Summary: | sys-kernel/gentoo-sources: Update of our 4567_distro-Gentoo-Kconfig.patch | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Peter <peter.bo> |
Component: | Current packages | Assignee: | Gentoo Kernel Bug Wranglers and Kernel Maintainers <kernel> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | gentoo, jstein |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Peter
2022-04-28 14:17:05 UTC
Everything is in except for CONFIG_WERROR=y which gyakovlev in #gentoo-hardened suggested could cause issues with some architectures. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=e6616502ad6e34b980112d4828cf526fdfbf0635 commit e6616502ad6e34b980112d4828cf526fdfbf0635 Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-05-11 17:25:52 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-05-11 17:25:52 +0000 Update Gentoo Hardened patchset based on KSPP thanks to Peter Bo Bug: https://bugs.gentoo.org/841488 Added: CONFIG_HARDENED_USERCOPY=y CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT=y CONFIG_KFENCE=y CONFIG_IOMMU_DEFAULT_DMA_STRICT=y CONFIG_SCHED_CORE=y CONFIG_ZERO_CALL_USED_REGS=y Signed-off-by: Mike Pagano <mpagano@gentoo.org> 4567_distro-Gentoo-Kconfig.patch | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b7bb70af4842e3e091c70631e4956023a91c946c commit b7bb70af4842e3e091c70631e4956023a91c946c Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-05-12 12:26:09 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-05-12 12:26:09 +0000 sys-kernel/gentoo-sources: add 5.17.7 and update to kspp patch Update Gentoo Hardened patchset based on KSPP thanks to Peter Bo Closes: https://bugs.gentoo.org/841488 Signed-off-by: Mike Pagano <mpagano@gentoo.org> sys-kernel/gentoo-sources/Manifest | 3 +++ .../gentoo-sources/gentoo-sources-5.17.7.ebuild | 28 ++++++++++++++++++++++ 2 files changed, 31 insertions(+) Additionally, it has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bb485852c43843d7272940266f52468c6e0c5a93 commit bb485852c43843d7272940266f52468c6e0c5a93 Author: Mike Pagano <mpagano@gentoo.org> AuthorDate: 2022-05-12 12:25:11 +0000 Commit: Mike Pagano <mpagano@gentoo.org> CommitDate: 2022-05-12 12:25:11 +0000 sys-kernel/gentoo-sources: add 5.15.39 and ksp update Update Gentoo Hardened patchset based on KSPP thanks to Peter Bo (Mike Pagano) Bug: https://bugs.gentoo.org/841488 Signed-off-by: Mike Pagano <mpagano@gentoo.org> sys-kernel/gentoo-sources/Manifest | 3 +++ .../gentoo-sources/gentoo-sources-5.15.39.ebuild | 28 ++++++++++++++++++++++ 2 files changed, 31 insertions(+) |