From 451f443882874e5d8df279a53db125b9aafa2ece Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Sat, 29 Dec 2018 23:45:56 +0000 Subject: [PATCH] kernel: Disable some unused network protocols This disables BATMAN (which has been dropped some time ago from userspace), L2TP and ebtables. Signed-off-by: Michael Tremer --- kernel/config-generic | 44 +++++-------------------------------------- kernel/kernel.nm | 2 +- 2 files changed, 6 insertions(+), 40 deletions(-) diff --git a/kernel/config-generic b/kernel/config-generic index 50559e007..9323ab40b 100644 --- a/kernel/config-generic +++ b/kernel/config-generic @@ -943,27 +943,7 @@ CONFIG_NF_DEFRAG_IPV6=y CONFIG_NF_TABLES_BRIDGE=y CONFIG_NFT_BRIDGE_REJECT=m CONFIG_NF_LOG_BRIDGE=m -CONFIG_BRIDGE_NF_EBTABLES=m -CONFIG_BRIDGE_EBT_BROUTE=m -CONFIG_BRIDGE_EBT_T_FILTER=m -CONFIG_BRIDGE_EBT_T_NAT=m -CONFIG_BRIDGE_EBT_802_3=m -CONFIG_BRIDGE_EBT_AMONG=m -CONFIG_BRIDGE_EBT_ARP=m -CONFIG_BRIDGE_EBT_IP=m -CONFIG_BRIDGE_EBT_IP6=m -CONFIG_BRIDGE_EBT_LIMIT=m -CONFIG_BRIDGE_EBT_MARK=m -CONFIG_BRIDGE_EBT_PKTTYPE=m -CONFIG_BRIDGE_EBT_STP=m -CONFIG_BRIDGE_EBT_VLAN=m -CONFIG_BRIDGE_EBT_ARPREPLY=m -CONFIG_BRIDGE_EBT_DNAT=m -CONFIG_BRIDGE_EBT_MARK_T=m -CONFIG_BRIDGE_EBT_REDIRECT=m -CONFIG_BRIDGE_EBT_SNAT=m -CONFIG_BRIDGE_EBT_LOG=m -CONFIG_BRIDGE_EBT_NFLOG=m +# CONFIG_BRIDGE_NF_EBTABLES is not set CONFIG_BPFILTER=y CONFIG_BPFILTER_UMH=m # CONFIG_IP_DCCP is not set @@ -983,13 +963,8 @@ CONFIG_ATM_CLIP=m # CONFIG_ATM_LANE is not set CONFIG_ATM_BR2684=m # CONFIG_ATM_BR2684_IPFILTER is not set -CONFIG_L2TP=m -# CONFIG_L2TP_DEBUGFS is not set -CONFIG_L2TP_V3=y -CONFIG_L2TP_IP=m -CONFIG_L2TP_ETH=m +# CONFIG_L2TP is not set CONFIG_STP=y -CONFIG_GARP=y CONFIG_BRIDGE=y CONFIG_BRIDGE_IGMP_SNOOPING=y CONFIG_BRIDGE_VLAN_FILTERING=y @@ -1005,7 +980,7 @@ CONFIG_NET_DSA_TAG_LAN9303=y CONFIG_NET_DSA_TAG_MTK=y CONFIG_NET_DSA_TAG_QCA=y CONFIG_VLAN_8021Q=y -CONFIG_VLAN_8021Q_GVRP=y +# CONFIG_VLAN_8021Q_GVRP is not set # CONFIG_VLAN_8021Q_MVRP is not set # CONFIG_DECNET is not set CONFIG_LLC=y @@ -1103,15 +1078,7 @@ CONFIG_NET_CLS_IND=y CONFIG_NET_SCH_FIFO=y # CONFIG_DCB is not set CONFIG_DNS_RESOLVER=y -CONFIG_BATMAN_ADV=m -# CONFIG_BATMAN_ADV_BATMAN_V is not set -CONFIG_BATMAN_ADV_BLA=y -CONFIG_BATMAN_ADV_DAT=y -CONFIG_BATMAN_ADV_NC=y -CONFIG_BATMAN_ADV_MCAST=y -CONFIG_BATMAN_ADV_DEBUGFS=y -# CONFIG_BATMAN_ADV_DEBUG is not set -# CONFIG_BATMAN_ADV_TRACING is not set +# CONFIG_BATMAN_ADV is not set # CONFIG_OPENVSWITCH is not set CONFIG_VSOCKETS=m CONFIG_VSOCKETS_DIAG=m @@ -1135,7 +1102,7 @@ CONFIG_CGROUP_NET_CLASSID=y CONFIG_NET_RX_BUSY_POLL=y CONFIG_BQL=y CONFIG_BPF_JIT=y -# CONFIG_BPF_STREAM_PARSER is not set +CONFIG_BPF_STREAM_PARSER=y CONFIG_NET_FLOW_LIMIT=y # @@ -2011,7 +1978,6 @@ CONFIG_PPP_MULTILINK=y CONFIG_PPPOATM=m CONFIG_PPPOE=m CONFIG_PPTP=m -CONFIG_PPPOL2TP=m CONFIG_PPP_ASYNC=m CONFIG_PPP_SYNC_TTY=m # CONFIG_SLIP is not set diff --git a/kernel/kernel.nm b/kernel/kernel.nm index 747880d02..267e232de 100644 --- a/kernel/kernel.nm +++ b/kernel/kernel.nm @@ -5,7 +5,7 @@ name = kernel version = 4.20 -release = 1.1 +release = 2 thisapp = linux-%{version} maintainer = Arne Fitzenreiter -- 2.39.5