diff options
Diffstat (limited to 'fragments/base/security')
| -rw-r--r-- | fragments/base/security | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/fragments/base/security b/fragments/base/security new file mode 100644 index 0000000..5d8b95c --- /dev/null +++ b/fragments/base/security @@ -0,0 +1,14 @@ +CONFIG_REFCOUNT_FULL=y +CONFIG_GCC_PLUGINS=y +CONFIG_GCC_PLUGIN_STRUCTLEAK=y +CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y + +# CONFIG_COMPAT_BRK is not set +# CONFIG_SLAB_MERGE_DEFAULT is not set +CONFIG_SLAB_FREELIST_RANDOM=y +CONFIG_SLAB_FREELIST_HARDENED=y + +CONFIG_HARDENED_USERCOPY=y +CONFIG_FORTIFY_SOURCE=y + +CONFIG_IO_STRICT_DEVMEM=y |