summaryrefslogtreecommitdiffstats
path: root/fragments (follow)
Commit message (Collapse)AuthorAgeLines
* fragments: Update to latest KSP recommendationsWolfgang Müller2021-08-13-0/+5
| | | | | | The Gentoo KSP recommendations have changed slightly again, now requiring three different settings instead of just one. Additionally, in order to enable KSP at all, CONFIG_MODIFY_LDT_SYSCALL needs to be unset.
* fragments: Enable CONFIG_SECURITYWolfgang Müller2021-08-13-0/+2
| | | | | | An upcoming commit updates to the latest KSP recommendations and requires this particular setting as a direct dependency for CONFIG_SECURITY_YAMA.
* fragments: Use expert mode by defaultWolfgang Müller2021-08-13-0/+2
| | | | | An upcoming commit which updates to the latest KSP recommendations requires expert mode for one setting. Enable it here.
* fragments: Remove obsoleted KSP switchWolfgang Müller2021-07-20-1/+0
| | | | | | The newer versions of sys-kernel/gentoo-sources do not have this switch anymore, instead relying only on the architecture-specific switches. Remove it.
* fragments: Enable GENTOO_KERNEL_SELF_PROTECTIONWolfgang Müller2021-07-03-0/+3
| | | | | | | | | This setting pulls in a set of recommended settings [1] from the Kernel Self Protection Project. We are pretty sure that we exhaustively set all these manually already, but since Gentoo upstream provides this option, make use of it too. [1] https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recommended_Settings
* fragments: Add fragment enabling support for systemdWolfgang Müller2021-04-16-0/+1
| | | | | This fragment relies on the Gentoo patchsets for the Linux kernel, as the config option is not an upstream one.
* fragments: Enable CONFIG_BT_HS by defaultWolfgang Müller2021-03-06-0/+1
| | | | This will support high-speed bluetooth interfaces.
* fragments: Enable CONFIG_RASWolfgang Müller2021-03-06-0/+1
| | | | This is needed for CONFIG_EDAC* but is not enabled by default upstream.
* fragments: Remove superfluous options for 5.10Wolfgang Müller2021-03-06-3/+0
| | | | | These options have either been merged into others or enabled unconditionally.
* fragments: Add fragment with the PL2303 serial-to-USB driverWynn Wolf Arbor2020-10-25-0/+2
|
* fragments: Remove AUDIT_WATCH and AUDIT_TREE from security/auditWynn Wolf Arbor2020-08-28-2/+0
| | | | | | These two options have been replaced [1] by CONFIG_AUDITSYSCALL. [1] https://patchwork.kernel.org/patch/10686725/
* Remove CONFIG_CIFS_ACLWynn Wolf Arbor2020-08-07-1/+0
| | | | This option is now contained in CIFS_POSIX
* fragments: Add fragment enabling wireguard supportWynn Wolf Arbor2020-08-07-0/+1
|
* Add fragment that enables filesystem encryptionWynn Wolf Arbor2020-02-29-0/+1
|
* Add new netfilter/nftables optionsWynn Wolf Arbor2020-02-29-0/+3
|
* Enable PCI by defaultWynn Wolf Arbor2020-02-29-0/+1
| | | | This option was apparently changed to default to no on the 5.4 series
* Improve security by disabling vsyscall table for legacy appsWynn Wolf Arbor2020-02-29-0/+3
|
* Remove deprecated kernel optionsWynn Wolf Arbor2020-02-29-22/+0
|
* Allow multiple routing tables for IPv6Wynn Wolf Arbor2020-02-29-0/+2
|
* Initial importWynn Wolf Arbor2020-02-29-0/+316