#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 3.10.11 Kernel Configuration
+# Linux/arm 3.10.22 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_SYS_SUPPORTS_APM_EMULATION=y
# CONFIG_IKCONFIG is not set
CONFIG_LOG_BUF_SHIFT=19
# CONFIG_CGROUPS is not set
-# CONFIG_CHECKPOINT_RESTORE is not set
CONFIG_NAMESPACES=y
CONFIG_UTS_NS=y
CONFIG_IPC_NS=y
# CONFIG_MODVERSIONS is not set
# CONFIG_MODULE_SRCVERSION_ALL is not set
# CONFIG_MODULE_SIG is not set
+CONFIG_STOP_MACHINE=y
CONFIG_BLOCK=y
CONFIG_LBDAF=y
CONFIG_BLK_DEV_BSG=y
CONFIG_CPU_HAS_ASID=y
CONFIG_CPU_CP15=y
CONFIG_CPU_CP15_MMU=y
-CONFIG_CPU_USE_DOMAINS=y
#
# Processor Features
CONFIG_FRONTSWAP=y
CONFIG_FORCE_MAX_ZONEORDER=11
CONFIG_ALIGNMENT_TRAP=y
-# CONFIG_UACCESS_WITH_MEMCPY is not set
CONFIG_SECCOMP=y
CONFIG_CC_STACKPROTECTOR=y
CONFIG_L2TP_ETH=m
CONFIG_STP=m
CONFIG_GARP=m
-CONFIG_MRP=m
CONFIG_BRIDGE=m
CONFIG_BRIDGE_IGMP_SNOOPING=y
CONFIG_BRIDGE_VLAN_FILTERING=y
# Generic Driver Options
#
CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug"
-# CONFIG_DEVTMPFS is not set
+CONFIG_DEVTMPFS=y
+CONFIG_DEVTMPFS_MOUNT=y
# CONFIG_STANDALONE is not set
# CONFIG_PREVENT_FIRMWARE_BUILD is not set
CONFIG_FW_LOADER=y
#
CONFIG_PROC_FS=y
CONFIG_PROC_SYSCTL=y
-CONFIG_PROC_PAGE_MONITOR=y
CONFIG_SYSFS=y
CONFIG_TMPFS=y
CONFIG_TMPFS_POSIX_ACL=y
# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
# CONFIG_NOTIFIER_ERROR_INJECTION is not set
# CONFIG_FAULT_INJECTION is not set
-# CONFIG_LATENCYTOP is not set
# CONFIG_DEBUG_PAGEALLOC is not set
CONFIG_HAVE_FUNCTION_TRACER=y
CONFIG_HAVE_FUNCTION_GRAPH_TRACER=y
#
# Security options
#
+
+#
+# Grsecurity
+#
+CONFIG_PAX_USERCOPY_SLABS=y
+CONFIG_GRKERNSEC=y
+# CONFIG_GRKERNSEC_CONFIG_AUTO is not set
+CONFIG_GRKERNSEC_CONFIG_CUSTOM=y
+
+#
+# Customize Configuration
+#
+
+#
+# PaX
+#
+CONFIG_PAX=y
+
+#
+# PaX Control
+#
+# CONFIG_PAX_SOFTMODE is not set
+CONFIG_PAX_EI_PAX=y
+CONFIG_PAX_PT_PAX_FLAGS=y
+# CONFIG_PAX_XATTR_PAX_FLAGS is not set
+# CONFIG_PAX_NO_ACL_FLAGS is not set
+CONFIG_PAX_HAVE_ACL_FLAGS=y
+# CONFIG_PAX_HOOK_ACL_FLAGS is not set
+
+#
+# Non-executable pages
+#
+CONFIG_PAX_NOEXEC=y
+CONFIG_PAX_PAGEEXEC=y
+CONFIG_PAX_MPROTECT=y
+# CONFIG_PAX_MPROTECT_COMPAT is not set
+CONFIG_PAX_ELFRELOCS=y
+# CONFIG_PAX_KERNEXEC is not set
+CONFIG_PAX_KERNEXEC_PLUGIN_METHOD=""
+
+#
+# Address Space Layout Randomization
+#
+CONFIG_PAX_ASLR=y
+CONFIG_PAX_RANDUSTACK=y
+CONFIG_PAX_RANDMMAP=y
+
+#
+# Miscellaneous hardening features
+#
+CONFIG_PAX_MEMORY_SANITIZE=y
+CONFIG_PAX_MEMORY_STRUCTLEAK=y
+CONFIG_PAX_MEMORY_UDEREF=y
+CONFIG_PAX_REFCOUNT=y
+CONFIG_PAX_USERCOPY=y
+# CONFIG_PAX_LATENT_ENTROPY is not set
+
+#
+# Memory Protections
+#
+# CONFIG_GRKERNSEC_KMEM is not set
+CONFIG_GRKERNSEC_JIT_HARDEN=y
+# CONFIG_GRKERNSEC_PERF_HARDEN is not set
+CONFIG_GRKERNSEC_RAND_THREADSTACK=y
+CONFIG_GRKERNSEC_PROC_MEMMAP=y
+CONFIG_GRKERNSEC_BRUTE=y
+CONFIG_GRKERNSEC_MODHARDEN=y
+CONFIG_GRKERNSEC_HIDESYM=y
+CONFIG_GRKERNSEC_KERN_LOCKOUT=y
+
+#
+# Role Based Access Control Options
+#
+CONFIG_GRKERNSEC_NO_RBAC=y
+# CONFIG_GRKERNSEC_ACL_HIDEKERN is not set
+CONFIG_GRKERNSEC_ACL_MAXTRIES=3
+CONFIG_GRKERNSEC_ACL_TIMEOUT=30
+
+#
+# Filesystem Protections
+#
+# CONFIG_GRKERNSEC_PROC is not set
+CONFIG_GRKERNSEC_LINK=y
+# CONFIG_GRKERNSEC_SYMLINKOWN is not set
+CONFIG_GRKERNSEC_FIFO=y
+# CONFIG_GRKERNSEC_SYSFS_RESTRICT is not set
+# CONFIG_GRKERNSEC_ROFS is not set
+CONFIG_GRKERNSEC_DEVICE_SIDECHANNEL=y
+CONFIG_GRKERNSEC_CHROOT=y
+# CONFIG_GRKERNSEC_CHROOT_MOUNT is not set
+CONFIG_GRKERNSEC_CHROOT_DOUBLE=y
+CONFIG_GRKERNSEC_CHROOT_PIVOT=y
+CONFIG_GRKERNSEC_CHROOT_CHDIR=y
+# CONFIG_GRKERNSEC_CHROOT_CHMOD is not set
+CONFIG_GRKERNSEC_CHROOT_FCHDIR=y
+# CONFIG_GRKERNSEC_CHROOT_MKNOD is not set
+CONFIG_GRKERNSEC_CHROOT_SHMAT=y
+CONFIG_GRKERNSEC_CHROOT_UNIX=y
+CONFIG_GRKERNSEC_CHROOT_FINDTASK=y
+CONFIG_GRKERNSEC_CHROOT_NICE=y
+CONFIG_GRKERNSEC_CHROOT_SYSCTL=y
+# CONFIG_GRKERNSEC_CHROOT_CAPS is not set
+CONFIG_GRKERNSEC_CHROOT_INITRD=y
+
+#
+# Kernel Auditing
+#
+# CONFIG_GRKERNSEC_AUDIT_GROUP is not set
+# CONFIG_GRKERNSEC_EXECLOG is not set
+CONFIG_GRKERNSEC_RESLOG=y
+# CONFIG_GRKERNSEC_CHROOT_EXECLOG is not set
+# CONFIG_GRKERNSEC_AUDIT_PTRACE is not set
+# CONFIG_GRKERNSEC_AUDIT_CHDIR is not set
+# CONFIG_GRKERNSEC_AUDIT_MOUNT is not set
+CONFIG_GRKERNSEC_SIGNAL=y
+CONFIG_GRKERNSEC_FORKFAIL=y
+# CONFIG_GRKERNSEC_TIME is not set
+CONFIG_GRKERNSEC_PROC_IPADDR=y
+# CONFIG_GRKERNSEC_RWXMAP_LOG is not set
+
+#
+# Executable Protections
+#
+CONFIG_GRKERNSEC_DMESG=y
+CONFIG_GRKERNSEC_HARDEN_PTRACE=y
+CONFIG_GRKERNSEC_PTRACE_READEXEC=y
+CONFIG_GRKERNSEC_SETXID=y
+# CONFIG_GRKERNSEC_TPE is not set
+
+#
+# Network Protections
+#
+CONFIG_GRKERNSEC_RANDNET=y
+CONFIG_GRKERNSEC_BLACKHOLE=y
+CONFIG_GRKERNSEC_NO_SIMULT_CONNECT=y
+# CONFIG_GRKERNSEC_SOCKET is not set
+
+#
+# Physical Protections
+#
+# CONFIG_GRKERNSEC_DENYUSB is not set
+
+#
+# Sysctl Support
+#
+# CONFIG_GRKERNSEC_SYSCTL is not set
+
+#
+# Logging Options
+#
+CONFIG_GRKERNSEC_FLOODTIME=10
+CONFIG_GRKERNSEC_FLOODBURST=6
CONFIG_KEYS=y
# CONFIG_ENCRYPTED_KEYS is not set
CONFIG_KEYS_DEBUG_PROC_KEYS=y
# CONFIG_SECURITY_SMACK is not set
# CONFIG_SECURITY_TOMOYO is not set
# CONFIG_SECURITY_APPARMOR is not set
-# CONFIG_SECURITY_YAMA is not set
# CONFIG_IMA is not set
# CONFIG_EVM is not set
CONFIG_DEFAULT_SECURITY_DAC=y
projects / people / teissler / ipfire-2.x.git / blobdiff