3Dy -CONFIG_SECURITY_NETWORK=3Dy -CONFIG_SECURITY_NETWORK_XFRM=3Dy +# CONFIG_SECURITY_NETWORK is not set # CONFIG_SECURITY_PATH is not set CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=3Dy CONFIG_HARDENED_USERCOPY=3Dy diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel= .config.armv6l-ipfire index 93856d185..fc309c9b3 100644 --- a/config/kernel/kernel.config.armv6l-ipfire +++ b/config/kernel/kernel.config.armv6l-ipfire @@ -7369,8 +7369,7 @@ CONFIG_KEYS=3Dy CONFIG_SECURITY_DMESG_RESTRICT=3Dy CONFIG_SECURITY=3Dy CONFIG_SECURITYFS=3Dy -CONFIG_SECURITY_NETWORK=3Dy -CONFIG_SECURITY_NETWORK_XFRM=3Dy +# CONFIG_SECURITY_NETWORK is not set # CONFIG_SECURITY_PATH is not set CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=3Dy CONFIG_HARDENED_USERCOPY=3Dy diff --git a/config/kernel/kernel.config.i586-ipfire b/config/kernel/kernel.c= onfig.i586-ipfire index 8c99e3a60..08df3d656 100644 --- a/config/kernel/kernel.config.i586-ipfire +++ b/config/kernel/kernel.config.i586-ipfire @@ -6912,8 +6912,7 @@ CONFIG_ENCRYPTED_KEYS=3Dy CONFIG_SECURITY_DMESG_RESTRICT=3Dy CONFIG_SECURITY=3Dy # CONFIG_SECURITYFS is not set -CONFIG_SECURITY_NETWORK=3Dy -# CONFIG_SECURITY_NETWORK_XFRM is not set +# CONFIG_SECURITY_NETWORK is not set # CONFIG_SECURITY_PATH is not set # CONFIG_INTEL_TXT is not set CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=3Dy diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel= .config.x86_64-ipfire index f5c1fce9f..5f8711ac4 100644 --- a/config/kernel/kernel.config.x86_64-ipfire +++ b/config/kernel/kernel.config.x86_64-ipfire @@ -6749,9 +6749,8 @@ CONFIG_KEYS=3Dy CONFIG_SECURITY_DMESG_RESTRICT=3Dy CONFIG_SECURITY=3Dy CONFIG_SECURITYFS=3Dy -CONFIG_SECURITY_NETWORK=3Dy +# CONFIG_SECURITY_NETWORK is not set CONFIG_PAGE_TABLE_ISOLATION=3Dy -# CONFIG_SECURITY_NETWORK_XFRM is not set # CONFIG_SECURITY_PATH is not set # CONFIG_INTEL_TXT is not set CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=3Dy --=20 2.20.1 --===============6284041438552054204==--