blob: e786963c140a3a65ed1d7c3f35da6cd523996f81 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
CONFIG_SECURITY=y
CONFIG_GCC_PLUGINS=y
CONFIG_GCC_PLUGIN_STRUCTLEAK=y
CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
# CONFIG_COMPAT_BRK is not set
# CONFIG_SLAB_MERGE_DEFAULT is not set
CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB_FREELIST_HARDENED=y
CONFIG_HARDENED_USERCOPY=y
CONFIG_FORTIFY_SOURCE=y
CONFIG_IO_STRICT_DEVMEM=y
# Unsure about musl support/static binaries?
CONFIG_LEGACY_VSYSCALL_NONE=y
# Needed for SELF_PROTECTION
# CONFIG_MODIFY_LDT_SYSCALL is not set
CONFIG_IOMMU_DEFAULT_DMA_STRICT=y
CONFIG_GENTOO_KERNEL_SELF_PROTECTION=y
CONFIG_GENTOO_KERNEL_SELF_PROTECTION_COMMON=y
CONFIG_GENTOO_KERNEL_SELF_PROTECTION_X86_64=y
CONFIG_SCHED_CORE=y
|
