Hi Kamal, It might be possible to not do the arch conditional include, but since this is externally used .. I think you have the the right approach.
Can you do a quick v2, and log the reason that we are doing the split ? I assume you are getting x86 configs in ARM builds, and perhaps seeing a warning .. if that is the case, it is fine, but we should log it in the commit And a 2nd question. What branches are you looking at for this ? 5.15+ ? Bruce In message: [kernel-cache][PATCH] features/security: Move x86_64 configs to separate file on 29/03/2022 Kamil Dziezyk wrote: > Signed-off-by: Kamil Dziezyk <[email protected]> > --- > features/security/security-x86_64.cfg | 4 ++++ > features/security/security.cfg | 4 ---- > features/security/security.scc | 4 ++++ > 3 files changed, 8 insertions(+), 4 deletions(-) > create mode 100644 features/security/security-x86_64.cfg > > diff --git a/features/security/security-x86_64.cfg > b/features/security/security-x86_64.cfg > new file mode 100644 > index 00000000..dad137f6 > --- /dev/null > +++ b/features/security/security-x86_64.cfg > @@ -0,0 +1,4 @@ > +# SPDX-License-Identifier: MIT > +# Modern libc no longer needs a fixed-position mapping in userspace, remove > it as a possible target. > +# CONFIG_LEGACY_VSYSCALL_EMULATE is not set > +CONFIG_LEGACY_VSYSCALL_NONE=y > diff --git a/features/security/security.cfg b/features/security/security.cfg > index 475b647e..5befeb90 100644 > --- a/features/security/security.cfg > +++ b/features/security/security.cfg > @@ -26,10 +26,6 @@ CONFIG_STACKPROTECTOR_STRONG=y > CONFIG_EXPERT=y > CONFIG_MODIFY_LDT_SYSCALL=n > > -# Modern libc no longer needs a fixed-position mapping in userspace, remove > it as a possible target. > -# CONFIG_LEGACY_VSYSCALL_EMULATE is not set > -CONFIG_LEGACY_VSYSCALL_NONE=y > - > # Prior to v4.1, assists heap memory attacks; best to keep interface > disabled. > # CONFIG_INET_DIAG is not set > > diff --git a/features/security/security.scc b/features/security/security.scc > index 4abdf457..c6ca31f0 100644 > --- a/features/security/security.scc > +++ b/features/security/security.scc > @@ -3,3 +3,7 @@ define KFEATURE_DESCRIPTION "Enable/disable configurations > that impact kernel se > define KFEATURE_COMPATIBILITY all > > kconf non-hardware security.cfg > + > +if [ "$KARCH" = "x86_64" ]; then > + kconf non-hardware security-x86_64.cfg > +fi > -- > 2.17.1 >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#11106): https://lists.yoctoproject.org/g/linux-yocto/message/11106 Mute This Topic: https://lists.yoctoproject.org/mt/90109661/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
