|
Lines 11-18
Link Here
|
| 11 |
CONFIG_LOCKDEP_SUPPORT=y |
11 |
CONFIG_LOCKDEP_SUPPORT=y |
| 12 |
CONFIG_STACKTRACE_SUPPORT=y |
12 |
CONFIG_STACKTRACE_SUPPORT=y |
| 13 |
CONFIG_MMU=y |
13 |
CONFIG_MMU=y |
| 14 |
CONFIG_ARCH_MMAP_RND_BITS_MIN=27 |
14 |
CONFIG_ARCH_MMAP_RND_BITS_MIN=28 |
| 15 |
CONFIG_ARCH_MMAP_RND_BITS_MAX=27 |
15 |
CONFIG_ARCH_MMAP_RND_BITS_MAX=32 |
| 16 |
CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 |
16 |
CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 |
| 17 |
CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 |
17 |
CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 |
| 18 |
CONFIG_NEED_DMA_MAP_STATE=y |
18 |
CONFIG_NEED_DMA_MAP_STATE=y |
|
Lines 52-58
Link Here
|
| 52 |
CONFIG_INIT_ENV_ARG_LIMIT=32 |
52 |
CONFIG_INIT_ENV_ARG_LIMIT=32 |
| 53 |
CONFIG_CROSS_COMPILE="" |
53 |
CONFIG_CROSS_COMPILE="" |
| 54 |
# CONFIG_COMPILE_TEST is not set |
54 |
# CONFIG_COMPILE_TEST is not set |
| 55 |
CONFIG_LOCALVERSION="-170106_05" |
55 |
CONFIG_LOCALVERSION="-170108_10" |
| 56 |
# CONFIG_LOCALVERSION_AUTO is not set |
56 |
# CONFIG_LOCALVERSION_AUTO is not set |
| 57 |
CONFIG_HAVE_KERNEL_GZIP=y |
57 |
CONFIG_HAVE_KERNEL_GZIP=y |
| 58 |
CONFIG_HAVE_KERNEL_BZIP2=y |
58 |
CONFIG_HAVE_KERNEL_BZIP2=y |
|
Lines 142-147
Link Here
|
| 142 |
CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y |
142 |
CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y |
| 143 |
CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y |
143 |
CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y |
| 144 |
CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y |
144 |
CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y |
|
|
145 |
CONFIG_ARCH_SUPPORTS_INT128=y |
| 145 |
# CONFIG_NUMA_BALANCING is not set |
146 |
# CONFIG_NUMA_BALANCING is not set |
| 146 |
CONFIG_CGROUPS=y |
147 |
CONFIG_CGROUPS=y |
| 147 |
CONFIG_PAGE_COUNTER=y |
148 |
CONFIG_PAGE_COUNTER=y |
|
Lines 283-289
Link Here
|
| 283 |
CONFIG_ARCH_HAS_ELF_RANDOMIZE=y |
284 |
CONFIG_ARCH_HAS_ELF_RANDOMIZE=y |
| 284 |
CONFIG_HAVE_ARCH_MMAP_RND_BITS=y |
285 |
CONFIG_HAVE_ARCH_MMAP_RND_BITS=y |
| 285 |
CONFIG_HAVE_EXIT_THREAD=y |
286 |
CONFIG_HAVE_EXIT_THREAD=y |
| 286 |
CONFIG_ARCH_MMAP_RND_BITS=27 |
287 |
CONFIG_ARCH_MMAP_RND_BITS=28 |
| 287 |
CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=y |
288 |
CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=y |
| 288 |
CONFIG_ARCH_MMAP_RND_COMPAT_BITS=8 |
289 |
CONFIG_ARCH_MMAP_RND_COMPAT_BITS=8 |
| 289 |
CONFIG_HAVE_COPY_THREAD_TLS=y |
290 |
CONFIG_HAVE_COPY_THREAD_TLS=y |
|
Lines 532-537
Link Here
|
| 532 |
CONFIG_HOTPLUG_CPU=y |
533 |
CONFIG_HOTPLUG_CPU=y |
| 533 |
# CONFIG_BOOTPARAM_HOTPLUG_CPU0 is not set |
534 |
# CONFIG_BOOTPARAM_HOTPLUG_CPU0 is not set |
| 534 |
# CONFIG_DEBUG_HOTPLUG_CPU0 is not set |
535 |
# CONFIG_DEBUG_HOTPLUG_CPU0 is not set |
|
|
536 |
# CONFIG_COMPAT_VDSO is not set |
| 535 |
CONFIG_LEGACY_VSYSCALL_EMULATE=y |
537 |
CONFIG_LEGACY_VSYSCALL_EMULATE=y |
| 536 |
# CONFIG_LEGACY_VSYSCALL_NONE is not set |
538 |
# CONFIG_LEGACY_VSYSCALL_NONE is not set |
| 537 |
# CONFIG_CMDLINE_BOOL is not set |
539 |
# CONFIG_CMDLINE_BOOL is not set |
|
Lines 3747-3752
Link Here
|
| 3747 |
# Pseudo filesystems |
3749 |
# Pseudo filesystems |
| 3748 |
# |
3750 |
# |
| 3749 |
CONFIG_PROC_FS=y |
3751 |
CONFIG_PROC_FS=y |
|
|
3752 |
# CONFIG_PROC_KCORE is not set |
| 3750 |
CONFIG_PROC_SYSCTL=y |
3753 |
CONFIG_PROC_SYSCTL=y |
| 3751 |
# CONFIG_PROC_CHILDREN is not set |
3754 |
# CONFIG_PROC_CHILDREN is not set |
| 3752 |
CONFIG_KERNFS=y |
3755 |
CONFIG_KERNFS=y |
|
Lines 3930-3935
Link Here
|
| 3930 |
# Memory Debugging |
3933 |
# Memory Debugging |
| 3931 |
# |
3934 |
# |
| 3932 |
# CONFIG_PAGE_EXTENSION is not set |
3935 |
# CONFIG_PAGE_EXTENSION is not set |
|
|
3936 |
# CONFIG_DEBUG_PAGEALLOC is not set |
| 3933 |
# CONFIG_PAGE_POISONING is not set |
3937 |
# CONFIG_PAGE_POISONING is not set |
| 3934 |
# CONFIG_DEBUG_OBJECTS is not set |
3938 |
# CONFIG_DEBUG_OBJECTS is not set |
| 3935 |
# CONFIG_SLUB_DEBUG_ON is not set |
3939 |
# CONFIG_SLUB_DEBUG_ON is not set |
|
Lines 3973-3978
Link Here
|
| 3973 |
# CONFIG_DEBUG_RT_MUTEXES is not set |
3977 |
# CONFIG_DEBUG_RT_MUTEXES is not set |
| 3974 |
# CONFIG_DEBUG_SPINLOCK is not set |
3978 |
# CONFIG_DEBUG_SPINLOCK is not set |
| 3975 |
# CONFIG_DEBUG_MUTEXES is not set |
3979 |
# CONFIG_DEBUG_MUTEXES is not set |
|
|
3980 |
# CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set |
| 3981 |
# CONFIG_DEBUG_LOCK_ALLOC is not set |
| 3982 |
# CONFIG_PROVE_LOCKING is not set |
| 3983 |
# CONFIG_LOCK_STAT is not set |
| 3976 |
# CONFIG_DEBUG_ATOMIC_SLEEP is not set |
3984 |
# CONFIG_DEBUG_ATOMIC_SLEEP is not set |
| 3977 |
# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set |
3985 |
# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set |
| 3978 |
# CONFIG_LOCK_TORTURE_TEST is not set |
3986 |
# CONFIG_LOCK_TORTURE_TEST is not set |
|
Lines 4001-4006
Link Here
|
| 4001 |
# CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set |
4009 |
# CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set |
| 4002 |
# CONFIG_NOTIFIER_ERROR_INJECTION is not set |
4010 |
# CONFIG_NOTIFIER_ERROR_INJECTION is not set |
| 4003 |
# CONFIG_FAULT_INJECTION is not set |
4011 |
# CONFIG_FAULT_INJECTION is not set |
|
|
4012 |
# CONFIG_LATENCYTOP is not set |
| 4004 |
CONFIG_USER_STACKTRACE_SUPPORT=y |
4013 |
CONFIG_USER_STACKTRACE_SUPPORT=y |
| 4005 |
CONFIG_HAVE_FUNCTION_TRACER=y |
4014 |
CONFIG_HAVE_FUNCTION_TRACER=y |
| 4006 |
CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y |
4015 |
CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y |
|
Lines 4104-4111
Link Here
|
| 4104 |
# |
4113 |
# |
| 4105 |
# Grsecurity |
4114 |
# Grsecurity |
| 4106 |
# |
4115 |
# |
| 4107 |
CONFIG_PAX_PER_CPU_PGD=y |
4116 |
CONFIG_TASK_SIZE_MAX_SHIFT=47 |
| 4108 |
CONFIG_TASK_SIZE_MAX_SHIFT=42 |
|
|
| 4109 |
CONFIG_GRKERNSEC=y |
4117 |
CONFIG_GRKERNSEC=y |
| 4110 |
CONFIG_GRKERNSEC_CONFIG_AUTO=y |
4118 |
CONFIG_GRKERNSEC_CONFIG_AUTO=y |
| 4111 |
# CONFIG_GRKERNSEC_CONFIG_CUSTOM is not set |
4119 |
# CONFIG_GRKERNSEC_CONFIG_CUSTOM is not set |
|
Lines 4128-4134
Link Here
|
| 4128 |
# Default Special Groups |
4136 |
# Default Special Groups |
| 4129 |
# |
4137 |
# |
| 4130 |
CONFIG_GRKERNSEC_PROC_GID=10 |
4138 |
CONFIG_GRKERNSEC_PROC_GID=10 |
| 4131 |
CONFIG_GRKERNSEC_TPE_UNTRUSTED_GID=100 |
|
|
| 4132 |
CONFIG_GRKERNSEC_SYMLINKOWN_GID=1006 |
4139 |
CONFIG_GRKERNSEC_SYMLINKOWN_GID=1006 |
| 4133 |
|
4140 |
|
| 4134 |
# |
4141 |
# |
|
Lines 4138-4285
Link Here
|
| 4138 |
# |
4145 |
# |
| 4139 |
# PaX |
4146 |
# PaX |
| 4140 |
# |
4147 |
# |
| 4141 |
CONFIG_PAX=y |
4148 |
# CONFIG_PAX is not set |
| 4142 |
|
|
|
| 4143 |
# |
| 4144 |
# PaX Control |
| 4145 |
# |
| 4146 |
# CONFIG_PAX_SOFTMODE is not set |
| 4147 |
# CONFIG_PAX_PT_PAX_FLAGS is not set |
| 4148 |
CONFIG_PAX_XATTR_PAX_FLAGS=y |
| 4149 |
CONFIG_PAX_NO_ACL_FLAGS=y |
| 4150 |
# CONFIG_PAX_HAVE_ACL_FLAGS is not set |
| 4151 |
# CONFIG_PAX_HOOK_ACL_FLAGS is not set |
| 4152 |
|
| 4153 |
# |
| 4154 |
# Non-executable pages |
| 4155 |
# |
| 4156 |
CONFIG_PAX_NOEXEC=y |
| 4157 |
CONFIG_PAX_PAGEEXEC=y |
| 4158 |
CONFIG_PAX_EMUTRAMP=y |
| 4159 |
CONFIG_PAX_MPROTECT=y |
| 4160 |
# CONFIG_PAX_MPROTECT_COMPAT is not set |
| 4161 |
# CONFIG_PAX_ELFRELOCS is not set |
| 4162 |
CONFIG_PAX_KERNEXEC=y |
| 4163 |
CONFIG_PAX_KERNEXEC_PLUGIN=y |
| 4164 |
# CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_NONE is not set |
| 4165 |
CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_BTS=y |
| 4166 |
# CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR is not set |
| 4167 |
|
| 4168 |
# |
| 4169 |
# Address Space Layout Randomization |
| 4170 |
# |
| 4171 |
CONFIG_PAX_ASLR=y |
| 4172 |
CONFIG_PAX_RANDKSTACK=y |
| 4173 |
CONFIG_PAX_RANDUSTACK=y |
| 4174 |
CONFIG_PAX_RANDMMAP=y |
| 4175 |
|
4149 |
|
| 4176 |
# |
4150 |
# |
| 4177 |
# Miscellaneous hardening features |
4151 |
# Miscellaneous hardening features |
| 4178 |
# |
4152 |
# |
| 4179 |
CONFIG_PAX_MEMORY_SANITIZE=y |
4153 |
# CONFIG_PAX_MEMORY_SANITIZE is not set |
| 4180 |
CONFIG_PAX_MEMORY_STACKLEAK=y |
4154 |
# CONFIG_PAX_MEMORY_STACKLEAK is not set |
| 4181 |
CONFIG_PAX_MEMORY_STRUCTLEAK=y |
4155 |
# CONFIG_PAX_MEMORY_STRUCTLEAK is not set |
| 4182 |
# CONFIG_PAX_MEMORY_UDEREF is not set |
4156 |
# CONFIG_PAX_MEMORY_UDEREF is not set |
| 4183 |
CONFIG_PAX_REFCOUNT=y |
4157 |
# CONFIG_PAX_REFCOUNT is not set |
| 4184 |
CONFIG_PAX_USERCOPY=y |
4158 |
CONFIG_PAX_USERCOPY=y |
| 4185 |
CONFIG_PAX_CONSTIFY_PLUGIN=y |
|
|
| 4186 |
# CONFIG_PAX_USERCOPY_DEBUG is not set |
4159 |
# CONFIG_PAX_USERCOPY_DEBUG is not set |
| 4187 |
CONFIG_PAX_SIZE_OVERFLOW=y |
4160 |
# CONFIG_PAX_SIZE_OVERFLOW is not set |
| 4188 |
CONFIG_PAX_SIZE_OVERFLOW_EXTRA=y |
|
|
| 4189 |
# CONFIG_PAX_INITIFY is not set |
4161 |
# CONFIG_PAX_INITIFY is not set |
| 4190 |
CONFIG_HAVE_PAX_INITIFY_INIT_EXIT=y |
4162 |
CONFIG_HAVE_PAX_INITIFY_INIT_EXIT=y |
| 4191 |
CONFIG_PAX_LATENT_ENTROPY=y |
4163 |
# CONFIG_PAX_LATENT_ENTROPY is not set |
| 4192 |
CONFIG_PAX_RAP=y |
4164 |
# CONFIG_PAX_RAP is not set |
| 4193 |
|
4165 |
|
| 4194 |
# |
4166 |
# |
| 4195 |
# Memory Protections |
4167 |
# Memory Protections |
| 4196 |
# |
4168 |
# |
| 4197 |
# CONFIG_GRKERNSEC_KMEM is not set |
4169 |
# CONFIG_GRKERNSEC_KMEM is not set |
| 4198 |
# CONFIG_GRKERNSEC_IO is not set |
4170 |
# CONFIG_GRKERNSEC_IO is not set |
| 4199 |
CONFIG_GRKERNSEC_BPF_HARDEN=y |
4171 |
# CONFIG_GRKERNSEC_BPF_HARDEN is not set |
| 4200 |
CONFIG_GRKERNSEC_PERF_HARDEN=y |
4172 |
# CONFIG_GRKERNSEC_PERF_HARDEN is not set |
| 4201 |
# CONFIG_GRKERNSEC_RAND_THREADSTACK is not set |
4173 |
# CONFIG_GRKERNSEC_KSTACKOVERFLOW is not set |
| 4202 |
CONFIG_GRKERNSEC_PROC_MEMMAP=y |
4174 |
# CONFIG_GRKERNSEC_BRUTE is not set |
| 4203 |
CONFIG_GRKERNSEC_KSTACKOVERFLOW=y |
4175 |
# CONFIG_GRKERNSEC_MODHARDEN is not set |
| 4204 |
CONFIG_GRKERNSEC_BRUTE=y |
4176 |
# CONFIG_GRKERNSEC_HIDESYM is not set |
| 4205 |
CONFIG_GRKERNSEC_MODHARDEN=y |
4177 |
# CONFIG_GRKERNSEC_RANDSTRUCT is not set |
| 4206 |
CONFIG_GRKERNSEC_HIDESYM=y |
4178 |
# CONFIG_GRKERNSEC_KERN_LOCKOUT is not set |
| 4207 |
CONFIG_GRKERNSEC_RANDSTRUCT=y |
|
|
| 4208 |
CONFIG_GRKERNSEC_RANDSTRUCT_PERFORMANCE=y |
| 4209 |
CONFIG_GRKERNSEC_KERN_LOCKOUT=y |
| 4210 |
|
4179 |
|
| 4211 |
# |
4180 |
# |
| 4212 |
# Role Based Access Control Options |
4181 |
# Role Based Access Control Options |
| 4213 |
# |
4182 |
# |
| 4214 |
# CONFIG_GRKERNSEC_NO_RBAC is not set |
4183 |
# CONFIG_GRKERNSEC_NO_RBAC is not set |
| 4215 |
CONFIG_GRKERNSEC_ACL_HIDEKERN=y |
4184 |
# CONFIG_GRKERNSEC_ACL_HIDEKERN is not set |
| 4216 |
CONFIG_GRKERNSEC_ACL_MAXTRIES=3 |
4185 |
CONFIG_GRKERNSEC_ACL_MAXTRIES=3 |
| 4217 |
CONFIG_GRKERNSEC_ACL_TIMEOUT=30 |
4186 |
CONFIG_GRKERNSEC_ACL_TIMEOUT=30 |
| 4218 |
|
4187 |
|
| 4219 |
# |
4188 |
# |
| 4220 |
# Filesystem Protections |
4189 |
# Filesystem Protections |
| 4221 |
# |
4190 |
# |
| 4222 |
CONFIG_GRKERNSEC_PROC=y |
4191 |
# CONFIG_GRKERNSEC_PROC is not set |
| 4223 |
CONFIG_GRKERNSEC_PROC_USER=y |
4192 |
# CONFIG_GRKERNSEC_LINK is not set |
| 4224 |
CONFIG_GRKERNSEC_PROC_ADD=y |
4193 |
# CONFIG_GRKERNSEC_SYMLINKOWN is not set |
| 4225 |
CONFIG_GRKERNSEC_LINK=y |
4194 |
# CONFIG_GRKERNSEC_FIFO is not set |
| 4226 |
CONFIG_GRKERNSEC_SYMLINKOWN=y |
4195 |
# CONFIG_GRKERNSEC_SYSFS_RESTRICT is not set |
| 4227 |
CONFIG_GRKERNSEC_FIFO=y |
|
|
| 4228 |
CONFIG_GRKERNSEC_SYSFS_RESTRICT=y |
| 4229 |
# CONFIG_GRKERNSEC_ROFS is not set |
4196 |
# CONFIG_GRKERNSEC_ROFS is not set |
| 4230 |
CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL=y |
4197 |
# CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL is not set |
| 4231 |
CONFIG_GRKERNSEC_CHROOT=y |
4198 |
# CONFIG_GRKERNSEC_CHROOT is not set |
| 4232 |
CONFIG_GRKERNSEC_CHROOT_MOUNT=y |
|
|
| 4233 |
CONFIG_GRKERNSEC_CHROOT_DOUBLE=y |
| 4234 |
CONFIG_GRKERNSEC_CHROOT_PIVOT=y |
| 4235 |
CONFIG_GRKERNSEC_CHROOT_CHDIR=y |
| 4236 |
CONFIG_GRKERNSEC_CHROOT_CHMOD=y |
| 4237 |
CONFIG_GRKERNSEC_CHROOT_FCHDIR=y |
| 4238 |
CONFIG_GRKERNSEC_CHROOT_MKNOD=y |
| 4239 |
CONFIG_GRKERNSEC_CHROOT_SHMAT=y |
| 4240 |
CONFIG_GRKERNSEC_CHROOT_UNIX=y |
| 4241 |
CONFIG_GRKERNSEC_CHROOT_FINDTASK=y |
| 4242 |
CONFIG_GRKERNSEC_CHROOT_NICE=y |
| 4243 |
CONFIG_GRKERNSEC_CHROOT_SYSCTL=y |
| 4244 |
CONFIG_GRKERNSEC_CHROOT_RENAME=y |
| 4245 |
CONFIG_GRKERNSEC_CHROOT_CAPS=y |
| 4246 |
# CONFIG_GRKERNSEC_CHROOT_INITRD is not set |
| 4247 |
|
4199 |
|
| 4248 |
# |
4200 |
# |
| 4249 |
# Kernel Auditing |
4201 |
# Kernel Auditing |
| 4250 |
# |
4202 |
# |
| 4251 |
# CONFIG_GRKERNSEC_AUDIT_GROUP is not set |
4203 |
# CONFIG_GRKERNSEC_AUDIT_GROUP is not set |
| 4252 |
CONFIG_GRKERNSEC_EXECLOG=y |
4204 |
# CONFIG_GRKERNSEC_EXECLOG is not set |
| 4253 |
CONFIG_GRKERNSEC_RESLOG=y |
4205 |
# CONFIG_GRKERNSEC_RESLOG is not set |
| 4254 |
CONFIG_GRKERNSEC_CHROOT_EXECLOG=y |
4206 |
# CONFIG_GRKERNSEC_CHROOT_EXECLOG is not set |
| 4255 |
CONFIG_GRKERNSEC_AUDIT_PTRACE=y |
4207 |
# CONFIG_GRKERNSEC_AUDIT_PTRACE is not set |
| 4256 |
CONFIG_GRKERNSEC_AUDIT_CHDIR=y |
4208 |
# CONFIG_GRKERNSEC_AUDIT_CHDIR is not set |
| 4257 |
CONFIG_GRKERNSEC_AUDIT_MOUNT=y |
4209 |
# CONFIG_GRKERNSEC_AUDIT_MOUNT is not set |
| 4258 |
CONFIG_GRKERNSEC_SIGNAL=y |
4210 |
# CONFIG_GRKERNSEC_SIGNAL is not set |
| 4259 |
CONFIG_GRKERNSEC_FORKFAIL=y |
4211 |
# CONFIG_GRKERNSEC_FORKFAIL is not set |
| 4260 |
CONFIG_GRKERNSEC_TIME=y |
4212 |
# CONFIG_GRKERNSEC_TIME is not set |
| 4261 |
CONFIG_GRKERNSEC_PROC_IPADDR=y |
4213 |
# CONFIG_GRKERNSEC_PROC_IPADDR is not set |
| 4262 |
CONFIG_GRKERNSEC_RWXMAP_LOG=y |
|
|
| 4263 |
|
4214 |
|
| 4264 |
# |
4215 |
# |
| 4265 |
# Executable Protections |
4216 |
# Executable Protections |
| 4266 |
# |
4217 |
# |
| 4267 |
CONFIG_GRKERNSEC_DMESG=y |
4218 |
# CONFIG_GRKERNSEC_DMESG is not set |
| 4268 |
CONFIG_GRKERNSEC_HARDEN_PTRACE=y |
4219 |
# CONFIG_GRKERNSEC_HARDEN_PTRACE is not set |
| 4269 |
CONFIG_GRKERNSEC_PTRACE_READEXEC=y |
4220 |
# CONFIG_GRKERNSEC_PTRACE_READEXEC is not set |
| 4270 |
CONFIG_GRKERNSEC_SETXID=y |
4221 |
# CONFIG_GRKERNSEC_SETXID is not set |
| 4271 |
CONFIG_GRKERNSEC_HARDEN_IPC=y |
4222 |
# CONFIG_GRKERNSEC_HARDEN_IPC is not set |
| 4272 |
CONFIG_GRKERNSEC_HARDEN_TTY=y |
4223 |
# CONFIG_GRKERNSEC_HARDEN_TTY is not set |
| 4273 |
CONFIG_GRKERNSEC_TPE=y |
4224 |
# CONFIG_GRKERNSEC_TPE is not set |
| 4274 |
CONFIG_GRKERNSEC_TPE_ALL=y |
|
|
| 4275 |
# CONFIG_GRKERNSEC_TPE_INVERT is not set |
| 4276 |
CONFIG_GRKERNSEC_TPE_GID=100 |
| 4277 |
|
4225 |
|
| 4278 |
# |
4226 |
# |
| 4279 |
# Network Protections |
4227 |
# Network Protections |
| 4280 |
# |
4228 |
# |
| 4281 |
CONFIG_GRKERNSEC_BLACKHOLE=y |
4229 |
# CONFIG_GRKERNSEC_BLACKHOLE is not set |
| 4282 |
CONFIG_GRKERNSEC_NO_SIMULT_CONNECT=y |
4230 |
# CONFIG_GRKERNSEC_NO_SIMULT_CONNECT is not set |
| 4283 |
# CONFIG_GRKERNSEC_SOCKET is not set |
4231 |
# CONFIG_GRKERNSEC_SOCKET is not set |
| 4284 |
|
4232 |
|
| 4285 |
# |
4233 |
# |
|
Lines 4290-4297
Link Here
|
| 4290 |
# |
4238 |
# |
| 4291 |
# Sysctl Support |
4239 |
# Sysctl Support |
| 4292 |
# |
4240 |
# |
| 4293 |
CONFIG_GRKERNSEC_SYSCTL=y |
4241 |
# CONFIG_GRKERNSEC_SYSCTL is not set |
| 4294 |
CONFIG_GRKERNSEC_SYSCTL_ON=y |
|
|
| 4295 |
|
4242 |
|
| 4296 |
# |
4243 |
# |
| 4297 |
# Logging Options |
4244 |
# Logging Options |
