Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 459214 Details for
Bug 597554
=sys-kernel/hardened-sources-4.7.6: Kernel panic when starting KVM guests
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
config-4.8.15-hardened-r2-170108_18.diff
config-4.8.15-hardened-r2-170108_18.diff (text/plain), 6.65 KB, created by
miro.rovis
on 2017-01-08 19:38:02 UTC
(
hide
)
Description:
config-4.8.15-hardened-r2-170108_18.diff
Filename:
MIME Type:
Creator:
miro.rovis
Created:
2017-01-08 19:38:02 UTC
Size:
6.65 KB
patch
obsolete
>--- config-4.8.15-hardened-r2-170106_05 2017-01-08 16:27:05.000000000 +0100 >+++ config-4.8.15-hardened-r2-170108_18 2017-01-08 19:26:49.032663085 +0100 >@@ -11,8 +11,8 @@ > CONFIG_LOCKDEP_SUPPORT=y > CONFIG_STACKTRACE_SUPPORT=y > CONFIG_MMU=y >-CONFIG_ARCH_MMAP_RND_BITS_MIN=27 >-CONFIG_ARCH_MMAP_RND_BITS_MAX=27 >+CONFIG_ARCH_MMAP_RND_BITS_MIN=28 >+CONFIG_ARCH_MMAP_RND_BITS_MAX=32 > CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 > CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 > CONFIG_NEED_DMA_MAP_STATE=y >@@ -52,7 +52,7 @@ > CONFIG_INIT_ENV_ARG_LIMIT=32 > CONFIG_CROSS_COMPILE="" > # CONFIG_COMPILE_TEST is not set >-CONFIG_LOCALVERSION="-170106_05" >+CONFIG_LOCALVERSION="-170108_18" > # CONFIG_LOCALVERSION_AUTO is not set > CONFIG_HAVE_KERNEL_GZIP=y > CONFIG_HAVE_KERNEL_BZIP2=y >@@ -142,6 +142,7 @@ > CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y > CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y > CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y >+CONFIG_ARCH_SUPPORTS_INT128=y > # CONFIG_NUMA_BALANCING is not set > CONFIG_CGROUPS=y > CONFIG_PAGE_COUNTER=y >@@ -283,7 +284,7 @@ > CONFIG_ARCH_HAS_ELF_RANDOMIZE=y > CONFIG_HAVE_ARCH_MMAP_RND_BITS=y > CONFIG_HAVE_EXIT_THREAD=y >-CONFIG_ARCH_MMAP_RND_BITS=27 >+CONFIG_ARCH_MMAP_RND_BITS=28 > CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=y > CONFIG_ARCH_MMAP_RND_COMPAT_BITS=8 > CONFIG_HAVE_COPY_THREAD_TLS=y >@@ -532,6 +533,7 @@ > CONFIG_HOTPLUG_CPU=y > # CONFIG_BOOTPARAM_HOTPLUG_CPU0 is not set > # CONFIG_DEBUG_HOTPLUG_CPU0 is not set >+# CONFIG_COMPAT_VDSO is not set > CONFIG_LEGACY_VSYSCALL_EMULATE=y > # CONFIG_LEGACY_VSYSCALL_NONE is not set > # CONFIG_CMDLINE_BOOL is not set >@@ -3747,6 +3749,7 @@ > # Pseudo filesystems > # > CONFIG_PROC_FS=y >+# CONFIG_PROC_KCORE is not set > CONFIG_PROC_SYSCTL=y > # CONFIG_PROC_CHILDREN is not set > CONFIG_KERNFS=y >@@ -3930,6 +3933,7 @@ > # Memory Debugging > # > # CONFIG_PAGE_EXTENSION is not set >+# CONFIG_DEBUG_PAGEALLOC is not set > # CONFIG_PAGE_POISONING is not set > # CONFIG_DEBUG_OBJECTS is not set > # CONFIG_SLUB_DEBUG_ON is not set >@@ -3973,6 +3977,10 @@ > # CONFIG_DEBUG_RT_MUTEXES is not set > # CONFIG_DEBUG_SPINLOCK is not set > # CONFIG_DEBUG_MUTEXES is not set >+# CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set >+# CONFIG_DEBUG_LOCK_ALLOC is not set >+# CONFIG_PROVE_LOCKING is not set >+# CONFIG_LOCK_STAT is not set > # CONFIG_DEBUG_ATOMIC_SLEEP is not set > # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set > # CONFIG_LOCK_TORTURE_TEST is not set >@@ -4001,6 +4009,7 @@ > # CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set > # CONFIG_NOTIFIER_ERROR_INJECTION is not set > # CONFIG_FAULT_INJECTION is not set >+# CONFIG_LATENCYTOP is not set > CONFIG_USER_STACKTRACE_SUPPORT=y > CONFIG_HAVE_FUNCTION_TRACER=y > CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y >@@ -4104,8 +4113,7 @@ > # > # Grsecurity > # >-CONFIG_PAX_PER_CPU_PGD=y >-CONFIG_TASK_SIZE_MAX_SHIFT=42 >+CONFIG_TASK_SIZE_MAX_SHIFT=47 > CONFIG_GRKERNSEC=y > CONFIG_GRKERNSEC_CONFIG_AUTO=y > # CONFIG_GRKERNSEC_CONFIG_CUSTOM is not set >@@ -4138,112 +4146,57 @@ > # > # PaX > # >-CONFIG_PAX=y >- >-# >-# PaX Control >-# >-# CONFIG_PAX_SOFTMODE is not set >-# CONFIG_PAX_PT_PAX_FLAGS is not set >-CONFIG_PAX_XATTR_PAX_FLAGS=y >-CONFIG_PAX_NO_ACL_FLAGS=y >-# CONFIG_PAX_HAVE_ACL_FLAGS is not set >-# CONFIG_PAX_HOOK_ACL_FLAGS is not set >- >-# >-# Non-executable pages >-# >-CONFIG_PAX_NOEXEC=y >-CONFIG_PAX_PAGEEXEC=y >-CONFIG_PAX_EMUTRAMP=y >-CONFIG_PAX_MPROTECT=y >-# CONFIG_PAX_MPROTECT_COMPAT is not set >-# CONFIG_PAX_ELFRELOCS is not set >-CONFIG_PAX_KERNEXEC=y >-CONFIG_PAX_KERNEXEC_PLUGIN=y >-# CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_NONE is not set >-CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_BTS=y >-# CONFIG_PAX_KERNEXEC_PLUGIN_METHOD_OR is not set >- >-# >-# Address Space Layout Randomization >-# >-CONFIG_PAX_ASLR=y >-CONFIG_PAX_RANDKSTACK=y >-CONFIG_PAX_RANDUSTACK=y >-CONFIG_PAX_RANDMMAP=y >+# CONFIG_PAX is not set > > # > # Miscellaneous hardening features > # >-CONFIG_PAX_MEMORY_SANITIZE=y >-CONFIG_PAX_MEMORY_STACKLEAK=y >-CONFIG_PAX_MEMORY_STRUCTLEAK=y >+# CONFIG_PAX_MEMORY_SANITIZE is not set >+# CONFIG_PAX_MEMORY_STACKLEAK is not set >+# CONFIG_PAX_MEMORY_STRUCTLEAK is not set > # CONFIG_PAX_MEMORY_UDEREF is not set >-CONFIG_PAX_REFCOUNT=y >+# CONFIG_PAX_REFCOUNT is not set > CONFIG_PAX_USERCOPY=y >-CONFIG_PAX_CONSTIFY_PLUGIN=y > # CONFIG_PAX_USERCOPY_DEBUG is not set >-CONFIG_PAX_SIZE_OVERFLOW=y >-CONFIG_PAX_SIZE_OVERFLOW_EXTRA=y >+# CONFIG_PAX_SIZE_OVERFLOW is not set > # CONFIG_PAX_INITIFY is not set > CONFIG_HAVE_PAX_INITIFY_INIT_EXIT=y >-CONFIG_PAX_LATENT_ENTROPY=y >-CONFIG_PAX_RAP=y >+# CONFIG_PAX_LATENT_ENTROPY is not set >+# CONFIG_PAX_RAP is not set > > # > # Memory Protections > # > # CONFIG_GRKERNSEC_KMEM is not set > # CONFIG_GRKERNSEC_IO is not set >-CONFIG_GRKERNSEC_BPF_HARDEN=y >-CONFIG_GRKERNSEC_PERF_HARDEN=y >-# CONFIG_GRKERNSEC_RAND_THREADSTACK is not set >-CONFIG_GRKERNSEC_PROC_MEMMAP=y >-CONFIG_GRKERNSEC_KSTACKOVERFLOW=y >-CONFIG_GRKERNSEC_BRUTE=y >-CONFIG_GRKERNSEC_MODHARDEN=y >-CONFIG_GRKERNSEC_HIDESYM=y >-CONFIG_GRKERNSEC_RANDSTRUCT=y >-CONFIG_GRKERNSEC_RANDSTRUCT_PERFORMANCE=y >-CONFIG_GRKERNSEC_KERN_LOCKOUT=y >+# CONFIG_GRKERNSEC_BPF_HARDEN is not set >+# CONFIG_GRKERNSEC_PERF_HARDEN is not set >+# CONFIG_GRKERNSEC_KSTACKOVERFLOW is not set >+# CONFIG_GRKERNSEC_BRUTE is not set >+# CONFIG_GRKERNSEC_MODHARDEN is not set >+# CONFIG_GRKERNSEC_HIDESYM is not set >+# CONFIG_GRKERNSEC_RANDSTRUCT is not set >+# CONFIG_GRKERNSEC_KERN_LOCKOUT is not set > > # > # Role Based Access Control Options > # > # CONFIG_GRKERNSEC_NO_RBAC is not set >-CONFIG_GRKERNSEC_ACL_HIDEKERN=y >+# CONFIG_GRKERNSEC_ACL_HIDEKERN is not set > CONFIG_GRKERNSEC_ACL_MAXTRIES=3 > CONFIG_GRKERNSEC_ACL_TIMEOUT=30 > > # > # Filesystem Protections > # >-CONFIG_GRKERNSEC_PROC=y >-CONFIG_GRKERNSEC_PROC_USER=y >-CONFIG_GRKERNSEC_PROC_ADD=y >-CONFIG_GRKERNSEC_LINK=y >-CONFIG_GRKERNSEC_SYMLINKOWN=y >-CONFIG_GRKERNSEC_FIFO=y >-CONFIG_GRKERNSEC_SYSFS_RESTRICT=y >+# CONFIG_GRKERNSEC_PROC is not set >+# CONFIG_GRKERNSEC_LINK is not set >+# CONFIG_GRKERNSEC_SYMLINKOWN is not set >+# CONFIG_GRKERNSEC_FIFO is not set >+# CONFIG_GRKERNSEC_SYSFS_RESTRICT is not set > # CONFIG_GRKERNSEC_ROFS is not set >-CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL=y >-CONFIG_GRKERNSEC_CHROOT=y >-CONFIG_GRKERNSEC_CHROOT_MOUNT=y >-CONFIG_GRKERNSEC_CHROOT_DOUBLE=y >-CONFIG_GRKERNSEC_CHROOT_PIVOT=y >-CONFIG_GRKERNSEC_CHROOT_CHDIR=y >-CONFIG_GRKERNSEC_CHROOT_CHMOD=y >-CONFIG_GRKERNSEC_CHROOT_FCHDIR=y >-CONFIG_GRKERNSEC_CHROOT_MKNOD=y >-CONFIG_GRKERNSEC_CHROOT_SHMAT=y >-CONFIG_GRKERNSEC_CHROOT_UNIX=y >-CONFIG_GRKERNSEC_CHROOT_FINDTASK=y >-CONFIG_GRKERNSEC_CHROOT_NICE=y >-CONFIG_GRKERNSEC_CHROOT_SYSCTL=y >-CONFIG_GRKERNSEC_CHROOT_RENAME=y >-CONFIG_GRKERNSEC_CHROOT_CAPS=y >-# CONFIG_GRKERNSEC_CHROOT_INITRD is not set >+# CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL is not set >+# CONFIG_GRKERNSEC_CHROOT is not set > > # > # Kernel Auditing >@@ -4259,7 +4212,6 @@ > CONFIG_GRKERNSEC_FORKFAIL=y > CONFIG_GRKERNSEC_TIME=y > CONFIG_GRKERNSEC_PROC_IPADDR=y >-CONFIG_GRKERNSEC_RWXMAP_LOG=y > > # > # Executable Protections
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 597554
:
450752
|
450754
|
450756
|
450758
|
451046
|
451082
|
451296
|
451298
|
451300
|
451310
|
451314
|
451318
|
451322
|
451328
|
451342
|
451344
|
451348
|
451350
|
451352
|
451354
|
451360
|
451362
|
451364
|
451366
|
451368
|
451370
|
452712
|
452714
|
459184
|
459188
|
459190
|
459192
|
459194
|
459196
| 459214 |
459218
|
464872
|
464920