From e9f936ad8b76ec75e6f9fa9e100a79be1be1d0cc Mon Sep 17 00:00:00 2001 From: inference Date: Fri, 23 Dec 2022 00:35:55 +0000 Subject: [PATCH] Update Linux from 6.1.0 to 6.1.1. Remove unnecessary CMDLINE arguments since they are automatically set as part of the kernel configuration. Increase ASLR mmap random bit count from 28-bit to 32-bit for greater ASLR effectiveness and security. Remove RAID support. Remove block device mirroring support. --- linux/.config | 28 ++++++++-------------------- 1 file changed, 8 insertions(+), 20 deletions(-) diff --git a/linux/.config b/linux/.config index c385e12..7af9328 100644 --- a/linux/.config +++ b/linux/.config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 6.1.0 Kernel Configuration +# Linux/x86 6.1.1 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (Gentoo Hardened 12.2.0 p1) 12.2.0" CONFIG_CC_IS_GCC=y @@ -28,7 +28,7 @@ CONFIG_THREAD_INFO_IN_TASK=y CONFIG_INIT_ENV_ARG_LIMIT=32 # CONFIG_COMPILE_TEST is not set CONFIG_WERROR=y -CONFIG_LOCALVERSION="-inf-AA000-0-1.1.0.11" +CONFIG_LOCALVERSION="-inf-AA000-0-1.2.0.12" # CONFIG_LOCALVERSION_AUTO is not set CONFIG_BUILD_SALT="" CONFIG_HAVE_KERNEL_GZIP=y @@ -416,7 +416,7 @@ CONFIG_HOTPLUG_CPU=y CONFIG_LEGACY_VSYSCALL_XONLY=y # CONFIG_LEGACY_VSYSCALL_NONE is not set CONFIG_CMDLINE_BOOL=y -CONFIG_CMDLINE="kvm.nx_huge_pages=off l1tf=off mds=off mmio_stale_data=off pti=off retbleed=off spectre_v2=on spec_store_bypass_disable=on srbds=off tsx_async_abort=off debugfs=off init_on_alloc=1 init_on_free=1 page_alloc.shuffle=1 randomize_kstack_offset=on slab_nomerge vsyscall=none nosmt=force root=UUID=[REDACTED] rd.luks.uuid=[REDACTED]" +CONFIG_CMDLINE="kvm.nx_huge_pages=off l1tf=off mds=off mmio_stale_data=off pti=off retbleed=off spectre_v2=on spec_store_bypass_disable=on srbds=off tsx_async_abort=off debugfs=off randomize_kstack_offset=on vsyscall=none nosmt=force root=UUID=[REDACTED] rd.luks.uuid=[REDACTED]" CONFIG_CMDLINE_OVERRIDE=y # CONFIG_MODIFY_LDT_SYSCALL is not set # CONFIG_STRICT_SIGALTSTACK_SIZE is not set @@ -658,7 +658,7 @@ CONFIG_SOFTIRQ_ON_OWN_STACK=y CONFIG_ARCH_HAS_ELF_RANDOMIZE=y CONFIG_HAVE_ARCH_MMAP_RND_BITS=y CONFIG_HAVE_EXIT_THREAD=y -CONFIG_ARCH_MMAP_RND_BITS=28 +CONFIG_ARCH_MMAP_RND_BITS=32 CONFIG_PAGE_SIZE_LESS_THAN_64KB=y CONFIG_PAGE_SIZE_LESS_THAN_256KB=y CONFIG_HAVE_OBJTOOL=y @@ -668,7 +668,7 @@ CONFIG_HAVE_NOINSTR_VALIDATION=y CONFIG_HAVE_UACCESS_VALIDATION=y CONFIG_HAVE_STACK_VALIDATION=y CONFIG_HAVE_RELIABLE_STACKTRACE=y -CONFIG_COMPAT_32BIT_TIME=y +# CONFIG_COMPAT_32BIT_TIME is not set CONFIG_HAVE_ARCH_VMAP_STACK=y CONFIG_VMAP_STACK=y CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET=y @@ -1408,15 +1408,7 @@ CONFIG_SATA_MOBILE_LPM_POLICY=0 # CONFIG_SATA_SIL24 is not set # CONFIG_ATA_SFF is not set CONFIG_MD=y -CONFIG_BLK_DEV_MD=y -CONFIG_MD_AUTODETECT=y -# CONFIG_MD_LINEAR is not set -CONFIG_MD_RAID0=y -CONFIG_MD_RAID1=y -CONFIG_MD_RAID10=y -CONFIG_MD_RAID456=y -# CONFIG_MD_MULTIPATH is not set -# CONFIG_MD_FAULTY is not set +# CONFIG_BLK_DEV_MD is not set # CONFIG_BCACHE is not set CONFIG_BLK_DEV_DM_BUILTIN=y CONFIG_BLK_DEV_DM=y @@ -1432,9 +1424,8 @@ CONFIG_DM_CRYPT=y # CONFIG_DM_EBS is not set # CONFIG_DM_ERA is not set # CONFIG_DM_CLONE is not set -CONFIG_DM_MIRROR=y -# CONFIG_DM_LOG_USERSPACE is not set -CONFIG_DM_RAID=y +# CONFIG_DM_MIRROR is not set +# CONFIG_DM_RAID is not set CONFIG_DM_ZERO=y # CONFIG_DM_MULTIPATH is not set # CONFIG_DM_DELAY is not set @@ -3801,10 +3792,7 @@ CONFIG_GCC_PLUGIN_RANDSTRUCT=y CONFIG_XOR_BLOCKS=y CONFIG_ASYNC_CORE=y -CONFIG_ASYNC_MEMCPY=y CONFIG_ASYNC_XOR=y -CONFIG_ASYNC_PQ=y -CONFIG_ASYNC_RAID6_RECOV=y CONFIG_CRYPTO=y #