From: Dorinda Bassey <[email protected]> redhat/configs: automotive: Disable IPsec Protocols and XFRM
Upstream Status: RHEL only Disable The IPsec Protocols and XFRM (IPSec) Networking Security Hooks and it's related dependencies. CONFIG_XFRM_* has a dependency on CONFIG_INET_* and CONFIG_IPV6. Hence, the following: CONFIG_INET_AH CONFIG_INET6_AH CONFIG_INET6_ESP CONFIG_INET6_IPCOMP CONFIG_INET6_XFRM_TUNNEL CONFIG_IPV6 needs to be disabled in automotive. This is needed to satisfy a requirement of FuSa efforts for RHIVOS. Link: https://issues.redhat.com/browse/RHEL-75561 Signed-off-by: Dorinda Bassey <[email protected]> diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET6_AH b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_AH new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_AH @@ -0,0 +1 @@ +# CONFIG_INET6_AH is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET6_XFRM_TUNNEL b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_XFRM_TUNNEL new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET6_XFRM_TUNNEL @@ -0,0 +1 @@ +# CONFIG_INET6_XFRM_TUNNEL is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET_AH b/redhat/configs/rhel/automotive/generic/CONFIG_INET_AH new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET_AH @@ -0,0 +1 @@ +# CONFIG_INET_AH is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET_ESP b/redhat/configs/rhel/automotive/generic/CONFIG_INET_ESP new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET_ESP @@ -0,0 +1 @@ +# CONFIG_INET_ESP is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_INET_IPCOMP b/redhat/configs/rhel/automotive/generic/CONFIG_INET_IPCOMP new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_INET_IPCOMP @@ -0,0 +1 @@ +# CONFIG_INET_IPCOMP is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_NET_IPVTI b/redhat/configs/rhel/automotive/generic/CONFIG_NET_IPVTI new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_NET_IPVTI @@ -0,0 +1 @@ +# CONFIG_NET_IPVTI is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_SECURITY_NETWORK_XFRM b/redhat/configs/rhel/automotive/generic/CONFIG_SECURITY_NETWORK_XFRM new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_SECURITY_NETWORK_XFRM @@ -0,0 +1 @@ +# CONFIG_SECURITY_NETWORK_XFRM is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM @@ -0,0 +1 @@ +# CONFIG_XFRM is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_AH b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_AH new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_AH @@ -0,0 +1 @@ +# CONFIG_XFRM_AH is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ALGO b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ALGO new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ALGO @@ -0,0 +1 @@ +# CONFIG_XFRM_ALGO is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESP b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESP new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESP @@ -0,0 +1 @@ +# CONFIG_XFRM_ESP is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESPINTCP b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESPINTCP new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_ESPINTCP @@ -0,0 +1 @@ +# CONFIG_XFRM_ESPINTCP is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_INTERFACE b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_INTERFACE new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_INTERFACE @@ -0,0 +1 @@ +# CONFIG_XFRM_INTERFACE is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_IPCOMP b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_IPCOMP new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_IPCOMP @@ -0,0 +1 @@ +# CONFIG_XFRM_IPCOMP is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_MIGRATE b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_MIGRATE new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_MIGRATE @@ -0,0 +1 @@ +# CONFIG_XFRM_MIGRATE is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_OFFLOAD b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_OFFLOAD new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_OFFLOAD @@ -0,0 +1 @@ +# CONFIG_XFRM_OFFLOAD is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_STATISTICS b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_STATISTICS new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_STATISTICS @@ -0,0 +1 @@ +# CONFIG_XFRM_STATISTICS is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_SUB_POLICY b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_SUB_POLICY new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_SUB_POLICY @@ -0,0 +1 @@ +# CONFIG_XFRM_SUB_POLICY is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER @@ -0,0 +1 @@ +# CONFIG_XFRM_USER is not set diff --git a/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER_COMPAT b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER_COMPAT new file mode 100644 index blahblah..blahblah 100644 --- /dev/null +++ b/redhat/configs/rhel/automotive/generic/CONFIG_XFRM_USER_COMPAT @@ -0,0 +1 @@ +# CONFIG_XFRM_USER_COMPAT is not set -- https://gitlab.com/cki-project/kernel-ark/-/merge_requests/3617 -- _______________________________________________ kernel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
