summaryrefslogtreecommitdiff
path: root/sys-kernel
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2019-12-31 18:15:55 +0000
committerV3n3RiX <venerix@redcorelinux.org>2019-12-31 18:15:55 +0000
commit9538b5f99dccbd78a9c334d2c430723da9d60d16 (patch)
tree2edbdf561a7ec87b07b6ae1e93d35a9644a39782 /sys-kernel
parent53d20d9f7c06fbe957be0ec9f5455574db7e6677 (diff)
sys-kernel/linux-{image,sources}-redcore : relax some hardening
Diffstat (limited to 'sys-kernel')
-rw-r--r--sys-kernel/linux-image-redcore/files/5.4-amd64.config19
-rw-r--r--sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5-r1.ebuild (renamed from sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5.ebuild)2
-rw-r--r--sys-kernel/linux-sources-redcore/files/5.4-amd64.config19
-rw-r--r--sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5-r1.ebuild (renamed from sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5.ebuild)2
4 files changed, 16 insertions, 26 deletions
diff --git a/sys-kernel/linux-image-redcore/files/5.4-amd64.config b/sys-kernel/linux-image-redcore/files/5.4-amd64.config
index 123bf569..a9fab76a 100644
--- a/sys-kernel/linux-image-redcore/files/5.4-amd64.config
+++ b/sys-kernel/linux-image-redcore/files/5.4-amd64.config
@@ -9185,24 +9185,19 @@ CONFIG_LSM="apparmor"
#
# Kernel hardening options
#
-CONFIG_GCC_PLUGIN_STRUCTLEAK=y
#
# Memory initialization
#
-# CONFIG_INIT_STACK_NONE is not set
+CONFIG_INIT_STACK_NONE=y
# CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set
# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set
-CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
-# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
-CONFIG_GCC_PLUGIN_STACKLEAK=y
-CONFIG_STACKLEAK_TRACK_MIN_SIZE=100
-CONFIG_STACKLEAK_METRICS=y
-CONFIG_STACKLEAK_RUNTIME_DISABLE=y
-CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y
-CONFIG_INIT_ON_FREE_DEFAULT_ON=y
-CONFIG_PAGE_SANITIZE_VERIFY=y
-CONFIG_SLAB_SANITIZE_VERIFY=y
+# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL is not set
+# CONFIG_GCC_PLUGIN_STACKLEAK is not set
+# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set
+# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set
+# CONFIG_PAGE_SANITIZE_VERIFY is not set
+# CONFIG_SLAB_SANITIZE_VERIFY is not set
# end of Memory initialization
# end of Kernel hardening options
# end of Security options
diff --git a/sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5.ebuild b/sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5-r1.ebuild
index 0e7bc9ad..ca6654a2 100644
--- a/sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5.ebuild
+++ b/sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5-r1.ebuild
@@ -5,7 +5,7 @@ EAPI=6
inherit eutils
-EXTRAVERSION="redcore"
+EXTRAVERSION="redcore-r1"
KV_FULL="${PV}-${EXTRAVERSION}"
KV_MAJOR="5.4"
diff --git a/sys-kernel/linux-sources-redcore/files/5.4-amd64.config b/sys-kernel/linux-sources-redcore/files/5.4-amd64.config
index 123bf569..a9fab76a 100644
--- a/sys-kernel/linux-sources-redcore/files/5.4-amd64.config
+++ b/sys-kernel/linux-sources-redcore/files/5.4-amd64.config
@@ -9185,24 +9185,19 @@ CONFIG_LSM="apparmor"
#
# Kernel hardening options
#
-CONFIG_GCC_PLUGIN_STRUCTLEAK=y
#
# Memory initialization
#
-# CONFIG_INIT_STACK_NONE is not set
+CONFIG_INIT_STACK_NONE=y
# CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set
# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set
-CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
-# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
-CONFIG_GCC_PLUGIN_STACKLEAK=y
-CONFIG_STACKLEAK_TRACK_MIN_SIZE=100
-CONFIG_STACKLEAK_METRICS=y
-CONFIG_STACKLEAK_RUNTIME_DISABLE=y
-CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y
-CONFIG_INIT_ON_FREE_DEFAULT_ON=y
-CONFIG_PAGE_SANITIZE_VERIFY=y
-CONFIG_SLAB_SANITIZE_VERIFY=y
+# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL is not set
+# CONFIG_GCC_PLUGIN_STACKLEAK is not set
+# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set
+# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set
+# CONFIG_PAGE_SANITIZE_VERIFY is not set
+# CONFIG_SLAB_SANITIZE_VERIFY is not set
# end of Memory initialization
# end of Kernel hardening options
# end of Security options
diff --git a/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5.ebuild b/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5-r1.ebuild
index 96580184..a96da328 100644
--- a/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5.ebuild
+++ b/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5-r1.ebuild
@@ -5,7 +5,7 @@ EAPI=6
inherit eutils
-EXTRAVERSION="redcore"
+EXTRAVERSION="redcore-r1"
KV_FULL="${PV}-${EXTRAVERSION}"
KV_MAJOR="5.4"