Peter Müller
8e1a464d12
Kernel: Enable LSM support and set security level to "integrity"
...
Signed-off-by: Peter Müller <peter.mueller@ipfire.org >
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org >
2022-04-06 20:04:04 +00:00
Peter Müller
4f4422cc1c
Kernel: Do not automatically load TTY line disciplines, only if necessary
...
Signed-off-by: Peter Müller <peter.mueller@ipfire.org >
2022-04-04 19:59:39 +00:00
Peter Müller
bf2d8cb8a0
Kernel: Disable support for tracing block I/O actions
...
This is not needed on IPFire systems, and grsecurity recommends to turn
this off.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org >
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org >
2022-04-04 19:59:15 +00:00
Peter Müller
26ca63592d
Kernel: Set CONFIG_ARCH_MMAP_RND_BITS to 32 bits
...
This follows a recommendation by ClipOS, making ASLR bypassing attempts
harder.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org >
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org >
2022-04-04 19:59:08 +00:00
Michael Tremer
5c1a1094ed
kernel: Add a basic configuration for riscv64
...
This kernel configuration is a copy of our kernel configuration for
x86_64 on which I ran "make olddefconfig" which will set any unknown
values to their defaults.
This exists so that we have some kernel (which I did not try to boot) to
complete the build process.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org >
2022-02-22 19:41:39 +00:00
