1
0
Fork 0

desktop. 5.18.14 oldconfig. Some hardening against vulnerabilities.

This commit is contained in:
Alexey Skobkin 2022-08-02 18:14:44 +03:00
parent f8c458b4e3
commit 7f8d26419c
No known key found for this signature in database
GPG key ID: 5D5CEF6F221278E7

View file

@ -1,10 +1,10 @@
# #
# Automatically generated file; DO NOT EDIT. # Automatically generated file; DO NOT EDIT.
# Linux/x86 5.18.0-gentoo Kernel Configuration # Linux/x86 5.18.14-gentoo Kernel Configuration
# #
CONFIG_CC_VERSION_TEXT="gcc (Gentoo 11.3.0 p4) 11.3.0" CONFIG_CC_VERSION_TEXT="gcc (Gentoo 12.1.1_p20220625 p8) 12.1.1 20220625"
CONFIG_CC_IS_GCC=y CONFIG_CC_IS_GCC=y
CONFIG_GCC_VERSION=110300 CONFIG_GCC_VERSION=120101
CONFIG_CLANG_VERSION=0 CONFIG_CLANG_VERSION=0
CONFIG_AS_IS_GNU=y CONFIG_AS_IS_GNU=y
CONFIG_AS_VERSION=23800 CONFIG_AS_VERSION=23800
@ -15,6 +15,7 @@ CONFIG_CC_CAN_LINK=y
CONFIG_CC_CAN_LINK_STATIC=y CONFIG_CC_CAN_LINK_STATIC=y
CONFIG_CC_HAS_ASM_GOTO=y CONFIG_CC_HAS_ASM_GOTO=y
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
CONFIG_CC_HAS_ASM_GOTO_TIED_OUTPUT=y
CONFIG_CC_HAS_ASM_INLINE=y CONFIG_CC_HAS_ASM_INLINE=y
CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y
CONFIG_PAHOLE_VERSION=0 CONFIG_PAHOLE_VERSION=0
@ -169,12 +170,15 @@ CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
# Scheduler features # Scheduler features
# #
# CONFIG_UCLAMP_TASK is not set # CONFIG_UCLAMP_TASK is not set
# CONFIG_SCHED_ALT is not set
# end of Scheduler features # end of Scheduler features
CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y
CONFIG_CC_HAS_INT128=y CONFIG_CC_HAS_INT128=y
CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5" CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5"
CONFIG_GCC12_NO_ARRAY_BOUNDS=y
CONFIG_CC_NO_ARRAY_BOUNDS=y
CONFIG_ARCH_SUPPORTS_INT128=y CONFIG_ARCH_SUPPORTS_INT128=y
CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING=y
CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
@ -327,9 +331,6 @@ CONFIG_X86_FEATURE_NAMES=y
# CONFIG_X86_X2APIC is not set # CONFIG_X86_X2APIC is not set
# CONFIG_X86_MPPARSE is not set # CONFIG_X86_MPPARSE is not set
# CONFIG_GOLDFISH is not set # CONFIG_GOLDFISH is not set
CONFIG_RETPOLINE=y
CONFIG_CC_HAS_SLS=y
# CONFIG_SLS is not set
CONFIG_X86_CPU_RESCTRL=y CONFIG_X86_CPU_RESCTRL=y
# CONFIG_X86_EXTENDED_PLATFORM is not set # CONFIG_X86_EXTENDED_PLATFORM is not set
# CONFIG_X86_INTEL_LPSS is not set # CONFIG_X86_INTEL_LPSS is not set
@ -422,7 +423,7 @@ CONFIG_X86_MCE_THRESHOLD=y
# Performance monitoring # Performance monitoring
# #
CONFIG_PERF_EVENTS_INTEL_UNCORE=m CONFIG_PERF_EVENTS_INTEL_UNCORE=m
# CONFIG_PERF_EVENTS_INTEL_RAPL is not set CONFIG_PERF_EVENTS_INTEL_RAPL=m
CONFIG_PERF_EVENTS_INTEL_CSTATE=m CONFIG_PERF_EVENTS_INTEL_CSTATE=m
CONFIG_PERF_EVENTS_AMD_POWER=m CONFIG_PERF_EVENTS_AMD_POWER=m
CONFIG_PERF_EVENTS_AMD_UNCORE=m CONFIG_PERF_EVENTS_AMD_UNCORE=m
@ -433,7 +434,7 @@ CONFIG_X86_VSYSCALL_EMULATION=y
CONFIG_MICROCODE=y CONFIG_MICROCODE=y
CONFIG_MICROCODE_INTEL=y CONFIG_MICROCODE_INTEL=y
CONFIG_MICROCODE_AMD=y CONFIG_MICROCODE_AMD=y
CONFIG_MICROCODE_OLD_INTERFACE=y # CONFIG_MICROCODE_OLD_INTERFACE is not set
CONFIG_X86_MSR=y CONFIG_X86_MSR=y
CONFIG_X86_CPUID=y CONFIG_X86_CPUID=y
# CONFIG_X86_5LEVEL is not set # CONFIG_X86_5LEVEL is not set
@ -505,6 +506,15 @@ CONFIG_LEGACY_VSYSCALL_NONE=y
CONFIG_HAVE_LIVEPATCH=y CONFIG_HAVE_LIVEPATCH=y
# end of Processor type and features # end of Processor type and features
CONFIG_CC_HAS_SLS=y
CONFIG_CC_HAS_RETURN_THUNK=y
CONFIG_SPECULATION_MITIGATIONS=y
CONFIG_PAGE_TABLE_ISOLATION=y
CONFIG_RETPOLINE=y
# CONFIG_RETHUNK is not set
CONFIG_CPU_IBPB_ENTRY=y
CONFIG_CPU_IBRS_ENTRY=y
CONFIG_SLS=y
CONFIG_ARCH_HAS_ADD_PAGES=y CONFIG_ARCH_HAS_ADD_PAGES=y
CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y
@ -1918,6 +1928,7 @@ CONFIG_UEFI_CPER=y
CONFIG_UEFI_CPER_X86=y CONFIG_UEFI_CPER_X86=y
CONFIG_EFI_DEV_PATH_PARSER=y CONFIG_EFI_DEV_PATH_PARSER=y
CONFIG_EFI_CUSTOM_SSDT_OVERLAYS=y CONFIG_EFI_CUSTOM_SSDT_OVERLAYS=y
# CONFIG_EFI_DISABLE_RUNTIME is not set
# #
# Tegra firmware driver # Tegra firmware driver
@ -2687,7 +2698,7 @@ CONFIG_TCG_TIS_ST33ZP24_I2C=m
# CONFIG_TELCLOCK is not set # CONFIG_TELCLOCK is not set
# CONFIG_XILLYBUS is not set # CONFIG_XILLYBUS is not set
# CONFIG_XILLYUSB is not set # CONFIG_XILLYUSB is not set
# CONFIG_RANDOM_TRUST_CPU is not set CONFIG_RANDOM_TRUST_CPU=y
# CONFIG_RANDOM_TRUST_BOOTLOADER is not set # CONFIG_RANDOM_TRUST_BOOTLOADER is not set
# end of Character devices # end of Character devices
@ -5705,7 +5716,6 @@ CONFIG_KEY_DH_OPERATIONS=y
CONFIG_SECURITY=y CONFIG_SECURITY=y
CONFIG_SECURITYFS=y CONFIG_SECURITYFS=y
CONFIG_SECURITY_NETWORK=y CONFIG_SECURITY_NETWORK=y
# CONFIG_PAGE_TABLE_ISOLATION is not set
# CONFIG_SECURITY_NETWORK_XFRM is not set # CONFIG_SECURITY_NETWORK_XFRM is not set
# CONFIG_SECURITY_PATH is not set # CONFIG_SECURITY_PATH is not set
# CONFIG_INTEL_TXT is not set # CONFIG_INTEL_TXT is not set
@ -5734,16 +5744,15 @@ CONFIG_LSM="yama,loadpin,safesetid,integrity"
# #
# Kernel hardening options # Kernel hardening options
# #
CONFIG_GCC_PLUGIN_STRUCTLEAK=y
# #
# Memory initialization # Memory initialization
# #
CONFIG_CC_HAS_AUTO_VAR_INIT_PATTERN=y
CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO=y
# CONFIG_INIT_STACK_NONE is not set # CONFIG_INIT_STACK_NONE is not set
# CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set # CONFIG_INIT_STACK_ALL_PATTERN is not set
# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set CONFIG_INIT_STACK_ALL_ZERO=y
CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
# CONFIG_GCC_PLUGIN_STACKLEAK is not set # CONFIG_GCC_PLUGIN_STACKLEAK is not set
# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set # CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set
# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set # CONFIG_INIT_ON_FREE_DEFAULT_ON is not set
@ -5792,7 +5801,6 @@ CONFIG_CRYPTO_CRYPTD=y
CONFIG_CRYPTO_AUTHENC=y CONFIG_CRYPTO_AUTHENC=y
# CONFIG_CRYPTO_TEST is not set # CONFIG_CRYPTO_TEST is not set
CONFIG_CRYPTO_SIMD=y CONFIG_CRYPTO_SIMD=y
CONFIG_CRYPTO_ENGINE=m
# #
# Public-key cryptography # Public-key cryptography
@ -5813,7 +5821,7 @@ CONFIG_CRYPTO_CURVE25519_X86=m
# #
CONFIG_CRYPTO_CCM=y CONFIG_CRYPTO_CCM=y
CONFIG_CRYPTO_GCM=y CONFIG_CRYPTO_GCM=y
# CONFIG_CRYPTO_CHACHA20POLY1305 is not set CONFIG_CRYPTO_CHACHA20POLY1305=m
CONFIG_CRYPTO_AEGIS128=m CONFIG_CRYPTO_AEGIS128=m
CONFIG_CRYPTO_AEGIS128_AESNI_SSE2=m CONFIG_CRYPTO_AEGIS128_AESNI_SSE2=m
CONFIG_CRYPTO_SEQIV=y CONFIG_CRYPTO_SEQIV=y
@ -5968,7 +5976,7 @@ CONFIG_CRYPTO_DEV_CCP_CRYPTO=m
# CONFIG_CRYPTO_DEV_QAT_C3XXXVF is not set # CONFIG_CRYPTO_DEV_QAT_C3XXXVF is not set
# CONFIG_CRYPTO_DEV_QAT_C62XVF is not set # CONFIG_CRYPTO_DEV_QAT_C62XVF is not set
# CONFIG_CRYPTO_DEV_NITROX_CNN55XX is not set # CONFIG_CRYPTO_DEV_NITROX_CNN55XX is not set
CONFIG_CRYPTO_DEV_VIRTIO=m # CONFIG_CRYPTO_DEV_VIRTIO is not set
# CONFIG_CRYPTO_DEV_SAFEXCEL is not set # CONFIG_CRYPTO_DEV_SAFEXCEL is not set
# CONFIG_CRYPTO_DEV_CCREE is not set # CONFIG_CRYPTO_DEV_CCREE is not set
# CONFIG_CRYPTO_DEV_AMLOGIC_GXL is not set # CONFIG_CRYPTO_DEV_AMLOGIC_GXL is not set
@ -6033,6 +6041,7 @@ CONFIG_CRYPTO_LIB_CHACHA20POLY1305=m
CONFIG_CRYPTO_LIB_SHA256=y CONFIG_CRYPTO_LIB_SHA256=y
# end of Crypto library routines # end of Crypto library routines
CONFIG_LIB_MEMNEQ=y
CONFIG_CRC_CCITT=y CONFIG_CRC_CCITT=y
CONFIG_CRC16=y CONFIG_CRC16=y
# CONFIG_CRC_T10DIF is not set # CONFIG_CRC_T10DIF is not set