pygoscelis: Enable CONFIG_GENTOO_KERNEL_SELF_PROTECTION_COMMON
This commit is contained in:
parent
0c9db3d215
commit
d138bcc8cd
GPG Key ID:
0F1DEAB2D36AD112
|
|
@ -747,6 +747,7 @@ CONFIG_HAVE_NOINSTR_HACK=y
|
|||
CONFIG_HAVE_NOINSTR_VALIDATION=y
|
||||
CONFIG_HAVE_UACCESS_VALIDATION=y
|
||||
CONFIG_HAVE_STACK_VALIDATION=y
|
||||
CONFIG_HAVE_RELIABLE_STACKTRACE=y
|
||||
CONFIG_COMPAT_32BIT_TIME=y
|
||||
CONFIG_HAVE_ARCH_VMAP_STACK=y
|
||||
CONFIG_VMAP_STACK=y
|
||||
|
|
@ -780,7 +781,7 @@ CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y
|
|||
|
||||
CONFIG_HAVE_GCC_PLUGINS=y
|
||||
CONFIG_GCC_PLUGINS=y
|
||||
# CONFIG_GCC_PLUGIN_LATENT_ENTROPY is not set
|
||||
CONFIG_GCC_PLUGIN_LATENT_ENTROPY=y
|
||||
# end of General architecture-dependent options
|
||||
|
||||
CONFIG_RT_MUTEXES=y
|
||||
|
|
@ -4613,6 +4614,7 @@ CONFIG_LSM="landlock,lockdown,yama,loadpin,safesetid,integrity,bpf"
|
|||
#
|
||||
# Kernel hardening options
|
||||
#
|
||||
CONFIG_GCC_PLUGIN_STRUCTLEAK=y
|
||||
|
||||
#
|
||||
# Memory initialization
|
||||
|
|
@ -4623,6 +4625,7 @@ CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO=y
|
|||
# CONFIG_INIT_STACK_NONE is not set
|
||||
# CONFIG_INIT_STACK_ALL_PATTERN is not set
|
||||
CONFIG_INIT_STACK_ALL_ZERO=y
|
||||
# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
|
||||
CONFIG_GCC_PLUGIN_STACKLEAK=y
|
||||
# CONFIG_GCC_PLUGIN_STACKLEAK_VERBOSE is not set
|
||||
CONFIG_STACKLEAK_TRACK_MIN_SIZE=100
|
||||
|
|
@ -5026,6 +5029,7 @@ CONFIG_MEMREGION=y
|
|||
CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE=y
|
||||
CONFIG_ARCH_HAS_COPY_MC=y
|
||||
CONFIG_ARCH_STACKWALK=y
|
||||
CONFIG_STACKDEPOT=y
|
||||
CONFIG_SBITMAP=y
|
||||
# end of Library routines
|
||||
|
||||
|
|
@ -5101,7 +5105,8 @@ CONFIG_HAVE_KCSAN_COMPILER=y
|
|||
#
|
||||
# CONFIG_PAGE_EXTENSION is not set
|
||||
# CONFIG_DEBUG_PAGEALLOC is not set
|
||||
# CONFIG_SLUB_DEBUG is not set
|
||||
CONFIG_SLUB_DEBUG=y
|
||||
# CONFIG_SLUB_DEBUG_ON is not set
|
||||
# CONFIG_PAGE_OWNER is not set
|
||||
# CONFIG_PAGE_TABLE_CHECK is not set
|
||||
CONFIG_PAGE_POISONING=y
|
||||
|
|
@ -5130,7 +5135,12 @@ CONFIG_CC_HAS_KASAN_GENERIC=y
|
|||
CONFIG_CC_HAS_WORKING_NOSANITIZE_ADDRESS=y
|
||||
# CONFIG_KASAN is not set
|
||||
CONFIG_HAVE_ARCH_KFENCE=y
|
||||
# CONFIG_KFENCE is not set
|
||||
CONFIG_KFENCE=y
|
||||
CONFIG_KFENCE_SAMPLE_INTERVAL=100
|
||||
CONFIG_KFENCE_NUM_OBJECTS=255
|
||||
# CONFIG_KFENCE_DEFERRABLE is not set
|
||||
# CONFIG_KFENCE_STATIC_KEYS is not set
|
||||
CONFIG_KFENCE_STRESS_TEST_FAULTS=0
|
||||
CONFIG_HAVE_ARCH_KMSAN=y
|
||||
# end of Memory Debugging
|
||||
|
||||
|
|
@ -5182,7 +5192,7 @@ CONFIG_LOCK_DEBUGGING_SUPPORT=y
|
|||
# end of Lock Debugging (spinlocks, mutexes, etc...)
|
||||
|
||||
# CONFIG_DEBUG_IRQFLAGS is not set
|
||||
# CONFIG_STACKTRACE is not set
|
||||
CONFIG_STACKTRACE=y
|
||||
CONFIG_WARN_ALL_UNSEEDED_RANDOM=y
|
||||
# CONFIG_DEBUG_KOBJECT is not set
|
||||
|
||||
|
|
@ -5191,7 +5201,7 @@ CONFIG_WARN_ALL_UNSEEDED_RANDOM=y
|
|||
#
|
||||
CONFIG_DEBUG_LIST=y
|
||||
# CONFIG_DEBUG_PLIST is not set
|
||||
# CONFIG_DEBUG_SG is not set
|
||||
CONFIG_DEBUG_SG=y
|
||||
CONFIG_DEBUG_NOTIFIERS=y
|
||||
CONFIG_BUG_ON_DATA_CORRUPTION=y
|
||||
# CONFIG_DEBUG_MAPLE_TREE is not set
|
||||
|
|
@ -5257,9 +5267,8 @@ CONFIG_IO_DELAY_NONE=y
|
|||
# CONFIG_DEBUG_NMI_SELFTEST is not set
|
||||
# CONFIG_X86_DEBUG_FPU is not set
|
||||
# CONFIG_PUNIT_ATOM_DEBUG is not set
|
||||
# CONFIG_UNWINDER_ORC is not set
|
||||
CONFIG_UNWINDER_ORC=y
|
||||
# CONFIG_UNWINDER_FRAME_POINTER is not set
|
||||
CONFIG_UNWINDER_GUESS=y
|
||||
# end of x86 Debugging
|
||||
|
||||
#
|
||||
|
|
@ -5297,6 +5306,6 @@ CONFIG_GENTOO_LINUX_INIT_SYSTEMD=y
|
|||
# end of Support for init systems, system and service managers
|
||||
|
||||
CONFIG_GENTOO_KERNEL_SELF_PROTECTION=y
|
||||
# CONFIG_GENTOO_KERNEL_SELF_PROTECTION_COMMON is not set
|
||||
CONFIG_GENTOO_KERNEL_SELF_PROTECTION_COMMON=y
|
||||
CONFIG_GENTOO_PRINT_FIRMWARE_INFO=y
|
||||
# end of Gentoo Linux
|
||||
|
|
|
|||
Loading…
Reference in New Issue