From fa38c091c0384520cd376a6419893206e82b6f54 Mon Sep 17 00:00:00 2001 From: Nils Freydank Date: Wed, 10 Mar 2021 15:28:07 +0100 Subject: [PATCH] centro: Bump to 5.11.5-gentoo, drop SHIFTFS, security suggestions --- centro-config | 117 +++++++++++++++++++++++++++++--------------------- 1 file changed, 67 insertions(+), 50 deletions(-) diff --git a/centro-config b/centro-config index 8895233..705a6b6 100644 --- a/centro-config +++ b/centro-config @@ -1,11 +1,11 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.10.16-gentoo Kernel Configuration +# Linux/x86 5.11.5-gentoo Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (Gentoo Hardened 10.2.0-r5 p6) 10.2.0" CONFIG_CC_IS_GCC=y CONFIG_GCC_VERSION=100200 -CONFIG_LD_VERSION=235010000 +CONFIG_LD_VERSION=235020000 CONFIG_CLANG_VERSION=0 CONFIG_LLD_VERSION=0 CONFIG_CC_CAN_LINK=y @@ -234,6 +234,7 @@ CONFIG_ARCH_WANT_DEFAULT_BPF_JIT=y CONFIG_BPF_JIT_DEFAULT_ON=y # CONFIG_USERFAULTFD is not set CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y +# CONFIG_KCMP is not set CONFIG_RSEQ=y # CONFIG_DEBUG_RSEQ is not set # CONFIG_EMBEDDED is not set @@ -254,10 +255,10 @@ CONFIG_SLUB_DEBUG=y # CONFIG_SLAB is not set CONFIG_SLUB=y # CONFIG_SLOB is not set -CONFIG_SLAB_MERGE_DEFAULT=y +# CONFIG_SLAB_MERGE_DEFAULT is not set CONFIG_SLAB_FREELIST_RANDOM=y CONFIG_SLAB_FREELIST_HARDENED=y -# CONFIG_SHUFFLE_PAGE_ALLOCATOR is not set +CONFIG_SHUFFLE_PAGE_ALLOCATOR=y CONFIG_SLUB_CPU_PARTIAL=y CONFIG_SYSTEM_DATA_VERIFICATION=y CONFIG_PROFILING=y @@ -291,7 +292,6 @@ CONFIG_ARCH_SUSPEND_POSSIBLE=y CONFIG_ARCH_WANT_GENERAL_HUGETLB=y CONFIG_ZONE_DMA32=y CONFIG_AUDIT_ARCH=y -CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y CONFIG_HAVE_INTEL_TXT=y CONFIG_X86_64_SMP=y CONFIG_ARCH_SUPPORTS_UPROBES=y @@ -420,6 +420,7 @@ CONFIG_X86_UMIP=y CONFIG_X86_INTEL_TSX_MODE_OFF=y # CONFIG_X86_INTEL_TSX_MODE_ON is not set # CONFIG_X86_INTEL_TSX_MODE_AUTO is not set +# CONFIG_X86_SGX is not set # CONFIG_EFI is not set # CONFIG_HZ_100 is not set # CONFIG_HZ_250 is not set @@ -564,7 +565,7 @@ CONFIG_ISA_DMA_API=y # Binary Emulations # CONFIG_IA32_EMULATION=y -CONFIG_X86_X32=y +# CONFIG_X86_X32 is not set CONFIG_COMPAT_32=y CONFIG_COMPAT=y CONFIG_COMPAT_FOR_U64_ALIGNMENT=y @@ -669,14 +670,17 @@ CONFIG_HAVE_ARCH_SECCOMP=y CONFIG_HAVE_ARCH_SECCOMP_FILTER=y CONFIG_SECCOMP=y CONFIG_SECCOMP_FILTER=y +# CONFIG_SECCOMP_CACHE_DEBUG is not set CONFIG_HAVE_ARCH_STACKLEAK=y CONFIG_HAVE_STACKPROTECTOR=y CONFIG_STACKPROTECTOR=y CONFIG_STACKPROTECTOR_STRONG=y CONFIG_HAVE_ARCH_WITHIN_STACK_FRAMES=y CONFIG_HAVE_CONTEXT_TRACKING=y +CONFIG_HAVE_CONTEXT_TRACKING_OFFSTACK=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y +CONFIG_HAVE_MOVE_PUD=y CONFIG_HAVE_MOVE_PMD=y CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD=y @@ -707,6 +711,7 @@ CONFIG_ARCH_HAS_MEM_ENCRYPT=y CONFIG_HAVE_STATIC_CALL=y CONFIG_HAVE_STATIC_CALL_INLINE=y CONFIG_ARCH_WANT_LD_ORPHAN_WARN=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y # # GCOV-based kernel profiling @@ -744,7 +749,8 @@ CONFIG_MODULE_SIG_HASH="sha512" # CONFIG_MODULE_COMPRESS is not set # CONFIG_MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS is not set # CONFIG_UNUSED_SYMBOLS is not set -# CONFIG_TRIM_UNUSED_KSYMS is not set +CONFIG_TRIM_UNUSED_KSYMS=y +CONFIG_UNUSED_KSYMS_WHITELIST="" CONFIG_MODULES_TREE_LOOKUP=y CONFIG_BLOCK=y CONFIG_BLK_SCSI_REQUEST=y @@ -823,7 +829,7 @@ CONFIG_COMPAT_BINFMT_ELF=y CONFIG_ELFCORE=y CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y CONFIG_BINFMT_SCRIPT=y -CONFIG_BINFMT_MISC=m +# CONFIG_BINFMT_MISC is not set CONFIG_COREDUMP=y # end of Executable file formats @@ -860,7 +866,10 @@ CONFIG_GENERIC_EARLY_IOREMAP=y CONFIG_IDLE_PAGE_TRACKING=y CONFIG_ARCH_HAS_PTE_DEVMAP=y # CONFIG_PERCPU_STATS is not set -# CONFIG_GUP_BENCHMARK is not set + +# +# GUP_TEST needs to have DEBUG_FS enabled +# CONFIG_ARCH_HAS_PTE_SPECIAL=y # end of Memory Management options @@ -1035,6 +1044,7 @@ CONFIG_NF_DUP_NETDEV=m CONFIG_NFT_DUP_NETDEV=m CONFIG_NFT_FWD_NETDEV=m CONFIG_NFT_FIB_NETDEV=m +# CONFIG_NFT_REJECT_NETDEV is not set CONFIG_NF_FLOW_TABLE_INET=m CONFIG_NF_FLOW_TABLE=m # CONFIG_NETFILTER_XTABLES is not set @@ -1097,6 +1107,7 @@ CONFIG_BRIDGE=m CONFIG_BRIDGE_IGMP_SNOOPING=y # CONFIG_BRIDGE_VLAN_FILTERING is not set # CONFIG_BRIDGE_MRP is not set +# CONFIG_BRIDGE_CFM is not set CONFIG_HAVE_NET_DSA=y # CONFIG_NET_DSA is not set CONFIG_VLAN_8021Q=m @@ -1184,6 +1195,8 @@ CONFIG_NET_CLS_ACT=y # CONFIG_NET_ACT_MPLS is not set # CONFIG_NET_ACT_VLAN is not set # CONFIG_NET_ACT_BPF is not set +# CONFIG_NET_ACT_CONNMARK is not set +# CONFIG_NET_ACT_CTINFO is not set # CONFIG_NET_ACT_SKBMOD is not set # CONFIG_NET_ACT_IFE is not set # CONFIG_NET_ACT_TUNNEL_KEY is not set @@ -1227,7 +1240,6 @@ CONFIG_NET_FLOW_LIMIT=y # CONFIG_AF_RXRPC is not set # CONFIG_AF_KCM is not set # CONFIG_WIRELESS is not set -# CONFIG_WIMAX is not set # CONFIG_RFKILL is not set # CONFIG_NET_9P is not set # CONFIG_CAIF is not set @@ -1739,10 +1751,6 @@ CONFIG_E1000E_HWTS=y # Host-side USB support is needed for USB Network Adapter support # # CONFIG_WLAN is not set - -# -# Enable WiMAX (Networking options) to see the WiMAX drivers -# # CONFIG_WAN is not set # CONFIG_VMXNET3 is not set # CONFIG_FUJITSU_ES is not set @@ -1755,7 +1763,6 @@ CONFIG_NET_FAILOVER=m # CONFIG_INPUT=y CONFIG_INPUT_FF_MEMLESS=y -CONFIG_INPUT_POLLDEV=y # CONFIG_INPUT_SPARSEKMAP is not set # CONFIG_INPUT_MATRIXKMAP is not set @@ -1867,6 +1874,7 @@ CONFIG_SERIAL_CORE_CONSOLE=y # CONFIG_SERIAL_LANTIQ is not set # CONFIG_SERIAL_SCCNXP is not set # CONFIG_SERIAL_SC16IS7XX is not set +# CONFIG_SERIAL_BCM63XX is not set # CONFIG_SERIAL_ALTERA_JTAGUART is not set # CONFIG_SERIAL_ALTERA_UART is not set # CONFIG_SERIAL_ARC is not set @@ -1885,23 +1893,17 @@ CONFIG_SERIAL_CORE_CONSOLE=y # CONFIG_TTY_PRINTK is not set # CONFIG_VIRTIO_CONSOLE is not set # CONFIG_IPMI_HANDLER is not set -CONFIG_HW_RANDOM=y -# CONFIG_HW_RANDOM_TIMERIOMEM is not set -# CONFIG_HW_RANDOM_INTEL is not set -# CONFIG_HW_RANDOM_AMD is not set -# CONFIG_HW_RANDOM_BA431 is not set -CONFIG_HW_RANDOM_VIA=y -# CONFIG_HW_RANDOM_VIRTIO is not set -# CONFIG_HW_RANDOM_XIPHERA is not set +# CONFIG_HW_RANDOM is not set # CONFIG_APPLICOM is not set # CONFIG_MWAVE is not set -CONFIG_DEVMEM=y -CONFIG_DEVKMEM=y -CONFIG_NVRAM=y +# CONFIG_DEVMEM is not set +# CONFIG_DEVKMEM is not set +# CONFIG_NVRAM is not set # CONFIG_RAW_DRIVER is not set -CONFIG_DEVPORT=y +# CONFIG_DEVPORT is not set CONFIG_HPET=y -# CONFIG_HPET_MMAP is not set +CONFIG_HPET_MMAP=y +CONFIG_HPET_MMAP_DEFAULT=y # CONFIG_HANGCHECK_TIMER is not set # CONFIG_TCG_TPM is not set # CONFIG_TELCLOCK is not set @@ -2082,6 +2084,7 @@ CONFIG_BCMA_POSSIBLE=y # CONFIG_LPC_SCH is not set # CONFIG_MFD_INTEL_LPSS_ACPI is not set # CONFIG_MFD_INTEL_LPSS_PCI is not set +# CONFIG_MFD_INTEL_PMT is not set # CONFIG_MFD_IQS62X is not set # CONFIG_MFD_JANZ_CMODIO is not set # CONFIG_MFD_KEMPLD is not set @@ -2322,6 +2325,12 @@ CONFIG_HID_TOPSEED=y # # CONFIG_INTEL_ISH_HID is not set # end of Intel ISH HID support + +# +# AMD SFH HID Support +# +# CONFIG_AMD_SFH_HID is not set +# end of AMD SFH HID Support # end of HID support CONFIG_USB_OHCI_LITTLE_ENDIAN=y @@ -2346,6 +2355,7 @@ CONFIG_EDAC_LEGACY_SYSFS=y # CONFIG_EDAC_I5000 is not set # CONFIG_EDAC_I5100 is not set # CONFIG_EDAC_I7300 is not set +# CONFIG_EDAC_IGEN6 is not set CONFIG_RTC_LIB=y CONFIG_RTC_MC146818_LIB=y CONFIG_RTC_CLASS=y @@ -2407,6 +2417,7 @@ CONFIG_RTC_I2C_AND_SPI=y # CONFIG_RTC_DRV_DS3232 is not set # CONFIG_RTC_DRV_PCF2127 is not set # CONFIG_RTC_DRV_RV3029C2 is not set +# CONFIG_RTC_DRV_RX6110 is not set # # Platform RTC drivers @@ -2506,6 +2517,10 @@ CONFIG_VHOST_NET=m CONFIG_PMC_ATOM=y # CONFIG_CHROME_PLATFORMS is not set # CONFIG_MELLANOX_PLATFORM is not set +CONFIG_SURFACE_PLATFORMS=y +# CONFIG_SURFACE_3_POWER_OPREGION is not set +# CONFIG_SURFACE_GPE is not set +# CONFIG_SURFACE_PRO3_BUTTON is not set CONFIG_HAVE_CLK=y CONFIG_CLKDEV_LOOKUP=y CONFIG_HAVE_CLK_PREPARE=y @@ -2574,11 +2589,6 @@ CONFIG_IRQ_REMAP=y # # end of Amlogic SoC drivers -# -# Aspeed SoC drivers -# -# end of Aspeed SoC drivers - # # Broadcom SoC drivers # @@ -2594,6 +2604,11 @@ CONFIG_IRQ_REMAP=y # # end of i.MX SoC drivers +# +# Enable LiteX SoC Builder specific drivers +# +# end of Enable LiteX SoC Builder specific drivers + # # Qualcomm SoC drivers # @@ -2731,8 +2746,6 @@ CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW=y CONFIG_OVERLAY_FS_INDEX=y CONFIG_OVERLAY_FS_XINO_AUTO=y CONFIG_OVERLAY_FS_METACOPY=y -CONFIG_SHIFT_FS=m -CONFIG_SHIFT_FS_POSIX_ACL=y # # Caches @@ -2856,6 +2869,7 @@ CONFIG_CIFS_DEBUG=y # CONFIG_CIFS_DEBUG2 is not set # CONFIG_CIFS_DEBUG_DUMP_KEYS is not set # CONFIG_CIFS_DFS_UPCALL is not set +# CONFIG_CIFS_SWN_UPCALL is not set # CONFIG_CODA_FS is not set # CONFIG_AFS_FS is not set CONFIG_NLS=y @@ -2931,7 +2945,7 @@ CONFIG_PAGE_TABLE_ISOLATION=y # CONFIG_INTEL_TXT is not set CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y CONFIG_HARDENED_USERCOPY=y -CONFIG_HARDENED_USERCOPY_FALLBACK=y +# CONFIG_HARDENED_USERCOPY_FALLBACK is not set # CONFIG_HARDENED_USERCOPY_PAGESPAN is not set CONFIG_FORTIFY_SOURCE=y # CONFIG_STATIC_USERMODEHELPER is not set @@ -3180,6 +3194,7 @@ CONFIG_CRYPTO_HW=y # CONFIG_CRYPTO_DEV_QAT_DH895xCC is not set # CONFIG_CRYPTO_DEV_QAT_C3XXX is not set # CONFIG_CRYPTO_DEV_QAT_C62X is not set +# CONFIG_CRYPTO_DEV_QAT_4XXX is not set # CONFIG_CRYPTO_DEV_QAT_DH895xCCVF is not set # CONFIG_CRYPTO_DEV_QAT_C3XXXVF is not set # CONFIG_CRYPTO_DEV_QAT_C62XVF is not set @@ -3317,7 +3332,6 @@ CONFIG_DEBUG_BUGVERBOSE=y # Compile-time checks and compiler options # # CONFIG_DEBUG_INFO is not set -CONFIG_ENABLE_MUST_CHECK=y CONFIG_FRAME_WARN=2048 CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set @@ -3353,26 +3367,28 @@ CONFIG_DEBUG_MISC=y # CONFIG_PAGE_EXTENSION is not set # CONFIG_DEBUG_PAGEALLOC is not set # CONFIG_PAGE_OWNER is not set -# CONFIG_PAGE_POISONING is not set -# CONFIG_DEBUG_RODATA_TEST is not set +CONFIG_PAGE_POISONING=y +CONFIG_DEBUG_RODATA_TEST=y CONFIG_ARCH_HAS_DEBUG_WX=y CONFIG_DEBUG_WX=y CONFIG_GENERIC_PTDUMP=y CONFIG_PTDUMP_CORE=y # CONFIG_DEBUG_OBJECTS is not set -# CONFIG_SLUB_DEBUG_ON is not set +CONFIG_SLUB_DEBUG_ON=y # CONFIG_SLUB_STATS is not set CONFIG_HAVE_DEBUG_KMEMLEAK=y # CONFIG_DEBUG_KMEMLEAK is not set CONFIG_DEBUG_STACK_USAGE=y -# CONFIG_SCHED_STACK_END_CHECK is not set +CONFIG_SCHED_STACK_END_CHECK=y CONFIG_ARCH_HAS_DEBUG_VM_PGTABLE=y # CONFIG_DEBUG_VM is not set # CONFIG_DEBUG_VM_PGTABLE is not set CONFIG_ARCH_HAS_DEBUG_VIRTUAL=y -# CONFIG_DEBUG_VIRTUAL is not set -# CONFIG_DEBUG_MEMORY_INIT is not set +CONFIG_DEBUG_VIRTUAL=y +CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_DEBUG_PER_CPU_MAPS is not set +CONFIG_ARCH_SUPPORTS_KMAP_LOCAL_FORCE_MAP=y +# CONFIG_DEBUG_KMAP_LOCAL_FORCE_MAP is not set CONFIG_HAVE_ARCH_KASAN=y CONFIG_HAVE_ARCH_KASAN_VMALLOC=y CONFIG_CC_HAS_KASAN_GENERIC=y @@ -3434,14 +3450,14 @@ CONFIG_LOCK_DEBUGGING_SUPPORT=y # # Debug kernel data structures # -# CONFIG_DEBUG_LIST is not set +CONFIG_DEBUG_LIST=y # CONFIG_DEBUG_PLIST is not set -# CONFIG_DEBUG_SG is not set -# CONFIG_DEBUG_NOTIFIERS is not set -# CONFIG_BUG_ON_DATA_CORRUPTION is not set +CONFIG_DEBUG_SG=y +CONFIG_DEBUG_NOTIFIERS=y +CONFIG_BUG_ON_DATA_CORRUPTION=y # end of Debug kernel data structures -# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_DEBUG_CREDENTIALS=y # # RCU Debugging @@ -3464,6 +3480,7 @@ CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y CONFIG_HAVE_DYNAMIC_FTRACE=y CONFIG_HAVE_DYNAMIC_FTRACE_WITH_REGS=y CONFIG_HAVE_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=y +CONFIG_HAVE_DYNAMIC_FTRACE_WITH_ARGS=y CONFIG_HAVE_FTRACE_MCOUNT_RECORD=y CONFIG_HAVE_SYSCALL_TRACEPOINTS=y CONFIG_HAVE_FENTRY=y @@ -3473,8 +3490,7 @@ CONFIG_TRACING_SUPPORT=y # CONFIG_PROVIDE_OHCI1394_DMA_INIT is not set # CONFIG_SAMPLES is not set CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y -CONFIG_STRICT_DEVMEM=y -CONFIG_IO_STRICT_DEVMEM=y +# CONFIG_STRICT_DEVMEM is not set # # x86 Debugging @@ -3546,6 +3562,7 @@ CONFIG_RUNTIME_TESTING_MENU=y # CONFIG_TEST_UDELAY is not set # CONFIG_TEST_STATIC_KEYS is not set # CONFIG_TEST_KMOD is not set +# CONFIG_TEST_DEBUG_VIRTUAL is not set # CONFIG_TEST_MEMCAT_P is not set # CONFIG_TEST_STACKINIT is not set # CONFIG_TEST_MEMINIT is not set