linux-yocto: Enable SE Linux support

Signed-off-by: Mark Hatle <mark.hatle@windriver.com>

recipes-kernel/linux/linux-yocto/selinux.cfg

@@ -0,0 +1,26 @@
+..........................................................................                                                                         
+.                                WARNING
+.                                      
+. This file is a kernel configuration fragment, and not a full kernel
+. configuration file.  The final kernel configuration is made up of 
+. an assembly of processed fragments, each of which is designed to 
+. capture a specific part of the final configuration (e.g. platform
+. configuration, feature configuration, and board specific hardware
+. configuration).  For more information on kernel configuration, please 
+. consult the product documentation.                                   
+.                                                                     
+..........................................................................                                                                                      
+CONFIG_AUDIT=y
+CONFIG_NETWORK_SECMARK=y
+CONFIG_EXT2_FS_SECURITY=y
+CONFIG_EXT3_FS_SECURITY=y
+CONFIG_REISERFS_FS_SECURITY=y
+CONFIG_SECURITY_NETWORK=y
+CONFIG_SECURITY_SELINUX=y
+CONFIG_SECURITY_SELINUX_BOOTPARAM=y
+CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=0
+CONFIG_SECURITY_SELINUX_DISABLE=y
+CONFIG_SECURITY_SELINUX_DEVELOP=y
+CONFIG_SECURITY_SELINUX_AVC_STATS=y
+CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=1
+CONFIG_AUDIT_GENERIC=y

recipes-kernel/linux/linux-yocto_3.0.bbappend

@@ -0,0 +1,4 @@
+FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
+
+# Enable selinux support in the kernel if the feature is enabled
+SRC_URI += "${@base_contains('DISTRO_FEATURES', 'selinux', 'file://selinux.cfg', '', d)}"