sys-kernel/hardened-kernel: update kernel config
This commit is contained in:
@@ -213,7 +213,7 @@ CONFIG_HAVE_UID16=y
|
||||
CONFIG_SYSCTL_EXCEPTION_TRACE=y
|
||||
CONFIG_HAVE_PCSPKR_PLATFORM=y
|
||||
CONFIG_BPF=y
|
||||
CONFIG_EXPERT=y
|
||||
# CONFIG_EXPERT is not set
|
||||
CONFIG_UID16=y
|
||||
CONFIG_MULTIUSER=y
|
||||
CONFIG_SGETMASK_SYSCALL=y
|
||||
@@ -252,10 +252,8 @@ CONFIG_USERMODE_DRIVER=y
|
||||
CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y
|
||||
CONFIG_KCMP=y
|
||||
CONFIG_RSEQ=y
|
||||
# CONFIG_DEBUG_RSEQ is not set
|
||||
# CONFIG_EMBEDDED is not set
|
||||
CONFIG_HAVE_PERF_EVENTS=y
|
||||
# CONFIG_PC104 is not set
|
||||
|
||||
#
|
||||
# Kernel Performance Events And Counters
|
||||
@@ -266,11 +264,9 @@ CONFIG_PERF_EVENTS=y
|
||||
|
||||
CONFIG_VM_EVENT_COUNTERS=y
|
||||
CONFIG_SLUB_DEBUG=y
|
||||
# CONFIG_SLUB_MEMCG_SYSFS_ON is not set
|
||||
# CONFIG_COMPAT_BRK is not set
|
||||
# CONFIG_SLAB is not set
|
||||
CONFIG_SLUB=y
|
||||
# CONFIG_SLOB is not set
|
||||
# CONFIG_SLAB_MERGE_DEFAULT is not set
|
||||
CONFIG_SLAB_FREELIST_RANDOM=y
|
||||
CONFIG_SLAB_FREELIST_HARDENED=y
|
||||
@@ -366,7 +362,6 @@ CONFIG_X86_MINIMUM_CPU_FAMILY=64
|
||||
CONFIG_X86_DEBUGCTLMSR=y
|
||||
CONFIG_IA32_FEAT_CTL=y
|
||||
CONFIG_X86_VMX_FEATURE_NAMES=y
|
||||
# CONFIG_PROCESSOR_SELECT is not set
|
||||
CONFIG_CPU_SUP_INTEL=y
|
||||
CONFIG_CPU_SUP_AMD=y
|
||||
CONFIG_CPU_SUP_HYGON=y
|
||||
@@ -495,7 +490,6 @@ CONFIG_ARCH_ENABLE_THP_MIGRATION=y
|
||||
CONFIG_ARCH_HIBERNATION_HEADER=y
|
||||
CONFIG_SUSPEND=y
|
||||
CONFIG_SUSPEND_FREEZER=y
|
||||
# CONFIG_SUSPEND_SKIP_SYNC is not set
|
||||
CONFIG_HIBERNATE_CALLBACKS=y
|
||||
CONFIG_HIBERNATION=y
|
||||
CONFIG_HIBERNATION_SNAPSHOT_DEV=y
|
||||
@@ -548,7 +542,6 @@ CONFIG_ACPI_SBS=m
|
||||
CONFIG_ACPI_HED=y
|
||||
# CONFIG_ACPI_CUSTOM_METHOD is not set
|
||||
CONFIG_ACPI_BGRT=y
|
||||
# CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set
|
||||
# CONFIG_ACPI_NFIT is not set
|
||||
CONFIG_ACPI_NUMA=y
|
||||
# CONFIG_ACPI_HMAT is not set
|
||||
@@ -622,8 +615,6 @@ CONFIG_INTEL_IDLE=y
|
||||
CONFIG_PCI_DIRECT=y
|
||||
CONFIG_PCI_MMCONFIG=y
|
||||
CONFIG_MMCONF_FAM10H=y
|
||||
# CONFIG_PCI_CNB20LE_QUIRK is not set
|
||||
# CONFIG_ISA_BUS is not set
|
||||
CONFIG_ISA_DMA_API=y
|
||||
CONFIG_AMD_NB=y
|
||||
CONFIG_X86_SYSFB=y
|
||||
@@ -700,7 +691,6 @@ CONFIG_HAVE_KVM_NO_POLL=y
|
||||
CONFIG_KVM_XFER_TO_GUEST_WORK=y
|
||||
CONFIG_VIRTUALIZATION=y
|
||||
CONFIG_KVM=m
|
||||
CONFIG_KVM_WERROR=y
|
||||
CONFIG_KVM_INTEL=m
|
||||
CONFIG_KVM_AMD=m
|
||||
# CONFIG_KVM_MMU_AUDIT is not set
|
||||
@@ -820,7 +810,6 @@ CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y
|
||||
|
||||
CONFIG_HAVE_GCC_PLUGINS=y
|
||||
CONFIG_GCC_PLUGINS=y
|
||||
# CONFIG_GCC_PLUGIN_CYC_COMPLEXITY is not set
|
||||
CONFIG_GCC_PLUGIN_LATENT_ENTROPY=y
|
||||
CONFIG_GCC_PLUGIN_RANDSTRUCT=y
|
||||
CONFIG_GCC_PLUGIN_RANDSTRUCT_PERFORMANCE=y
|
||||
@@ -1641,12 +1630,8 @@ CONFIG_WIRELESS=y
|
||||
CONFIG_CFG80211=m
|
||||
# CONFIG_NL80211_TESTMODE is not set
|
||||
# CONFIG_CFG80211_DEVELOPER_WARNINGS is not set
|
||||
CONFIG_CFG80211_CERTIFICATION_ONUS=y
|
||||
CONFIG_CFG80211_REQUIRE_SIGNED_REGDB=y
|
||||
CONFIG_CFG80211_USE_KERNEL_REGDB_KEYS=y
|
||||
CONFIG_CFG80211_EXTRA_REGDB_KEYDIR=""
|
||||
CONFIG_CFG80211_REG_CELLULAR_HINTS=y
|
||||
CONFIG_CFG80211_REG_RELAX_NO_IR=y
|
||||
CONFIG_CFG80211_DEFAULT_PS=y
|
||||
# CONFIG_CFG80211_DEBUGFS is not set
|
||||
CONFIG_CFG80211_CRDA_SUPPORT=y
|
||||
@@ -1665,7 +1650,7 @@ CONFIG_MAC80211_STA_HASH_MAX_SIZE=0
|
||||
# CONFIG_WIMAX is not set
|
||||
CONFIG_RFKILL=m
|
||||
CONFIG_RFKILL_LEDS=y
|
||||
# CONFIG_RFKILL_INPUT is not set
|
||||
CONFIG_RFKILL_INPUT=y
|
||||
# CONFIG_NET_9P is not set
|
||||
# CONFIG_CAIF is not set
|
||||
# CONFIG_CEPH_LIB is not set
|
||||
@@ -1716,11 +1701,6 @@ CONFIG_PCI_PRI=y
|
||||
CONFIG_PCI_PASID=y
|
||||
# CONFIG_PCI_P2PDMA is not set
|
||||
CONFIG_PCI_LABEL=y
|
||||
# CONFIG_PCIE_BUS_TUNE_OFF is not set
|
||||
CONFIG_PCIE_BUS_DEFAULT=y
|
||||
# CONFIG_PCIE_BUS_SAFE is not set
|
||||
# CONFIG_PCIE_BUS_PERFORMANCE is not set
|
||||
# CONFIG_PCIE_BUS_PEER2PEER is not set
|
||||
CONFIG_HOTPLUG_PCI=y
|
||||
CONFIG_HOTPLUG_PCI_ACPI=y
|
||||
CONFIG_HOTPLUG_PCI_ACPI_IBM=m
|
||||
@@ -2341,14 +2321,11 @@ CONFIG_USB_NET_RNDIS_HOST=m
|
||||
# CONFIG_USB_NET_CH9200 is not set
|
||||
# CONFIG_USB_NET_AQC111 is not set
|
||||
CONFIG_WLAN=y
|
||||
# CONFIG_WIRELESS_WDS is not set
|
||||
# CONFIG_WLAN_VENDOR_ADMTEK is not set
|
||||
CONFIG_ATH_COMMON=m
|
||||
CONFIG_WLAN_VENDOR_ATH=y
|
||||
CONFIG_ATH_USER_REGD=y
|
||||
# CONFIG_ATH_DEBUG is not set
|
||||
CONFIG_ATH_REG_DYNAMIC_USER_REG_HINTS=y
|
||||
# CONFIG_ATH_REG_DYNAMIC_USER_CERT_TESTING is not set
|
||||
# CONFIG_ATH5K is not set
|
||||
# CONFIG_ATH5K_PCI is not set
|
||||
# CONFIG_ATH9K is not set
|
||||
@@ -2365,7 +2342,6 @@ CONFIG_ATH10K_PCI=m
|
||||
# CONFIG_ATH10K_DEBUG is not set
|
||||
# CONFIG_ATH10K_DEBUGFS is not set
|
||||
# CONFIG_ATH10K_TRACING is not set
|
||||
CONFIG_ATH10K_DFS_CERTIFIED=y
|
||||
# CONFIG_WCN36XX is not set
|
||||
# CONFIG_ATH11K is not set
|
||||
# CONFIG_WLAN_VENDOR_ATMEL is not set
|
||||
@@ -2632,7 +2608,6 @@ CONFIG_SERIAL_CORE_CONSOLE=y
|
||||
# CONFIG_TRACE_SINK is not set
|
||||
CONFIG_HVC_DRIVER=y
|
||||
# CONFIG_SERIAL_DEV_BUS is not set
|
||||
# CONFIG_TTY_PRINTK is not set
|
||||
CONFIG_VIRTIO_CONSOLE=m
|
||||
# CONFIG_IPMI_HANDLER is not set
|
||||
CONFIG_HW_RANDOM=y
|
||||
@@ -3322,106 +3297,19 @@ CONFIG_VIDEOBUF2_MEMOPS=m
|
||||
CONFIG_VIDEOBUF2_VMALLOC=m
|
||||
# end of Media drivers
|
||||
|
||||
CONFIG_MEDIA_HIDE_ANCILLARY_SUBDRV=y
|
||||
|
||||
#
|
||||
# Media ancillary drivers
|
||||
#
|
||||
|
||||
#
|
||||
# Audio decoders, processors and mixers
|
||||
# audio, video and radio I2C drivers auto-selected by 'Autoselect ancillary drivers'
|
||||
#
|
||||
# CONFIG_VIDEO_TVAUDIO is not set
|
||||
# CONFIG_VIDEO_TDA7432 is not set
|
||||
# CONFIG_VIDEO_TDA9840 is not set
|
||||
# CONFIG_VIDEO_TEA6415C is not set
|
||||
# CONFIG_VIDEO_TEA6420 is not set
|
||||
# CONFIG_VIDEO_MSP3400 is not set
|
||||
# CONFIG_VIDEO_CS3308 is not set
|
||||
# CONFIG_VIDEO_CS5345 is not set
|
||||
# CONFIG_VIDEO_CS53L32A is not set
|
||||
# CONFIG_VIDEO_TLV320AIC23B is not set
|
||||
# CONFIG_VIDEO_UDA1342 is not set
|
||||
# CONFIG_VIDEO_WM8775 is not set
|
||||
# CONFIG_VIDEO_WM8739 is not set
|
||||
# CONFIG_VIDEO_VP27SMPX is not set
|
||||
# CONFIG_VIDEO_SONY_BTF_MPX is not set
|
||||
# end of Audio decoders, processors and mixers
|
||||
|
||||
#
|
||||
# RDS decoders
|
||||
#
|
||||
# CONFIG_VIDEO_SAA6588 is not set
|
||||
# end of RDS decoders
|
||||
|
||||
#
|
||||
# Video decoders
|
||||
#
|
||||
# CONFIG_VIDEO_ADV7183 is not set
|
||||
# CONFIG_VIDEO_ADV7842 is not set
|
||||
# CONFIG_VIDEO_BT819 is not set
|
||||
# CONFIG_VIDEO_BT856 is not set
|
||||
# CONFIG_VIDEO_BT866 is not set
|
||||
# CONFIG_VIDEO_KS0127 is not set
|
||||
# CONFIG_VIDEO_ML86V7667 is not set
|
||||
# CONFIG_VIDEO_SAA7110 is not set
|
||||
# CONFIG_VIDEO_SAA711X is not set
|
||||
# CONFIG_VIDEO_TC358743 is not set
|
||||
# CONFIG_VIDEO_TVP514X is not set
|
||||
# CONFIG_VIDEO_TVP5150 is not set
|
||||
# CONFIG_VIDEO_TVP7002 is not set
|
||||
# CONFIG_VIDEO_TW2804 is not set
|
||||
# CONFIG_VIDEO_TW9903 is not set
|
||||
# CONFIG_VIDEO_TW9906 is not set
|
||||
# CONFIG_VIDEO_TW9910 is not set
|
||||
# CONFIG_VIDEO_VPX3220 is not set
|
||||
|
||||
#
|
||||
# Video and audio decoders
|
||||
#
|
||||
# CONFIG_VIDEO_SAA717X is not set
|
||||
# CONFIG_VIDEO_CX25840 is not set
|
||||
# end of Video decoders
|
||||
|
||||
#
|
||||
# Video encoders
|
||||
#
|
||||
# CONFIG_VIDEO_SAA7127 is not set
|
||||
# CONFIG_VIDEO_SAA7185 is not set
|
||||
# CONFIG_VIDEO_ADV7170 is not set
|
||||
# CONFIG_VIDEO_ADV7175 is not set
|
||||
# CONFIG_VIDEO_ADV7343 is not set
|
||||
# CONFIG_VIDEO_ADV7393 is not set
|
||||
# CONFIG_VIDEO_ADV7511 is not set
|
||||
# CONFIG_VIDEO_AD9389B is not set
|
||||
# CONFIG_VIDEO_AK881X is not set
|
||||
# CONFIG_VIDEO_THS8200 is not set
|
||||
# end of Video encoders
|
||||
|
||||
#
|
||||
# Video improvement chips
|
||||
#
|
||||
# CONFIG_VIDEO_UPD64031A is not set
|
||||
# CONFIG_VIDEO_UPD64083 is not set
|
||||
# end of Video improvement chips
|
||||
|
||||
#
|
||||
# Audio/Video compression chips
|
||||
#
|
||||
# CONFIG_VIDEO_SAA6752HS is not set
|
||||
# end of Audio/Video compression chips
|
||||
|
||||
#
|
||||
# SDR tuner chips
|
||||
#
|
||||
# end of SDR tuner chips
|
||||
|
||||
#
|
||||
# Miscellaneous helper chips
|
||||
#
|
||||
# CONFIG_VIDEO_THS7303 is not set
|
||||
# CONFIG_VIDEO_M52790 is not set
|
||||
# CONFIG_VIDEO_I2C is not set
|
||||
# CONFIG_VIDEO_ST_MIPID02 is not set
|
||||
# end of Miscellaneous helper chips
|
||||
|
||||
#
|
||||
# Camera sensor devices
|
||||
@@ -3493,10 +3381,8 @@ CONFIG_VIDEOBUF2_VMALLOC=m
|
||||
# end of Flash devices
|
||||
|
||||
#
|
||||
# SPI helper chips
|
||||
# SPI I2C drivers auto-selected by 'Autoselect ancillary drivers'
|
||||
#
|
||||
# CONFIG_VIDEO_GS1662 is not set
|
||||
# end of SPI helper chips
|
||||
|
||||
#
|
||||
# Media SPI Adapters
|
||||
@@ -3522,10 +3408,8 @@ CONFIG_DRM_MIPI_DSI=y
|
||||
# CONFIG_DRM_DEBUG_SELFTEST is not set
|
||||
CONFIG_DRM_KMS_HELPER=m
|
||||
CONFIG_DRM_KMS_FB_HELPER=y
|
||||
# CONFIG_DRM_DEBUG_DP_MST_TOPOLOGY_REFS is not set
|
||||
CONFIG_DRM_FBDEV_EMULATION=y
|
||||
CONFIG_DRM_FBDEV_OVERALLOC=100
|
||||
# CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM is not set
|
||||
# CONFIG_DRM_LOAD_EDID_FIRMWARE is not set
|
||||
CONFIG_DRM_DP_CEC=y
|
||||
CONFIG_DRM_TTM=m
|
||||
@@ -3586,25 +3470,6 @@ CONFIG_DRM_I915_CAPTURE_ERROR=y
|
||||
CONFIG_DRM_I915_COMPRESS_ERROR=y
|
||||
CONFIG_DRM_I915_USERPTR=y
|
||||
CONFIG_DRM_I915_GVT=y
|
||||
|
||||
#
|
||||
# drm/i915 Debugging
|
||||
#
|
||||
# CONFIG_DRM_I915_WERROR is not set
|
||||
# CONFIG_DRM_I915_DEBUG is not set
|
||||
# CONFIG_DRM_I915_DEBUG_MMIO is not set
|
||||
# CONFIG_DRM_I915_SW_FENCE_DEBUG_OBJECTS is not set
|
||||
# CONFIG_DRM_I915_SW_FENCE_CHECK_DAG is not set
|
||||
# CONFIG_DRM_I915_DEBUG_GUC is not set
|
||||
# CONFIG_DRM_I915_SELFTEST is not set
|
||||
# CONFIG_DRM_I915_LOW_LEVEL_TRACEPOINTS is not set
|
||||
# CONFIG_DRM_I915_DEBUG_VBLANK_EVADE is not set
|
||||
# CONFIG_DRM_I915_DEBUG_RUNTIME_PM is not set
|
||||
# end of drm/i915 Debugging
|
||||
|
||||
#
|
||||
# drm/i915 Profile Guided Optimisation
|
||||
#
|
||||
CONFIG_DRM_I915_FENCE_TIMEOUT=10000
|
||||
CONFIG_DRM_I915_USERFAULT_AUTOSUSPEND=250
|
||||
CONFIG_DRM_I915_HEARTBEAT_INTERVAL=2500
|
||||
@@ -3612,8 +3477,6 @@ CONFIG_DRM_I915_PREEMPT_TIMEOUT=640
|
||||
CONFIG_DRM_I915_MAX_REQUEST_BUSYWAIT=8000
|
||||
CONFIG_DRM_I915_STOP_TIMEOUT=100
|
||||
CONFIG_DRM_I915_TIMESLICE_DURATION=1
|
||||
# end of drm/i915 Profile Guided Optimisation
|
||||
|
||||
CONFIG_DRM_VGEM=m
|
||||
CONFIG_DRM_VKMS=m
|
||||
# CONFIG_DRM_VMWGFX is not set
|
||||
@@ -3696,7 +3559,6 @@ CONFIG_FB_EFI=y
|
||||
# CONFIG_FB_RIVA is not set
|
||||
# CONFIG_FB_I740 is not set
|
||||
# CONFIG_FB_LE80578 is not set
|
||||
# CONFIG_FB_INTEL is not set
|
||||
# CONFIG_FB_MATROX is not set
|
||||
# CONFIG_FB_RADEON is not set
|
||||
# CONFIG_FB_ATY128 is not set
|
||||
@@ -5221,9 +5083,7 @@ CONFIG_LSM_MMAP_MIN_ADDR=65536
|
||||
CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y
|
||||
CONFIG_HARDENED_USERCOPY=y
|
||||
# CONFIG_HARDENED_USERCOPY_FALLBACK is not set
|
||||
# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set
|
||||
CONFIG_FORTIFY_SOURCE=y
|
||||
# CONFIG_FORTIFY_SOURCE_STRICT_STRING is not set
|
||||
# CONFIG_STATIC_USERMODEHELPER is not set
|
||||
CONFIG_SECURITY_SELINUX=y
|
||||
# CONFIG_SECURITY_SELINUX_BOOTPARAM is not set
|
||||
@@ -5662,7 +5522,6 @@ CONFIG_FRAME_WARN=2048
|
||||
# CONFIG_HEADERS_INSTALL is not set
|
||||
# CONFIG_DEBUG_SECTION_MISMATCH is not set
|
||||
CONFIG_SECTION_MISMATCH_WARN_ONLY=y
|
||||
# CONFIG_DEBUG_FORCE_FUNCTION_ALIGN_32B is not set
|
||||
# CONFIG_DEBUG_WRITABLE_FUNCTION_POINTERS_VERBOSE is not set
|
||||
CONFIG_STACK_VALIDATION=y
|
||||
# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
|
||||
@@ -5717,7 +5576,7 @@ CONFIG_ARCH_HAS_DEBUG_VM_PGTABLE=y
|
||||
# CONFIG_DEBUG_VM_PGTABLE is not set
|
||||
CONFIG_ARCH_HAS_DEBUG_VIRTUAL=y
|
||||
CONFIG_DEBUG_VIRTUAL=y
|
||||
# CONFIG_DEBUG_MEMORY_INIT is not set
|
||||
CONFIG_DEBUG_MEMORY_INIT=y
|
||||
# CONFIG_DEBUG_PER_CPU_MAPS is not set
|
||||
CONFIG_HAVE_ARCH_KASAN=y
|
||||
CONFIG_HAVE_ARCH_KASAN_VMALLOC=y
|
||||
@@ -5897,7 +5756,6 @@ CONFIG_IO_DELAY_NONE=y
|
||||
# CONFIG_PUNIT_ATOM_DEBUG is not set
|
||||
CONFIG_UNWINDER_ORC=y
|
||||
# CONFIG_UNWINDER_FRAME_POINTER is not set
|
||||
# CONFIG_UNWINDER_GUESS is not set
|
||||
# end of x86 Debugging
|
||||
|
||||
#
|
||||
|
||||
Reference in New Issue
Block a user