Menu
▾
▴
[Devil-linux-commit] build/scripts/config/linux-2.6 config_grsecurity, 1.10, 1.11 config_linux, 1.49, 1.50 config_linux.486, 1.6, 1.7 config_linux.586, 1.4, 1.5 config_linux.686, 1.8, 1.9
|
From: Heiko Z. <smi...@us...> - 2008-05-23 13:55:58
|
Update of /cvsroot/devil-linux/build/scripts/config/linux-2.6 In directory sc8-pr-cvs12.sourceforge.net:/tmp/cvs-serv19734/scripts/config/linux-2.6 Modified Files: config_grsecurity config_linux config_linux.486 config_linux.586 config_linux.686 Log Message: - updated aufs-2008-05-21 - updated gradm-2.1.12-200805181037 - updated grsecurity-2.1.12-2.6.25.4-200805181334 - updated netfilter-layer7-v2.18 - updated pax-linux-2.6.25.4-test15 - updated unionfs-2.3.3_for_2.6.25 - updated kernel to 2.6.25.4 Index: config_grsecurity =================================================================== RCS file: /cvsroot/devil-linux/build/scripts/config/linux-2.6/config_grsecurity,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- config_grsecurity 27 Mar 2008 14:27:04 -0000 1.10 +++ config_grsecurity 23 May 2008 13:55:54 -0000 1.11 @@ -1,17 +1,31 @@ +# Grsecurity +# CONFIG_GRKERNSEC=y # CONFIG_GRKERNSEC_LOW is not set # CONFIG_GRKERNSEC_MEDIUM is not set # CONFIG_GRKERNSEC_HIGH is not set CONFIG_GRKERNSEC_CUSTOM=y + +# +# Address Space Protection +# CONFIG_GRKERNSEC_KMEM=y CONFIG_GRKERNSEC_IO=y CONFIG_GRKERNSEC_PROC_MEMMAP=y CONFIG_GRKERNSEC_BRUTE=y CONFIG_GRKERNSEC_MODSTOP=y CONFIG_GRKERNSEC_HIDESYM=y + +# +# Role Based Access Control Options +# CONFIG_GRKERNSEC_ACL_HIDEKERN=y CONFIG_GRKERNSEC_ACL_MAXTRIES=3 CONFIG_GRKERNSEC_ACL_TIMEOUT=30 + +# +# Filesystem Protections +# CONFIG_GRKERNSEC_PROC=y CONFIG_GRKERNSEC_PROC_USER=y CONFIG_GRKERNSEC_PROC_ADD=y @@ -31,6 +45,10 @@ CONFIG_GRKERNSEC_CHROOT_NICE=y CONFIG_GRKERNSEC_CHROOT_SYSCTL=y CONFIG_GRKERNSEC_CHROOT_CAPS=y + +# +# Kernel Auditing +# # CONFIG_GRKERNSEC_AUDIT_GROUP is not set CONFIG_GRKERNSEC_EXECLOG=y CONFIG_GRKERNSEC_RESLOG=y @@ -43,31 +61,66 @@ CONFIG_GRKERNSEC_TIME=y CONFIG_GRKERNSEC_PROC_IPADDR=y # CONFIG_GRKERNSEC_AUDIT_TEXTREL is not set + +# +# Executable Protections +# CONFIG_GRKERNSEC_EXECVE=y CONFIG_GRKERNSEC_DMESG=y # CONFIG_GRKERNSEC_TPE is not set + +# +# Network Protections +# CONFIG_GRKERNSEC_RANDNET=y # CONFIG_GRKERNSEC_SOCKET is not set + +# +# Sysctl support +# CONFIG_GRKERNSEC_SYSCTL=y # CONFIG_GRKERNSEC_SYSCTL_ON is not set + +# +# Logging Options +# CONFIG_GRKERNSEC_FLOODTIME=10 CONFIG_GRKERNSEC_FLOODBURST=10 + +# +# PaX +# CONFIG_PAX=y + +# +# PaX Control +# # CONFIG_PAX_SOFTMODE is not set # CONFIG_PAX_EI_PAX is not set CONFIG_PAX_PT_PAX_FLAGS=y # CONFIG_PAX_NO_ACL_FLAGS is not set CONFIG_PAX_HAVE_ACL_FLAGS=y # CONFIG_PAX_HOOK_ACL_FLAGS is not set + +# +# Non-executable pages +# CONFIG_PAX_NOEXEC=y CONFIG_PAX_PAGEEXEC=y CONFIG_PAX_SEGMEXEC=y # CONFIG_PAX_EMUTRAMP is not set CONFIG_PAX_MPROTECT=y # CONFIG_PAX_NOELFRELOCS is not set + +# +# Address Space Layout Randomization +# CONFIG_PAX_ASLR=y -# CONFIG_PAX_RANDKSTACK is not set CONFIG_PAX_RANDUSTACK=y CONFIG_PAX_RANDMMAP=y + +# +# Miscellaneous hardening features +# # CONFIG_PAX_MEMORY_SANITIZE is not set # CONFIG_PAX_MEMORY_UDEREF is not set Index: config_linux =================================================================== RCS file: /cvsroot/devil-linux/build/scripts/config/linux-2.6/config_linux,v retrieving revision 1.49 retrieving revision 1.50 diff -u -d -r1.49 -r1.50 --- config_linux 29 Mar 2008 19:47:47 -0000 1.49 +++ config_linux 23 May 2008 13:55:54 -0000 1.50 @@ -2669,3 +2669,86 @@ CONFIG_SAMPLES=n CONFIG_SECURITY_FILE_CAPABILITIES=y CONFIG_FRANDOM=y +CONFIG_GROUP_SCHED=y +CONFIG_RT_GROUP_SCHED=n +CONFIG_SYSFS_DEPRECATED_V2=y +CONFIG_UTS_NS=n +CONFIG_IPC_NS=n +CONFIG_COMPAT_BRK=n +CONFIG_PROFILING=n +CONFIG_MARKERS=n +CONFIG_KPROBES=n +CONFIG_ACPI_WMI=m +CONFIG_XFRM_STATISTICS=n +CONFIG_NETFILTER_ADVANCED=y +CONFIG_NET_CLS_FLOW=m +CONFIG_CAN=n +CONFIG_MAC80211_RC_DEFAULT_PID=y +CONFIG_MAC80211_RC_DEFAULT_SIMPLE=n +CONFIG_MAC80211_RC_SIMPLE=n +CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT=n +CONFIG_BLK_DEV_XIP=n +CONFIG_ACER_WMI=m +CONFIG_TC1100_WMI=m +CONFIG_THINKPAD_ACPI_VIDEO=y +CONFIG_THINKPAD_ACPI_HOTKEY_POLL=y +CONFIG_INTEL_MENLOW=m +CONFIG_ENCLOSURE_SERVICES=m +CONFIG_SCSI_ENCLOSURE=m +CONFIG_SCSI_SAS_HOST_SMP=y +CONFIG_SCSI_MVSAS=m +CONFIG_PATA_NINJA32=m +CONFIG_IMQ=m +CONFIG_IMQ_NUM_DEVS=16 +CONFIG_IMQ_BEHAVIOR_AA=n +CONFIG_IMQ_BEHAVIOR_AB=n +CONFIG_IMQ_BEHAVIOR_BA=y +CONFIG_IMQ_BEHAVIOR_BB=n +CONFIG_ENC28J60=m +CONFIG_ENC28J60_WRITEVERIFY=n +CONFIG_R6040=m +CONFIG_IGB=m +CONFIG_BNX2X=m +CONFIG_USB_NET_RNDIS_WLAN=m +CONFIG_RTL8180=m +CONFIG_ATH5K=m +CONFIG_IWL4965_QOS=y +CONFIG_IWL4965_HT=y +CONFIG_IWL4965_SPECTRUM_MEASUREMENT=y +CONFIG_IWL4965_SENSITIVITY=y +CONFIG_IWL4965_DEBUG=n +CONFIG_IWL3945_QOS=y +CONFIG_IWL3945_SPECTRUM_MEASUREMENT=y +CONFIG_IWL3945_DEBUG=n +CONFIG_INPUT_APANEL=n +CONFIG_RISCOM8=m +CONFIG_NOZOMI=m +CONFIG_IPWIRELESS=m +CONFIG_SCx200_I2C_SCL=12 +CONFIG_SCx200_I2C_SDA=13 +CONFIG_HP_WATCHDOG=m +CONFIG_VIDEO_PVRUSB2_ONAIR_CREATOR=y +CONFIG_VIDEO_PVRUSB2_ONAIR_USB2=y +CONFIG_USB_STKWEBCAM=m +CONFIG_USB_ANNOUNCE_NEW_DEVICES=y +CONFIG_USB_SERIAL_IUU=m +CONFIG_MEMSTICK=m +CONFIG_MEMSTICK_DEBUG=n +CONFIG_MEMSTICK_UNSAFE_RESUME=n +CONFIG_MSPRO_BLOCK=m +CONFIG_MEMSTICK_TIFM_MS=m +CONFIG_MEMSTICK_JMICRON_38X=m +CONFIG_LEDS_CLEVO_MAIL=n +CONFIG_RTC_DRV_S35390A=m +CONFIG_RTC_DRV_R9701=m +CONFIG_RTC_DRV_DS1511=m +CONFIG_LATENCYTOP=n +CONFIG_PROVIDE_OHCI1394_DMA_INIT=n +CONFIG_IO_DELAY_0X80=y +CONFIG_IO_DELAY_0XED=n +CONFIG_IO_DELAY_UDELAY=n +CONFIG_IO_DELAY_NONE=n +CONFIG_CRYPTO_DEV_HIFN_795X=m +CONFIG_CRYPTO_DEV_HIFN_795X_RNG=y +CONFIG_VIRTIO_PCI=m +CONFIG_VIRTIO_BALLOON=m Index: config_linux.586 =================================================================== RCS file: /cvsroot/devil-linux/build/scripts/config/linux-2.6/config_linux.586,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- config_linux.586 23 Oct 2007 18:06:29 -0000 1.4 +++ config_linux.586 23 May 2008 13:55:54 -0000 1.5 @@ -14,6 +14,7 @@ # CONFIG_X86_VISWS is not set # CONFIG_X86_GENERICARCH is not set # CONFIG_X86_ES7000 is not set +# CONFIG_X86_RDC321X is not set CONFIG_PARAVIRT=y CONFIG_VMI=y # CONFIG_M386 is not set Index: config_linux.486 =================================================================== RCS file: /cvsroot/devil-linux/build/scripts/config/linux-2.6/config_linux.486,v retrieving revision 1.6 retrieving revision 1.7 diff -u -d -r1.6 -r1.7 --- config_linux.486 23 Oct 2007 18:06:29 -0000 1.6 +++ config_linux.486 23 May 2008 13:55:54 -0000 1.7 @@ -14,6 +14,7 @@ # CONFIG_X86_VISWS is not set # CONFIG_X86_GENERICARCH is not set # CONFIG_X86_ES7000 is not set +# CONFIG_X86_RDC321X is not set CONFIG_PARAVIRT=y CONFIG_VMI=y # CONFIG_M386 is not set Index: config_linux.686 =================================================================== RCS file: /cvsroot/devil-linux/build/scripts/config/linux-2.6/config_linux.686,v retrieving revision 1.8 retrieving revision 1.9 diff -u -d -r1.8 -r1.9 --- config_linux.686 23 Oct 2007 18:06:29 -0000 1.8 +++ config_linux.686 23 May 2008 13:55:54 -0000 1.9 @@ -14,6 +14,7 @@ # CONFIG_X86_VISWS is not set # CONFIG_X86_GENERICARCH is not set # CONFIG_X86_ES7000 is not set +# CONFIG_X86_RDC321X is not set CONFIG_PARAVIRT=y # CONFIG_XEN is not set CONFIG_VMI=y |
