diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2019-12-31 18:15:55 +0000 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2019-12-31 18:15:55 +0000 |
| commit | 9538b5f99dccbd78a9c334d2c430723da9d60d16 (patch) | |
| tree | 2edbdf561a7ec87b07b6ae1e93d35a9644a39782 /sys-kernel/linux-sources-redcore/files | |
| parent | 53d20d9f7c06fbe957be0ec9f5455574db7e6677 (diff) | |
sys-kernel/linux-{image,sources}-redcore : relax some hardening
Diffstat (limited to 'sys-kernel/linux-sources-redcore/files')
| -rw-r--r-- | sys-kernel/linux-sources-redcore/files/5.4-amd64.config | 19 |
1 files changed, 7 insertions, 12 deletions
diff --git a/sys-kernel/linux-sources-redcore/files/5.4-amd64.config b/sys-kernel/linux-sources-redcore/files/5.4-amd64.config index 123bf569..a9fab76a 100644 --- a/sys-kernel/linux-sources-redcore/files/5.4-amd64.config +++ b/sys-kernel/linux-sources-redcore/files/5.4-amd64.config @@ -9185,24 +9185,19 @@ CONFIG_LSM="apparmor" # # Kernel hardening options # -CONFIG_GCC_PLUGIN_STRUCTLEAK=y # # Memory initialization # -# CONFIG_INIT_STACK_NONE is not set +CONFIG_INIT_STACK_NONE=y # CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set # CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set -CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y -# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set -CONFIG_GCC_PLUGIN_STACKLEAK=y -CONFIG_STACKLEAK_TRACK_MIN_SIZE=100 -CONFIG_STACKLEAK_METRICS=y -CONFIG_STACKLEAK_RUNTIME_DISABLE=y -CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y -CONFIG_INIT_ON_FREE_DEFAULT_ON=y -CONFIG_PAGE_SANITIZE_VERIFY=y -CONFIG_SLAB_SANITIZE_VERIFY=y +# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL is not set +# CONFIG_GCC_PLUGIN_STACKLEAK is not set +# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set +# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set +# CONFIG_PAGE_SANITIZE_VERIFY is not set +# CONFIG_SLAB_SANITIZE_VERIFY is not set # end of Memory initialization # end of Kernel hardening options # end of Security options |