diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2019-12-31 18:15:55 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2019-12-31 18:15:55 +0000 |
commit | 9538b5f99dccbd78a9c334d2c430723da9d60d16 (patch) | |
tree | 2edbdf561a7ec87b07b6ae1e93d35a9644a39782 /sys-kernel | |
parent | 53d20d9f7c06fbe957be0ec9f5455574db7e6677 (diff) |
sys-kernel/linux-{image,sources}-redcore : relax some hardening
Diffstat (limited to 'sys-kernel')
-rw-r--r-- | sys-kernel/linux-image-redcore/files/5.4-amd64.config | 19 | ||||
-rw-r--r-- | sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5-r1.ebuild (renamed from sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5.ebuild) | 2 | ||||
-rw-r--r-- | sys-kernel/linux-sources-redcore/files/5.4-amd64.config | 19 | ||||
-rw-r--r-- | sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5-r1.ebuild (renamed from sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5.ebuild) | 2 |
4 files changed, 16 insertions, 26 deletions
diff --git a/sys-kernel/linux-image-redcore/files/5.4-amd64.config b/sys-kernel/linux-image-redcore/files/5.4-amd64.config index 123bf569..a9fab76a 100644 --- a/sys-kernel/linux-image-redcore/files/5.4-amd64.config +++ b/sys-kernel/linux-image-redcore/files/5.4-amd64.config @@ -9185,24 +9185,19 @@ CONFIG_LSM="apparmor" # # Kernel hardening options # -CONFIG_GCC_PLUGIN_STRUCTLEAK=y # # Memory initialization # -# CONFIG_INIT_STACK_NONE is not set +CONFIG_INIT_STACK_NONE=y # CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set # CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set -CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y -# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set -CONFIG_GCC_PLUGIN_STACKLEAK=y -CONFIG_STACKLEAK_TRACK_MIN_SIZE=100 -CONFIG_STACKLEAK_METRICS=y -CONFIG_STACKLEAK_RUNTIME_DISABLE=y -CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y -CONFIG_INIT_ON_FREE_DEFAULT_ON=y -CONFIG_PAGE_SANITIZE_VERIFY=y -CONFIG_SLAB_SANITIZE_VERIFY=y +# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL is not set +# CONFIG_GCC_PLUGIN_STACKLEAK is not set +# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set +# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set +# CONFIG_PAGE_SANITIZE_VERIFY is not set +# CONFIG_SLAB_SANITIZE_VERIFY is not set # end of Memory initialization # end of Kernel hardening options # end of Security options diff --git a/sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5.ebuild b/sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5-r1.ebuild index 0e7bc9ad..ca6654a2 100644 --- a/sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5.ebuild +++ b/sys-kernel/linux-image-redcore/linux-image-redcore-5.4.5-r1.ebuild @@ -5,7 +5,7 @@ EAPI=6 inherit eutils -EXTRAVERSION="redcore" +EXTRAVERSION="redcore-r1" KV_FULL="${PV}-${EXTRAVERSION}" KV_MAJOR="5.4" diff --git a/sys-kernel/linux-sources-redcore/files/5.4-amd64.config b/sys-kernel/linux-sources-redcore/files/5.4-amd64.config index 123bf569..a9fab76a 100644 --- a/sys-kernel/linux-sources-redcore/files/5.4-amd64.config +++ b/sys-kernel/linux-sources-redcore/files/5.4-amd64.config @@ -9185,24 +9185,19 @@ CONFIG_LSM="apparmor" # # Kernel hardening options # -CONFIG_GCC_PLUGIN_STRUCTLEAK=y # # Memory initialization # -# CONFIG_INIT_STACK_NONE is not set +CONFIG_INIT_STACK_NONE=y # CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set # CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set -CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y -# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set -CONFIG_GCC_PLUGIN_STACKLEAK=y -CONFIG_STACKLEAK_TRACK_MIN_SIZE=100 -CONFIG_STACKLEAK_METRICS=y -CONFIG_STACKLEAK_RUNTIME_DISABLE=y -CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y -CONFIG_INIT_ON_FREE_DEFAULT_ON=y -CONFIG_PAGE_SANITIZE_VERIFY=y -CONFIG_SLAB_SANITIZE_VERIFY=y +# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL is not set +# CONFIG_GCC_PLUGIN_STACKLEAK is not set +# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set +# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set +# CONFIG_PAGE_SANITIZE_VERIFY is not set +# CONFIG_SLAB_SANITIZE_VERIFY is not set # end of Memory initialization # end of Kernel hardening options # end of Security options diff --git a/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5.ebuild b/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5-r1.ebuild index 96580184..a96da328 100644 --- a/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5.ebuild +++ b/sys-kernel/linux-sources-redcore/linux-sources-redcore-5.4.5-r1.ebuild @@ -5,7 +5,7 @@ EAPI=6 inherit eutils -EXTRAVERSION="redcore" +EXTRAVERSION="redcore-r1" KV_FULL="${PV}-${EXTRAVERSION}" KV_MAJOR="5.4" |