Commit message (Collapse) | Author | Age | Lines | |
---|---|---|---|---|
* | fragments: Add fragment for the Intel I225 Ethernet Controller | Wolfgang Müller | 2022-07-10 | -0/+1 |
| | ||||
* | fragments: Add fragment for AMD Zen 3 CPUs | Wolfgang Müller | 2022-07-10 | -0/+1 |
| | ||||
* | fragments: Remove obsolete settings from net/nftables | Wolfgang Müller | 2022-07-10 | -3/+0 |
| | | | | These are gone with the 5.17 series. | |||
* | fragments: Enable AMD-specific support for cpu/amd | Wolfgang Müller | 2022-07-10 | -1/+1 |
| | | | | | We can safely choose the MK8 setting here instead of falling back to a generic CPU configuration. | |||
* | fragments: Enable the EFI framebuffer console for EFI systems | Wolfgang Müller | 2022-07-10 | -0/+5 |
| | | | | | Support for this was lacking before, making EFI systems unusable after boot since there was no output on the screen. | |||
* | fragments: Enable core scheduling for SMT | Wolfgang Müller | 2022-07-10 | -0/+2 |
| | | | | | This should be safe to have enabled (but unused) and gives us an extra layer of potential mitigation of SMT side channels. | |||
* | fragments: Enable X2APIC support | Wolfgang Müller | 2022-07-10 | -0/+3 |
| | | | | | This should improve handling of very large core counts and should be safe to enable globally. | |||
* | templates: Add base/acpi to base template | Wolfgang Müller | 2022-07-10 | -0/+1 |
| | ||||
* | fragments: Add fragments for base ACPI settings | Wolfgang Müller | 2022-07-10 | -0/+1 |
| | | | | | For now this enables the processor aggregator, which should reduce power consumption when supported by the ACPI device. | |||
* | templates: Add base/tasks to base template | Wolfgang Müller | 2022-07-10 | -0/+1 |
| | ||||
* | fragments: Add fragment for task accounting | Wolfgang Müller | 2022-07-10 | -0/+4 |
| | | | | | This is needed for application such as htop and doesn't hurt to be included in the base group. | |||
* | templates: Enable ZFS on nabokov | Wolfgang Müller | 2022-06-04 | -0/+1 |
| | ||||
* | fragments: Enable CONFIG_BINFMT_MISC | Wolfgang Müller | 2022-06-04 | -0/+2 |
| | ||||
* | fragments: Add CONFIG_JUMP_LABEL to base/common | Wolfgang Müller | 2022-06-04 | -0/+2 |
| | | | | This seems to be a harmless optimization. | |||
* | templates: Enable fs/ntfs on nabokov | Wolfgang Müller | 2022-06-04 | -0/+1 |
| | | | | | We dual-boot Windows, so this should come in handy and removes the need for the FUSE-based ntfs3g driver. | |||
* | fragments: Add fragment for NTFS3 | Wolfgang Müller | 2022-06-04 | -0/+2 |
| | | | | | | This fragment add support for NTFS versions up to 3.1 [1] [1] https://www.kernel.org/doc/html/latest/filesystems/ntfs3.html | |||
* | fragments: Remove CONFIG_SND_HDA_PREALLOC_SIZE=2048 | Wolfgang Müller | 2022-06-04 | -3/+0 |
| | | | | | | | | | | Starting with kernels in the 5.15 branch, this setting is no longer changeable from its value of '0' on x86 systems [1]. The pulseaudio ebuild still recommends setting this value, which is possibly misleading. See [2]. [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/hda/Kconfig?id=c31427d0d21e198c74d5d92082c4b8194b257f82 [2] https://bugs.gentoo.org/show_bug.cgi?id=716252 | |||
* | fragments: Remove CONFIG_NF_LOG_BRIDGE=y | Wolfgang Müller | 2022-06-04 | -1/+0 |
| | | | | | | This particular option was merged into NF_LOG_SYSLOG in kernel commit 77ccee96a674 (netfilter: nf_log_bridge: merge with nf_log_syslog, 2021-03-25) | |||
* | fragments: Remove reference to CONFIG_UNUSED_SYMBOLS | Wolfgang Müller | 2022-06-04 | -2/+0 |
| | | | | This option does no longer exist in the 5.15 branch. | |||
* | fragments: Add fragment for ZFS | Wolfgang Müller | 2022-06-04 | -0/+1 |
| | | | | | ZFS requires CONFIG_ZLIB_DEFLATE which is selected by CONFIG_CRYPTO_DEFLATE. | |||
* | fragments: Add requisite option for KSP | Wolfgang Müller | 2022-06-04 | -0/+1 |
| | ||||
* | fragments: Update to latest KSP recommendations | Wolfgang Müller | 2021-08-13 | -0/+5 |
| | | | | | | The Gentoo KSP recommendations have changed slightly again, now requiring three different settings instead of just one. Additionally, in order to enable KSP at all, CONFIG_MODIFY_LDT_SYSCALL needs to be unset. | |||
* | fragments: Enable CONFIG_SECURITY | Wolfgang Müller | 2021-08-13 | -0/+2 |
| | | | | | | An upcoming commit updates to the latest KSP recommendations and requires this particular setting as a direct dependency for CONFIG_SECURITY_YAMA. | |||
* | fragments: Use expert mode by default | Wolfgang Müller | 2021-08-13 | -0/+2 |
| | | | | | An upcoming commit which updates to the latest KSP recommendations requires expert mode for one setting. Enable it here. | |||
* | fragments: Remove obsoleted KSP switch | Wolfgang Müller | 2021-07-20 | -1/+0 |
| | | | | | | The newer versions of sys-kernel/gentoo-sources do not have this switch anymore, instead relying only on the architecture-specific switches. Remove it. | |||
* | fragments: Enable GENTOO_KERNEL_SELF_PROTECTION | Wolfgang Müller | 2021-07-03 | -0/+3 |
| | | | | | | | | | This setting pulls in a set of recommended settings [1] from the Kernel Self Protection Project. We are pretty sure that we exhaustively set all these manually already, but since Gentoo upstream provides this option, make use of it too. [1] https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings | |||
* | templates: Enable profile/systemd on nabokov | Wolfgang Müller | 2021-04-17 | -0/+1 |
| | ||||
* | fragments: Add fragment enabling support for systemd | Wolfgang Müller | 2021-04-16 | -0/+1 |
| | | | | | This fragment relies on the Gentoo patchsets for the Linux kernel, as the config option is not an upstream one. | |||
* | fragments: Enable CONFIG_BT_HS by default | Wolfgang Müller | 2021-03-06 | -0/+1 |
| | | | | This will support high-speed bluetooth interfaces. | |||
* | fragments: Enable CONFIG_RAS | Wolfgang Müller | 2021-03-06 | -0/+1 |
| | | | | This is needed for CONFIG_EDAC* but is not enabled by default upstream. | |||
* | fragments: Remove superfluous options for 5.10 | Wolfgang Müller | 2021-03-06 | -3/+0 |
| | | | | | These options have either been merged into others or enabled unconditionally. | |||
* | templates: Enable the PL2303 serial-to-USB driver on nabokov | Wynn Wolf Arbor | 2020-10-25 | -0/+1 |
| | ||||
* | fragments: Add fragment with the PL2303 serial-to-USB driver | Wynn Wolf Arbor | 2020-10-25 | -0/+2 |
| | ||||
* | templates: Move wireguard support to the base template | Wynn Wolf Arbor | 2020-08-28 | -2/+1 |
| | | | | This is a feature we generally want on all of our systems. | |||
* | fragments: Remove AUDIT_WATCH and AUDIT_TREE from security/audit | Wynn Wolf Arbor | 2020-08-28 | -2/+0 |
| | | | | | | These two options have been replaced [1] by CONFIG_AUDITSYSCALL. [1] https://patchwork.kernel.org/patch/10686725/ | |||
* | Remove CONFIG_CIFS_ACL | Wynn Wolf Arbor | 2020-08-07 | -1/+0 |
| | | | | This option is now contained in CIFS_POSIX | |||
* | templates: Enable wireguard for demeter | Wynn Wolf Arbor | 2020-08-07 | -0/+1 |
| | ||||
* | templates: Enable wireguard for nabokov | Wynn Wolf Arbor | 2020-08-07 | -0/+1 |
| | ||||
* | fragments: Add fragment enabling wireguard support | Wynn Wolf Arbor | 2020-08-07 | -0/+1 |
| | ||||
* | Add fragment that enables filesystem encryption | Wynn Wolf Arbor | 2020-02-29 | -0/+2 |
| | ||||
* | Add new netfilter/nftables options | Wynn Wolf Arbor | 2020-02-29 | -0/+3 |
| | ||||
* | Enable PCI by default | Wynn Wolf Arbor | 2020-02-29 | -0/+1 |
| | | | | This option was apparently changed to default to no on the 5.4 series | |||
* | Improve security by disabling vsyscall table for legacy apps | Wynn Wolf Arbor | 2020-02-29 | -0/+3 |
| | ||||
* | Remove deprecated kernel options | Wynn Wolf Arbor | 2020-02-29 | -22/+0 |
| | ||||
* | Remove merge.sh | Wynn Wolf Arbor | 2020-02-29 | -23/+0 |
| | | | | This functionality has been moved to another tool. | |||
* | Allow multiple routing tables for IPv6 | Wynn Wolf Arbor | 2020-02-29 | -0/+2 |
| | ||||
* | Initial import | Wynn Wolf Arbor | 2020-02-29 | -0/+380 |