git.ipfire.org Git - people/pmueller/ipfire-2.x.git/commit - config/kernel/kernel.config.x86

author	Peter Müller <peter.mueller@ipfire.org>
	Fri, 13 Oct 2023 09:03:00 +0000 (09:03 +0000)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Fri, 20 Oct 2023 08:44:26 +0000 (08:44 +0000)
commit	447d0bf51ed17f16880fd5041b3a88dcdec8a648
tree	c508ac0905805eab6a48f02a35dec2d9c1dbaecc	tree \| snapshot
parent	bf85d30b58353bdbf3f375d01f72ca96d0cd030d	commit \| diff

linux: Disable io_uring

This subsystem has been a frequent source of security vulnerabilities
affecting the Linux kernel; as a result, Google announced on June 14,
2023, that they would disable it in their environment as widely as
possible.

IPFire does not depend on the availability of io_uring. Therefore,
disable this subsystem as well in order to preemptively cut attack
surface.

See also: https://security.googleblog.com/2023/06/learnings-from-kctf-vrps-42-linux.html

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

config/kernel/kernel.config.aarch64-ipfire		diff \| blob \| blame \| history
config/kernel/kernel.config.x86_64-ipfire		diff \| blob \| blame \| history