diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2019-12-27 22:54:53 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2019-12-28 08:59:51 +0100 |
commit | 2d09b7457a5c97591238b34ef717734a84167ec2 (patch) | |
tree | 431544def9c1218df72d0869edbfe9dfb816988b /source/k/kernel-configs/config-huge-smp-5.4.6-smp | |
parent | be35adbd1160550e441ead585a97faba68a83f27 (diff) | |
download | current-2d09b7457a5c97591238b34ef717734a84167ec2.tar.gz |
Fri Dec 27 22:54:53 UTC 201920191227225453
a/kernel-generic-5.4.6-x86_64-2.txz: Rebuilt.
a/kernel-huge-5.4.6-x86_64-2.txz: Rebuilt.
a/kernel-modules-5.4.6-x86_64-2.txz: Rebuilt.
ap/vim-8.2.0050-x86_64-1.txz: Upgraded.
d/kernel-headers-5.4.6-x86-2.txz: Rebuilt.
k/kernel-source-5.4.6-noarch-2.txz: Rebuilt.
Apparently MODULE_SIG was enabled by SECURITY_LOCKDOWN_LSM. We'll turn both
of those off to avoid needlessly tainting the kernel.
-LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY n
-LOCK_DOWN_KERNEL_FORCE_INTEGRITY n
-LOCK_DOWN_KERNEL_FORCE_NONE y
-MODULE_SIG_ALL n
-MODULE_SIG_FORCE n
-MODULE_SIG_FORMAT y
-MODULE_SIG_HASH "sha256"
-MODULE_SIG_KEY "certs/signing_key.pem"
-MODULE_SIG_SHA1 n
-MODULE_SIG_SHA224 n
-MODULE_SIG_SHA256 y
-MODULE_SIG_SHA384 n
-MODULE_SIG_SHA512 n
-SECURITY_LOCKDOWN_LSM_EARLY y
MODULE_SIG y -> n
SECURITY_LOCKDOWN_LSM y -> n
l/imagemagick-7.0.9_12-x86_64-1.txz: Upgraded.
l/libcap-2.29-x86_64-1.txz: Upgraded.
xap/vim-gvim-8.2.0050-x86_64-1.txz: Upgraded.
isolinux/initrd.img: Rebuilt.
kernels/*: Rebuilt.
usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'source/k/kernel-configs/config-huge-smp-5.4.6-smp')
-rw-r--r-- | source/k/kernel-configs/config-huge-smp-5.4.6-smp | 18 |
1 files changed, 2 insertions, 16 deletions
diff --git a/source/k/kernel-configs/config-huge-smp-5.4.6-smp b/source/k/kernel-configs/config-huge-smp-5.4.6-smp index 26b43f40..45e8a104 100644 --- a/source/k/kernel-configs/config-huge-smp-5.4.6-smp +++ b/source/k/kernel-configs/config-huge-smp-5.4.6-smp @@ -826,22 +826,13 @@ CONFIG_GCC_PLUGINS=y CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 -CONFIG_MODULE_SIG_FORMAT=y CONFIG_MODULES=y CONFIG_MODULE_FORCE_LOAD=y CONFIG_MODULE_UNLOAD=y CONFIG_MODULE_FORCE_UNLOAD=y # CONFIG_MODVERSIONS is not set # CONFIG_MODULE_SRCVERSION_ALL is not set -CONFIG_MODULE_SIG=y -# CONFIG_MODULE_SIG_FORCE is not set -# CONFIG_MODULE_SIG_ALL is not set -# CONFIG_MODULE_SIG_SHA1 is not set -# CONFIG_MODULE_SIG_SHA224 is not set -CONFIG_MODULE_SIG_SHA256=y -# CONFIG_MODULE_SIG_SHA384 is not set -# CONFIG_MODULE_SIG_SHA512 is not set -CONFIG_MODULE_SIG_HASH="sha256" +# CONFIG_MODULE_SIG is not set # CONFIG_MODULE_COMPRESS is not set CONFIG_MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS=y CONFIG_UNUSED_SYMBOLS=y @@ -8263,11 +8254,7 @@ CONFIG_FORTIFY_SOURCE=y # CONFIG_SECURITY_LOADPIN is not set # CONFIG_SECURITY_YAMA is not set # CONFIG_SECURITY_SAFESETID is not set -CONFIG_SECURITY_LOCKDOWN_LSM=y -CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y -CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y -# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set -# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set +# CONFIG_SECURITY_LOCKDOWN_LSM is not set # CONFIG_INTEGRITY is not set CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity" @@ -8500,7 +8487,6 @@ CONFIG_SIGNED_PE_FILE_VERIFICATION=y # # Certificates for signature checking # -CONFIG_MODULE_SIG_KEY="certs/signing_key.pem" CONFIG_SYSTEM_TRUSTED_KEYRING=y CONFIG_SYSTEM_TRUSTED_KEYS="" # CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set |