| Commit message (Collapse) | Author | Age | Lines |
| |
|
|
|
|
| |
The latter block is required by iwd, which we expect to be using.
|
| |
|
| |
|
|
|
|
|
| |
For now this will only include support for zstd. This is generic enough
to keep in a base profile.
|
|
|
|
|
|
| |
Where before we had a profile/vm fragment that was set on nearly every
host we administer, now make sure to enable KVM unconditionally and put
CPU-specific KVM options into the CPU profiles.
|
|
|
|
|
|
|
| |
This particular flag has been removed from the Bluetooth Core
specification and is not available in the kernel anymore [1].
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9dd082b4feb68ca08463767f51c342982e0de7d9
|
|
|
|
|
| |
This will enable PANs and the ability to pair mice, keyboards, and
gamepads.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
This option is now needed for Kernel Self Protection system to be
available.
|
|
|
|
|
|
| |
This option has been removed in newer kernel versions [1].
[1] https://github.com/torvalds/linux/commit/0f5b2c69a4cbe4166ca24b76d5ada98ed2867741
|
|
|
|
| |
This option no longer exists in versions >= 5.18.7.
|
|
|
|
|
| |
This exposes NVMe drive temperatures to the hwmon interface, making them
accessible through lm-sensors.
|
|
|
|
|
| |
These are useful to show with lm-sensors. No more need to show
temperatures using smartctl.
|
|
|
|
|
| |
This includes the necessary firmware settings and a specific chipset
configuration toggle.
|
|
|
|
|
|
|
|
| |
This should work fine on Navi or newer GPUs. The Gentoo Wiki [1]
recommends also setting the MEMORY_*, ZONE_* and DEVICE_* settings, so
we have them enabled here.
[1] https://wiki.gentoo.org/wiki/AMDGPU#Kernel
|
| |
|
| |
|
| |
|
|
|
|
| |
These are gone with the 5.17 series.
|
|
|
|
|
| |
We can safely choose the MK8 setting here instead of falling back to a
generic CPU configuration.
|
|
|
|
|
| |
Support for this was lacking before, making EFI systems unusable after
boot since there was no output on the screen.
|
|
|
|
|
| |
This should be safe to have enabled (but unused) and gives us an extra
layer of potential mitigation of SMT side channels.
|
|
|
|
|
| |
This should improve handling of very large core counts and should be
safe to enable globally.
|
|
|
|
|
| |
For now this enables the processor aggregator, which should reduce power
consumption when supported by the ACPI device.
|
|
|
|
|
| |
This is needed for application such as htop and doesn't hurt to be
included in the base group.
|
| |
|
|
|
|
| |
This seems to be a harmless optimization.
|
|
|
|
|
|
| |
This fragment add support for NTFS versions up to 3.1 [1]
[1] https://www.kernel.org/doc/html/latest/filesystems/ntfs3.html
|
|
|
|
|
|
|
|
|
|
| |
Starting with kernels in the 5.15 branch, this setting is no longer
changeable from its value of '0' on x86 systems [1]. The pulseaudio
ebuild still recommends setting this value, which is possibly
misleading. See [2].
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/sound/hda/Kconfig?id=c31427d0d21e198c74d5d92082c4b8194b257f82
[2] https://bugs.gentoo.org/show_bug.cgi?id=716252
|
|
|
|
|
|
| |
This particular option was merged into NF_LOG_SYSLOG in kernel commit
77ccee96a674 (netfilter: nf_log_bridge: merge with nf_log_syslog,
2021-03-25)
|
|
|
|
| |
This option does no longer exist in the 5.15 branch.
|
|
|
|
|
| |
ZFS requires CONFIG_ZLIB_DEFLATE which is selected by
CONFIG_CRYPTO_DEFLATE.
|
| |
|
|
|
|
|
|
| |
The Gentoo KSP recommendations have changed slightly again, now
requiring three different settings instead of just one. Additionally, in
order to enable KSP at all, CONFIG_MODIFY_LDT_SYSCALL needs to be unset.
|
|
|
|
|
|
| |
An upcoming commit updates to the latest KSP recommendations and
requires this particular setting as a direct dependency for
CONFIG_SECURITY_YAMA.
|
|
|
|
|
| |
An upcoming commit which updates to the latest KSP recommendations
requires expert mode for one setting. Enable it here.
|
|
|
|
|
|
| |
The newer versions of sys-kernel/gentoo-sources do not have this switch
anymore, instead relying only on the architecture-specific switches.
Remove it.
|
|
|
|
|
|
|
|
|
| |
This setting pulls in a set of recommended settings [1] from the Kernel
Self Protection Project. We are pretty sure that we exhaustively set all
these manually already, but since Gentoo upstream provides this option,
make use of it too.
[1] https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings
|
|
|
|
|
| |
This fragment relies on the Gentoo patchsets for the Linux kernel, as
the config option is not an upstream one.
|
|
|
|
| |
This will support high-speed bluetooth interfaces.
|
|
|
|
| |
This is needed for CONFIG_EDAC* but is not enabled by default upstream.
|
|
|
|
|
| |
These options have either been merged into others or enabled
unconditionally.
|
| |
|
|
|
|
|
|
| |
These two options have been replaced [1] by CONFIG_AUDITSYSCALL.
[1] https://patchwork.kernel.org/patch/10686725/
|