Merge branch 'corsac/linux-hardening-options' into sid
This commit is contained in:
commit
c1ecc67a90
|
@ -284,6 +284,10 @@ linux (4.16.13-1) UNRELEASED; urgency=medium
|
|||
* [armhf] Enable MFD_AC100 and RTC_DRV_AC100, used in allwinner A80/A83t
|
||||
systems.
|
||||
|
||||
[ Yves-Alexis Perez ]
|
||||
* hardening: enable FORTIFY_SOURCE, disable HARDENED_USERCOPY_FALLBACK
|
||||
* [x86] hardening: enable REFCOUNT_FULL
|
||||
|
||||
-- Salvatore Bonaccorso <carnil@debian.org> Wed, 30 May 2018 08:41:30 +0200
|
||||
|
||||
linux (4.16.12-1) unstable; urgency=medium
|
||||
|
|
|
@ -7118,7 +7118,9 @@ CONFIG_SECURITY_NETWORK_XFRM=y
|
|||
# CONFIG_INTEL_TXT is not set
|
||||
CONFIG_LSM_MMAP_MIN_ADDR=32768
|
||||
CONFIG_HARDENED_USERCOPY=y
|
||||
# CONFIG_HARDENED_USERCOPY_FALLBACK is not set
|
||||
# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set
|
||||
CONFIG_FORTIFY_SOURCE=y
|
||||
CONFIG_LOCK_DOWN_KERNEL=y
|
||||
CONFIG_LOCK_DOWN_IN_EFI_SECURE_BOOT=y
|
||||
## choice: Default security module
|
||||
|
|
|
@ -2,6 +2,7 @@
|
|||
## file: arch/Kconfig
|
||||
##
|
||||
# CONFIG_OPROFILE_EVENT_MULTIPLEX is not set
|
||||
CONFIG_REFCOUNT_FULL=y
|
||||
|
||||
##
|
||||
## file: arch/x86/Kconfig
|
||||
|
|
Loading…
Reference in New Issue