summaryrefslogtreecommitdiff
path: root/source/k/kernel-configs/config-huge-smp-5.4.6-smp
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2019-12-27 22:54:53 +0000
committerEric Hameleers <alien@slackware.com>2019-12-28 08:59:51 +0100
commit2d09b7457a5c97591238b34ef717734a84167ec2 (patch)
tree431544def9c1218df72d0869edbfe9dfb816988b /source/k/kernel-configs/config-huge-smp-5.4.6-smp
parentbe35adbd1160550e441ead585a97faba68a83f27 (diff)
downloadcurrent-2d09b7457a5c97591238b34ef717734a84167ec2.tar.gz
Fri Dec 27 22:54:53 UTC 201920191227225453
a/kernel-generic-5.4.6-x86_64-2.txz: Rebuilt. a/kernel-huge-5.4.6-x86_64-2.txz: Rebuilt. a/kernel-modules-5.4.6-x86_64-2.txz: Rebuilt. ap/vim-8.2.0050-x86_64-1.txz: Upgraded. d/kernel-headers-5.4.6-x86-2.txz: Rebuilt. k/kernel-source-5.4.6-noarch-2.txz: Rebuilt. Apparently MODULE_SIG was enabled by SECURITY_LOCKDOWN_LSM. We'll turn both of those off to avoid needlessly tainting the kernel. -LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY n -LOCK_DOWN_KERNEL_FORCE_INTEGRITY n -LOCK_DOWN_KERNEL_FORCE_NONE y -MODULE_SIG_ALL n -MODULE_SIG_FORCE n -MODULE_SIG_FORMAT y -MODULE_SIG_HASH "sha256" -MODULE_SIG_KEY "certs/signing_key.pem" -MODULE_SIG_SHA1 n -MODULE_SIG_SHA224 n -MODULE_SIG_SHA256 y -MODULE_SIG_SHA384 n -MODULE_SIG_SHA512 n -SECURITY_LOCKDOWN_LSM_EARLY y MODULE_SIG y -> n SECURITY_LOCKDOWN_LSM y -> n l/imagemagick-7.0.9_12-x86_64-1.txz: Upgraded. l/libcap-2.29-x86_64-1.txz: Upgraded. xap/vim-gvim-8.2.0050-x86_64-1.txz: Upgraded. isolinux/initrd.img: Rebuilt. kernels/*: Rebuilt. usb-and-pxe-installers/usbboot.img: Rebuilt.
Diffstat (limited to 'source/k/kernel-configs/config-huge-smp-5.4.6-smp')
-rw-r--r--source/k/kernel-configs/config-huge-smp-5.4.6-smp18
1 files changed, 2 insertions, 16 deletions
diff --git a/source/k/kernel-configs/config-huge-smp-5.4.6-smp b/source/k/kernel-configs/config-huge-smp-5.4.6-smp
index 26b43f40..45e8a104 100644
--- a/source/k/kernel-configs/config-huge-smp-5.4.6-smp
+++ b/source/k/kernel-configs/config-huge-smp-5.4.6-smp
@@ -826,22 +826,13 @@ CONFIG_GCC_PLUGINS=y
CONFIG_RT_MUTEXES=y
CONFIG_BASE_SMALL=0
-CONFIG_MODULE_SIG_FORMAT=y
CONFIG_MODULES=y
CONFIG_MODULE_FORCE_LOAD=y
CONFIG_MODULE_UNLOAD=y
CONFIG_MODULE_FORCE_UNLOAD=y
# CONFIG_MODVERSIONS is not set
# CONFIG_MODULE_SRCVERSION_ALL is not set
-CONFIG_MODULE_SIG=y
-# CONFIG_MODULE_SIG_FORCE is not set
-# CONFIG_MODULE_SIG_ALL is not set
-# CONFIG_MODULE_SIG_SHA1 is not set
-# CONFIG_MODULE_SIG_SHA224 is not set
-CONFIG_MODULE_SIG_SHA256=y
-# CONFIG_MODULE_SIG_SHA384 is not set
-# CONFIG_MODULE_SIG_SHA512 is not set
-CONFIG_MODULE_SIG_HASH="sha256"
+# CONFIG_MODULE_SIG is not set
# CONFIG_MODULE_COMPRESS is not set
CONFIG_MODULE_ALLOW_MISSING_NAMESPACE_IMPORTS=y
CONFIG_UNUSED_SYMBOLS=y
@@ -8263,11 +8254,7 @@ CONFIG_FORTIFY_SOURCE=y
# CONFIG_SECURITY_LOADPIN is not set
# CONFIG_SECURITY_YAMA is not set
# CONFIG_SECURITY_SAFESETID is not set
-CONFIG_SECURITY_LOCKDOWN_LSM=y
-CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y
-CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y
-# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set
-# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set
+# CONFIG_SECURITY_LOCKDOWN_LSM is not set
# CONFIG_INTEGRITY is not set
CONFIG_DEFAULT_SECURITY_DAC=y
CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity"
@@ -8500,7 +8487,6 @@ CONFIG_SIGNED_PE_FILE_VERIFICATION=y
#
# Certificates for signature checking
#
-CONFIG_MODULE_SIG_KEY="certs/signing_key.pem"
CONFIG_SYSTEM_TRUSTED_KEYRING=y
CONFIG_SYSTEM_TRUSTED_KEYS=""
# CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set