blob: e7610ac7854b7b4234db6212bac5c73d4792d82c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
SUMMARY = "A tool for checking the security hardening options of the Linux kernel"
DESCRIPTION = "\
There are plenty of security hardening options for the Linux kernel; Kconfig \
options (compile-time); Kernel cmdline arguments (boot-time); Sysctl \
parameters (runtime). A lot of them have to be enabled manually to make the \
system more secure which is difficult to track. This tool helps with this \
task by checking and reporting about the settings compared to a list of \
recommendation. \
"
HOMEPAGE = "https://github.com/a13xp0p0v/kernel-hardening-checker"
BUGTRACKER = "https://github.com/a13xp0p0v/kernel-hardening-checker/issues"
LICENSE = "GPL-3.0-only"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=d32239bcb673463ab874e80d47fae504"
SRC_URI = "git://github.com/a13xp0p0v/kernel-hardening-checker;protocol=https;branch=master"
SRCREV = "f4dbe258ff3d37489962ea9cf210192ae7ff9280"
PACKAGE_ARCH = "${MACHINE_ARCH}"
RDEPENDS:${PN} = "\
python3-json \
"
# /boot/config is required for the analysis
RRECOMMENDS:${PN}:class-target = "\
kernel-dev \
"
inherit setuptools3
# allow to run on build host, if you don't want it in the image
# oe-run-native kernel-hardening-checker-native kernel-hardening-checker ...
BBCLASSEXTEND = "native"
|
