summaryrefslogtreecommitdiff
path: root/sys-kernel/linux-image-redcore-lts/files
diff options
context:
space:
mode:
Diffstat (limited to 'sys-kernel/linux-image-redcore-lts/files')
-rw-r--r--sys-kernel/linux-image-redcore-lts/files/5.4-amd64.config23
1 files changed, 6 insertions, 17 deletions
diff --git a/sys-kernel/linux-image-redcore-lts/files/5.4-amd64.config b/sys-kernel/linux-image-redcore-lts/files/5.4-amd64.config
index c6a4ffd8..ae62098e 100644
--- a/sys-kernel/linux-image-redcore-lts/files/5.4-amd64.config
+++ b/sys-kernel/linux-image-redcore-lts/files/5.4-amd64.config
@@ -182,7 +182,7 @@ CONFIG_NAMESPACES=y
CONFIG_UTS_NS=y
CONFIG_IPC_NS=y
CONFIG_USER_NS=y
-# CONFIG_USER_NS_UNPRIVILEGED is not set
+CONFIG_USER_NS_UNPRIVILEGED=y
CONFIG_PID_NS=y
CONFIG_NET_NS=y
# CONFIG_CHECKPOINT_RESTORE is not set
@@ -812,9 +812,7 @@ CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y
CONFIG_PLUGIN_HOSTCC="g++"
CONFIG_HAVE_GCC_PLUGINS=y
-CONFIG_GCC_PLUGINS=y
-# CONFIG_GCC_PLUGIN_LATENT_ENTROPY is not set
-# CONFIG_GCC_PLUGIN_RANDSTRUCT is not set
+# CONFIG_GCC_PLUGINS is not set
# end of General architecture-dependent options
CONFIG_RT_MUTEXES=y
@@ -9250,20 +9248,11 @@ CONFIG_LSM="yama,loadpin,safesetid,integrity,apparmor"
#
# Kernel hardening options
#
-CONFIG_GCC_PLUGIN_STRUCTLEAK=y
#
# Memory initialization
#
-# CONFIG_INIT_STACK_NONE is not set
-# CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set
-# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set
-CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
-# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
-CONFIG_GCC_PLUGIN_STACKLEAK=y
-CONFIG_STACKLEAK_TRACK_MIN_SIZE=100
-# CONFIG_STACKLEAK_METRICS is not set
-CONFIG_STACKLEAK_RUNTIME_DISABLE=y
+CONFIG_INIT_STACK_NONE=y
CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y
CONFIG_INIT_ON_FREE_DEFAULT_ON=y
CONFIG_PAGE_SANITIZE_VERIFY=y
@@ -9275,11 +9264,11 @@ CONFIG_SLAB_SANITIZE_VERIFY=y
#
# Hardened Enhancements
#
-CONFIG_HARDENED_RANDOM=y
+# CONFIG_HARDENED_RANDOM is not set
# CONFIG_HARDENED_STEALTH_NETWORKING is not set
# CONFIG_HARDENED_NO_SIMULT_CONNECT is not set
-CONFIG_HARDENED_SYSFS_RESTRICT=y
-CONFIG_HARDENED_FIFO=y
+# CONFIG_HARDENED_SYSFS_RESTRICT is not set
+# CONFIG_HARDENED_FIFO is not set
# CONFIG_HARDENED_MODULE_LOAD is not set
# end of Hardened Enhancements