diff mbox series

[cip-kernel-config] 5.10.y-cip/arm : Add audit and nftables configs

Message ID 20230515121238.14356-1-Sai.Sathujoda@toshiba-tsip.com (mailing list archive)
State Accepted
Delegated to: Nobuhiro Iwamatsu
Headers show
Series [cip-kernel-config] 5.10.y-cip/arm : Add audit and nftables configs | expand

Commit Message

Sai.Sathujoda@toshiba-tsip.com May 15, 2023, 12:12 p.m. UTC 
From: Sai <Sai.Sathujoda@toshiba-tsip.com>

These kernel configs are required for nftables and auditd package
to work which is used for IEC-62443-4-2 evaluation.

Signed-off-by: Sai <Sai.Sathujoda@toshiba-tsip.com>
---
 5.10.y-cip/arm/qemu_arm_defconfig | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

Comments

Pavel Machek May 15, 2023, 8:25 p.m. UTC | #1 
Hi!

> From: Sai <Sai.Sathujoda@toshiba-tsip.com>
> 
> These kernel configs are required for nftables and auditd package
> to work which is used for IEC-62443-4-2 evaluation.
> 
> Signed-off-by: Sai <Sai.Sathujoda@toshiba-tsip.com>

Looks good to me, but likely we should do similar changes for 6.1.

Best regards,
								Pavel
Nobuhiro Iwamatsu May 15, 2023, 11:44 p.m. UTC | #2 
Hi,

> -----Original Message-----
> From: Sai.Sathujoda@toshiba-tsip.com <Sai.Sathujoda@toshiba-tsip.com>
> Sent: Monday, May 15, 2023 9:13 PM
> To: cip-dev@lists.cip-project.org; iwamatsu nobuhiro(岩松 信洋 ○DITC□
> DIT○OST) <nobuhiro1.iwamatsu@toshiba.co.jp>
> Cc: ashrith sai(TSIP) <Sai.Sathujoda@toshiba-tsip.com>; dinesh
> kumar(TSIP TMIEC ODG Porting) <dinesh.kumar@toshiba-tsip.com>
> Subject: [cip-kernel-config] 5.10.y-cip/arm : Add audit and nftables configs
> 
> From: Sai <Sai.Sathujoda@toshiba-tsip.com>
> 
> These kernel configs are required for nftables and auditd package to work
> which is used for IEC-62443-4-2 evaluation.
> 
> Signed-off-by: Sai <Sai.Sathujoda@toshiba-tsip.com>
> ---
>  5.10.y-cip/arm/qemu_arm_defconfig | 19 +++++++++++++++++++
>  1 file changed, 19 insertions(+)
> 

Applied to master, thanks.

Best regards,
  Nobuhiro
diff mbox series

Patch

diff --git a/5.10.y-cip/arm/qemu_arm_defconfig b/5.10.y-cip/arm/qemu_arm_defconfig
index 58ca273..4cb1344 100644
--- a/5.10.y-cip/arm/qemu_arm_defconfig
+++ b/5.10.y-cip/arm/qemu_arm_defconfig
@@ -1,5 +1,6 @@ 
 CONFIG_SYSVIPC=y
 CONFIG_POSIX_MQUEUE=y
+CONFIG_AUDIT=y
 CONFIG_USELIB=y
 CONFIG_HIGH_RES_TIMERS=y
 CONFIG_IKCONFIG=y
@@ -39,6 +40,24 @@  CONFIG_IP_PNP=y
 CONFIG_IP_PNP_DHCP=y
 CONFIG_IP_PNP_BOOTP=y
 CONFIG_IP_PNP_RARP=y
+CONFIG_NETFILTER_NETLINK=m
+CONFIG_NF_LOG_COMMON=m
+CONFIG_NF_NAT=m
+CONFIG_NF_TABLES=m
+CONFIG_NF_TABLES_INET=y
+CONFIG_NF_TABLES_NETDEV=y
+CONFIG_NFT_CT=m
+CONFIG_NFT_COUNTER=m
+CONFIG_NFT_LOG=m
+CONFIG_NFT_LIMIT=m
+CONFIG_NFT_NAT=m
+CONFIG_NETFILTER=y
+CONFIG_IP_NF_IPTABLES=m
+CONFIG_IP6_NF_IPTABLES=m
+CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m
+CONFIG_NETFILTER_XT_TARGET_LOG=m
+CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m
+CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m
 CONFIG_NETWORK_PHY_TIMESTAMPING=y
 CONFIG_VLAN_8021Q=y
 CONFIG_VLAN_8021Q_GVRP=y