diff options
| author |   Mike Pagano <mpagano@gentoo.org> | 2021-06-08 16:07:11 -0400 |
|---|---|---|
| committer | Mike Pagano <mpagano@gentoo.org> | 2021-06-08 16:07:11 -0400 |
| commit | 042e689970b1b2d89ad38c3cfe339065b5caa397 (patch) | |
| tree | d4b128873daf6ffaf77ee73736b49f2fe42b78f0 | |
| parent | Remove !IA32_EMULATION in KSSP to avoid disabling multilib.Thanks gyakovlev (diff) | |
| download | linux-patches-042e689970b1b2d89ad38c3cfe339065b5caa397.tar.gz linux-patches-042e689970b1b2d89ad38c3cfe339065b5caa397.tar.bz2 linux-patches-042e689970b1b2d89ad38c3cfe339065b5caa397.zip | |
Updates from gyakovlev
Signed-off-by: Mike Pagano <mpagano@gentoo.org>
| -rw-r--r-- | 4567_distro-Gentoo-Kconfig.patch | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/4567_distro-Gentoo-Kconfig.patch b/4567_distro-Gentoo-Kconfig.patch index 9a7a02d6..56adbbd8 100644 --- a/4567_distro-Gentoo-Kconfig.patch +++ b/4567_distro-Gentoo-Kconfig.patch @@ -170,16 +170,16 @@ + visible if GENTOO_LINUX + +config GENTOO_KERNEL_SELF_PROTECTION -+ bool "Architecture Independant Kernel Self Protection Project Recommendations" ++ bool "Architecture Independent Kernel Self Protection Project Recommendations" + + help -+ Recommended Kernel settings based on the suggestions from the Kernel Self Protection Project -+ See: https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings -+ Note, there may be additional settings for which the CONFIG_ setting is invisible in menuconfig due -+ to unmet dependencies. Search for GENTOO_KERNEL_SELF_PROTECTION_{X86_64, ARM64, X86_32, ARM} for -+ dependency information on your specific architecture. -+ Note 2: Please see the URL above for numeric settings, e.g. CONFIG_DEFAULT_MMAP_MIN_ADDR=65536 -+ for X86_64 ++ Recommended Kernel settings based on the suggestions from the Kernel Self Protection Project ++ See: https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings ++ Note, there may be additional settings for which the CONFIG_ setting is invisible in menuconfig due ++ to unmet dependencies. Search for GENTOO_KERNEL_SELF_PROTECTION_{X86_64, ARM64, X86_32, ARM} for ++ dependency information on your specific architecture. ++ Note 2: Please see the URL above for numeric settings, e.g. CONFIG_DEFAULT_MMAP_MIN_ADDR=65536 ++ for X86_64 + + depends on GENTOO_LINUX && !HARDENED_USERCOPY_FALLBACK && !HARDENED_USERCOPY_PAGESPAN && !ACPI_CUSTOM_METHOD && !COMPAT_BRK && !DEVKMEM && !PROC_KCORE && !COMPAT_VDSO && !KEXEC && !HIBERNATION && !LEGACY_PTYS && !SECURITY_SELINUX_DISABLE && !X86_X32 && !MODIFY_LDT_SYSCALL + @@ -218,7 +218,7 @@ + select FORTIFY_SOURCE + select SECURITY_DMESG_RESTRICT + select PANIC_ON_OOPS -+ select CONFIG_GCC_PLUGINS=y ++ select CONFIG_GCC_PLUGINS + select GCC_PLUGIN_LATENT_ENTROPY + select GCC_PLUGIN_STRUCTLEAK + select GCC_PLUGIN_STRUCTLEAK_BYREF_ALL @@ -237,7 +237,7 @@ + select RANDOMIZE_BASE + select RANDOMIZE_MEMORY + select LEGACY_VSYSCALL_NONE -+ select PAGE_TABLE_ISOLATION ++ select PAGE_TABLE_ISOLATION + + +config GENTOO_KERNEL_SELF_PROTECTION_ARM64 |