From 5bb31ca5747eefae4f5ab7b363bdd96b95ab5c75 Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 24 Aug 2021 11:18:19 +0000
Subject: [PATCH] kernel: Zero-init all stack variables by default

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/kernel/kernel.config.aarch64-ipfire | 2 +-
 config/kernel/kernel.config.armv6l-ipfire  | 2 +-
 config/kernel/kernel.config.x86_64-ipfire  | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/kernel.config.aarch64-ipfire
index 49ee859701..7ae9f9738d 100644
--- a/config/kernel/kernel.config.aarch64-ipfire
+++ b/config/kernel/kernel.config.aarch64-ipfire
@@ -7325,7 +7325,7 @@ CONFIG_GCC_PLUGIN_STRUCTLEAK=y
 CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
 # CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
 # CONFIG_GCC_PLUGIN_STACKLEAK is not set
-# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set
+CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y
 # CONFIG_INIT_ON_FREE_DEFAULT_ON is not set
 # end of Memory initialization
 # end of Kernel hardening options
diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kernel.config.armv6l-ipfire
index b11a179e3b..33117b0b47 100644
--- a/config/kernel/kernel.config.armv6l-ipfire
+++ b/config/kernel/kernel.config.armv6l-ipfire
@@ -7416,7 +7416,7 @@ CONFIG_GCC_PLUGIN_STRUCTLEAK=y
 # CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF is not set
 CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
 # CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
-# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set
+CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y
 # CONFIG_INIT_ON_FREE_DEFAULT_ON is not set
 # end of Memory initialization
 # end of Kernel hardening options
diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire
index 65014f41a7..aab0cfb252 100644
--- a/config/kernel/kernel.config.x86_64-ipfire
+++ b/config/kernel/kernel.config.x86_64-ipfire
@@ -6805,7 +6805,7 @@ CONFIG_GCC_PLUGIN_STRUCTLEAK=y
 CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
 # CONFIG_GCC_PLUGIN_STRUCTLEAK_VERBOSE is not set
 # CONFIG_GCC_PLUGIN_STACKLEAK is not set
-# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set
+CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y
 # CONFIG_INIT_ON_FREE_DEFAULT_ON is not set
 # end of Memory initialization
 # end of Kernel hardening options
-- 
2.39.5