desktop. 5.18.14 oldconfig. Some hardening against vulnerabilities.
This commit is contained in:
parent
f8c458b4e3
commit
7f8d26419c
|
@ -1,10 +1,10 @@
|
||||||
#
|
#
|
||||||
# Automatically generated file; DO NOT EDIT.
|
# Automatically generated file; DO NOT EDIT.
|
||||||
# Linux/x86 5.18.0-gentoo Kernel Configuration
|
# Linux/x86 5.18.14-gentoo Kernel Configuration
|
||||||
#
|
#
|
||||||
CONFIG_CC_VERSION_TEXT="gcc (Gentoo 11.3.0 p4) 11.3.0"
|
CONFIG_CC_VERSION_TEXT="gcc (Gentoo 12.1.1_p20220625 p8) 12.1.1 20220625"
|
||||||
CONFIG_CC_IS_GCC=y
|
CONFIG_CC_IS_GCC=y
|
||||||
CONFIG_GCC_VERSION=110300
|
CONFIG_GCC_VERSION=120101
|
||||||
CONFIG_CLANG_VERSION=0
|
CONFIG_CLANG_VERSION=0
|
||||||
CONFIG_AS_IS_GNU=y
|
CONFIG_AS_IS_GNU=y
|
||||||
CONFIG_AS_VERSION=23800
|
CONFIG_AS_VERSION=23800
|
||||||
|
@ -15,6 +15,7 @@ CONFIG_CC_CAN_LINK=y
|
||||||
CONFIG_CC_CAN_LINK_STATIC=y
|
CONFIG_CC_CAN_LINK_STATIC=y
|
||||||
CONFIG_CC_HAS_ASM_GOTO=y
|
CONFIG_CC_HAS_ASM_GOTO=y
|
||||||
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
|
CONFIG_CC_HAS_ASM_GOTO_OUTPUT=y
|
||||||
|
CONFIG_CC_HAS_ASM_GOTO_TIED_OUTPUT=y
|
||||||
CONFIG_CC_HAS_ASM_INLINE=y
|
CONFIG_CC_HAS_ASM_INLINE=y
|
||||||
CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y
|
CONFIG_CC_HAS_NO_PROFILE_FN_ATTR=y
|
||||||
CONFIG_PAHOLE_VERSION=0
|
CONFIG_PAHOLE_VERSION=0
|
||||||
|
@ -169,12 +170,15 @@ CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
|
||||||
# Scheduler features
|
# Scheduler features
|
||||||
#
|
#
|
||||||
# CONFIG_UCLAMP_TASK is not set
|
# CONFIG_UCLAMP_TASK is not set
|
||||||
|
# CONFIG_SCHED_ALT is not set
|
||||||
# end of Scheduler features
|
# end of Scheduler features
|
||||||
|
|
||||||
CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
|
CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y
|
||||||
CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y
|
CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y
|
||||||
CONFIG_CC_HAS_INT128=y
|
CONFIG_CC_HAS_INT128=y
|
||||||
CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5"
|
CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5"
|
||||||
|
CONFIG_GCC12_NO_ARRAY_BOUNDS=y
|
||||||
|
CONFIG_CC_NO_ARRAY_BOUNDS=y
|
||||||
CONFIG_ARCH_SUPPORTS_INT128=y
|
CONFIG_ARCH_SUPPORTS_INT128=y
|
||||||
CONFIG_NUMA_BALANCING=y
|
CONFIG_NUMA_BALANCING=y
|
||||||
CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
|
CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y
|
||||||
|
@ -327,9 +331,6 @@ CONFIG_X86_FEATURE_NAMES=y
|
||||||
# CONFIG_X86_X2APIC is not set
|
# CONFIG_X86_X2APIC is not set
|
||||||
# CONFIG_X86_MPPARSE is not set
|
# CONFIG_X86_MPPARSE is not set
|
||||||
# CONFIG_GOLDFISH is not set
|
# CONFIG_GOLDFISH is not set
|
||||||
CONFIG_RETPOLINE=y
|
|
||||||
CONFIG_CC_HAS_SLS=y
|
|
||||||
# CONFIG_SLS is not set
|
|
||||||
CONFIG_X86_CPU_RESCTRL=y
|
CONFIG_X86_CPU_RESCTRL=y
|
||||||
# CONFIG_X86_EXTENDED_PLATFORM is not set
|
# CONFIG_X86_EXTENDED_PLATFORM is not set
|
||||||
# CONFIG_X86_INTEL_LPSS is not set
|
# CONFIG_X86_INTEL_LPSS is not set
|
||||||
|
@ -422,7 +423,7 @@ CONFIG_X86_MCE_THRESHOLD=y
|
||||||
# Performance monitoring
|
# Performance monitoring
|
||||||
#
|
#
|
||||||
CONFIG_PERF_EVENTS_INTEL_UNCORE=m
|
CONFIG_PERF_EVENTS_INTEL_UNCORE=m
|
||||||
# CONFIG_PERF_EVENTS_INTEL_RAPL is not set
|
CONFIG_PERF_EVENTS_INTEL_RAPL=m
|
||||||
CONFIG_PERF_EVENTS_INTEL_CSTATE=m
|
CONFIG_PERF_EVENTS_INTEL_CSTATE=m
|
||||||
CONFIG_PERF_EVENTS_AMD_POWER=m
|
CONFIG_PERF_EVENTS_AMD_POWER=m
|
||||||
CONFIG_PERF_EVENTS_AMD_UNCORE=m
|
CONFIG_PERF_EVENTS_AMD_UNCORE=m
|
||||||
|
@ -433,7 +434,7 @@ CONFIG_X86_VSYSCALL_EMULATION=y
|
||||||
CONFIG_MICROCODE=y
|
CONFIG_MICROCODE=y
|
||||||
CONFIG_MICROCODE_INTEL=y
|
CONFIG_MICROCODE_INTEL=y
|
||||||
CONFIG_MICROCODE_AMD=y
|
CONFIG_MICROCODE_AMD=y
|
||||||
CONFIG_MICROCODE_OLD_INTERFACE=y
|
# CONFIG_MICROCODE_OLD_INTERFACE is not set
|
||||||
CONFIG_X86_MSR=y
|
CONFIG_X86_MSR=y
|
||||||
CONFIG_X86_CPUID=y
|
CONFIG_X86_CPUID=y
|
||||||
# CONFIG_X86_5LEVEL is not set
|
# CONFIG_X86_5LEVEL is not set
|
||||||
|
@ -505,6 +506,15 @@ CONFIG_LEGACY_VSYSCALL_NONE=y
|
||||||
CONFIG_HAVE_LIVEPATCH=y
|
CONFIG_HAVE_LIVEPATCH=y
|
||||||
# end of Processor type and features
|
# end of Processor type and features
|
||||||
|
|
||||||
|
CONFIG_CC_HAS_SLS=y
|
||||||
|
CONFIG_CC_HAS_RETURN_THUNK=y
|
||||||
|
CONFIG_SPECULATION_MITIGATIONS=y
|
||||||
|
CONFIG_PAGE_TABLE_ISOLATION=y
|
||||||
|
CONFIG_RETPOLINE=y
|
||||||
|
# CONFIG_RETHUNK is not set
|
||||||
|
CONFIG_CPU_IBPB_ENTRY=y
|
||||||
|
CONFIG_CPU_IBRS_ENTRY=y
|
||||||
|
CONFIG_SLS=y
|
||||||
CONFIG_ARCH_HAS_ADD_PAGES=y
|
CONFIG_ARCH_HAS_ADD_PAGES=y
|
||||||
CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y
|
CONFIG_ARCH_MHP_MEMMAP_ON_MEMORY_ENABLE=y
|
||||||
|
|
||||||
|
@ -1918,6 +1928,7 @@ CONFIG_UEFI_CPER=y
|
||||||
CONFIG_UEFI_CPER_X86=y
|
CONFIG_UEFI_CPER_X86=y
|
||||||
CONFIG_EFI_DEV_PATH_PARSER=y
|
CONFIG_EFI_DEV_PATH_PARSER=y
|
||||||
CONFIG_EFI_CUSTOM_SSDT_OVERLAYS=y
|
CONFIG_EFI_CUSTOM_SSDT_OVERLAYS=y
|
||||||
|
# CONFIG_EFI_DISABLE_RUNTIME is not set
|
||||||
|
|
||||||
#
|
#
|
||||||
# Tegra firmware driver
|
# Tegra firmware driver
|
||||||
|
@ -2687,7 +2698,7 @@ CONFIG_TCG_TIS_ST33ZP24_I2C=m
|
||||||
# CONFIG_TELCLOCK is not set
|
# CONFIG_TELCLOCK is not set
|
||||||
# CONFIG_XILLYBUS is not set
|
# CONFIG_XILLYBUS is not set
|
||||||
# CONFIG_XILLYUSB is not set
|
# CONFIG_XILLYUSB is not set
|
||||||
# CONFIG_RANDOM_TRUST_CPU is not set
|
CONFIG_RANDOM_TRUST_CPU=y
|
||||||
# CONFIG_RANDOM_TRUST_BOOTLOADER is not set
|
# CONFIG_RANDOM_TRUST_BOOTLOADER is not set
|
||||||
# end of Character devices
|
# end of Character devices
|
||||||
|
|
||||||
|
@ -5705,7 +5716,6 @@ CONFIG_KEY_DH_OPERATIONS=y
|
||||||
CONFIG_SECURITY=y
|
CONFIG_SECURITY=y
|
||||||
CONFIG_SECURITYFS=y
|
CONFIG_SECURITYFS=y
|
||||||
CONFIG_SECURITY_NETWORK=y
|
CONFIG_SECURITY_NETWORK=y
|
||||||
# CONFIG_PAGE_TABLE_ISOLATION is not set
|
|
||||||
# CONFIG_SECURITY_NETWORK_XFRM is not set
|
# CONFIG_SECURITY_NETWORK_XFRM is not set
|
||||||
# CONFIG_SECURITY_PATH is not set
|
# CONFIG_SECURITY_PATH is not set
|
||||||
# CONFIG_INTEL_TXT is not set
|
# CONFIG_INTEL_TXT is not set
|
||||||
|
@ -5734,16 +5744,15 @@ CONFIG_LSM="yama,loadpin,safesetid,integrity"
|
||||||
#
|
#
|
||||||
# Kernel hardening options
|
# Kernel hardening options
|
||||||
#
|
#
|
||||||
CONFIG_GCC_PLUGIN_STRUCTLEAK=y
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Memory initialization
|
# Memory initialization
|
||||||
#
|
#
|
||||||
|
CONFIG_CC_HAS_AUTO_VAR_INIT_PATTERN=y
|
||||||
|
CONFIG_CC_HAS_AUTO_VAR_INIT_ZERO=y
|
||||||
# CONFIG_INIT_STACK_NONE is not set
|
# CONFIG_INIT_STACK_NONE is not set
|
||||||
# CONFIG_GCC_PLUGIN_STRUCTLEAK_USER is not set
|
# CONFIG_INIT_STACK_ALL_PATTERN is not set
|
||||||
# CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set
|
CONFIG_INIT_STACK_ALL_ZERO=y
|
||||||
CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
|
|
||||||
# CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
|
|
||||||
# CONFIG_GCC_PLUGIN_STACKLEAK is not set
|
# CONFIG_GCC_PLUGIN_STACKLEAK is not set
|
||||||
# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set
|
# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set
|
||||||
# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set
|
# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set
|
||||||
|
@ -5792,7 +5801,6 @@ CONFIG_CRYPTO_CRYPTD=y
|
||||||
CONFIG_CRYPTO_AUTHENC=y
|
CONFIG_CRYPTO_AUTHENC=y
|
||||||
# CONFIG_CRYPTO_TEST is not set
|
# CONFIG_CRYPTO_TEST is not set
|
||||||
CONFIG_CRYPTO_SIMD=y
|
CONFIG_CRYPTO_SIMD=y
|
||||||
CONFIG_CRYPTO_ENGINE=m
|
|
||||||
|
|
||||||
#
|
#
|
||||||
# Public-key cryptography
|
# Public-key cryptography
|
||||||
|
@ -5813,7 +5821,7 @@ CONFIG_CRYPTO_CURVE25519_X86=m
|
||||||
#
|
#
|
||||||
CONFIG_CRYPTO_CCM=y
|
CONFIG_CRYPTO_CCM=y
|
||||||
CONFIG_CRYPTO_GCM=y
|
CONFIG_CRYPTO_GCM=y
|
||||||
# CONFIG_CRYPTO_CHACHA20POLY1305 is not set
|
CONFIG_CRYPTO_CHACHA20POLY1305=m
|
||||||
CONFIG_CRYPTO_AEGIS128=m
|
CONFIG_CRYPTO_AEGIS128=m
|
||||||
CONFIG_CRYPTO_AEGIS128_AESNI_SSE2=m
|
CONFIG_CRYPTO_AEGIS128_AESNI_SSE2=m
|
||||||
CONFIG_CRYPTO_SEQIV=y
|
CONFIG_CRYPTO_SEQIV=y
|
||||||
|
@ -5968,7 +5976,7 @@ CONFIG_CRYPTO_DEV_CCP_CRYPTO=m
|
||||||
# CONFIG_CRYPTO_DEV_QAT_C3XXXVF is not set
|
# CONFIG_CRYPTO_DEV_QAT_C3XXXVF is not set
|
||||||
# CONFIG_CRYPTO_DEV_QAT_C62XVF is not set
|
# CONFIG_CRYPTO_DEV_QAT_C62XVF is not set
|
||||||
# CONFIG_CRYPTO_DEV_NITROX_CNN55XX is not set
|
# CONFIG_CRYPTO_DEV_NITROX_CNN55XX is not set
|
||||||
CONFIG_CRYPTO_DEV_VIRTIO=m
|
# CONFIG_CRYPTO_DEV_VIRTIO is not set
|
||||||
# CONFIG_CRYPTO_DEV_SAFEXCEL is not set
|
# CONFIG_CRYPTO_DEV_SAFEXCEL is not set
|
||||||
# CONFIG_CRYPTO_DEV_CCREE is not set
|
# CONFIG_CRYPTO_DEV_CCREE is not set
|
||||||
# CONFIG_CRYPTO_DEV_AMLOGIC_GXL is not set
|
# CONFIG_CRYPTO_DEV_AMLOGIC_GXL is not set
|
||||||
|
@ -6033,6 +6041,7 @@ CONFIG_CRYPTO_LIB_CHACHA20POLY1305=m
|
||||||
CONFIG_CRYPTO_LIB_SHA256=y
|
CONFIG_CRYPTO_LIB_SHA256=y
|
||||||
# end of Crypto library routines
|
# end of Crypto library routines
|
||||||
|
|
||||||
|
CONFIG_LIB_MEMNEQ=y
|
||||||
CONFIG_CRC_CCITT=y
|
CONFIG_CRC_CCITT=y
|
||||||
CONFIG_CRC16=y
|
CONFIG_CRC16=y
|
||||||
# CONFIG_CRC_T10DIF is not set
|
# CONFIG_CRC_T10DIF is not set
|
||||||
|
|
Loading…
Reference in a new issue