Commit Graph

327 Commits

Author SHA1 Message Date
Jan Alexander Steffens 56d402493b FS#65518: Enable SND_SOC_INTEL_SKYLAKE 2020-02-17 00:55:11 +00:00
Jan Alexander Steffens 90b69f3da5 Disable INTEL_IOMMU_DEFAULT_ON
Intel IOMMU support is still in a shitty state. What a shame.
2020-02-04 18:04:39 +00:00
Jan Alexander Steffens 5c532afbaa 5.5.1.arch1-1: Enable INTEL_IOMMU_DEFAULT_ON
IOMMU is important for security in systems using PCI bridges (e.g.
Thunderbolt, USB4) or other means of DMA from potentially untrusted
devices (e.g. FireWire). It's also used to safely pass devices into VMs.

Enable it by default. It can still be disabled at boot using
intel_iommu=off. intel_iommu=igfx_off is also available to exclude just
the iGPU.
2020-02-01 17:53:24 +00:00
Jan Alexander Steffens 727d1e1d47 5.5.arch1-1 2020-01-27 22:28:27 +00:00
Jan Alexander Steffens 9b0026f12a 5.4.15.arch1-1 2020-01-26 10:12:29 +00:00
Jan Alexander Steffens 2231922647 5.4.13.arch1-1 2020-01-17 23:41:56 +00:00
Jan Alexander Steffens 91d5b604de FS#62384: Enable BPF_KPROBE_OVERRIDE
https://bugs.archlinux.org/task/62384
2020-01-17 23:41:55 +00:00
Jan Alexander Steffens 5ac0903843 5.4.7.arch1-1 2019-12-31 17:50:17 +00:00
Jan Alexander Steffens f3603dadd9 Disable SND_HDA_INTEL_DETECT_DMIC
It's not ready; the drivers that are supposed to step in when
snd-hda-intel aborts probing aren't working yet. v5.5 will have a better
solution for driver selection, anyway.
2019-12-13 11:34:25 +00:00
Jan Alexander Steffens 3ead601c9d 5.4.1.arch1-1 2019-11-29 14:56:15 +00:00
Jan Alexander Steffens 196a2934c5 Disable RMI4_F54
Doesn't crash now, but still pretty useless.
  - V4L device still confuses applications.
  - Reading a sensor image makes the touchpad unusable as an input
    device until it is power-cycled.
2019-11-27 20:28:02 +00:00
Jan Alexander Steffens 97381f5f19 Enable SND_HDA_INTEL_DETECT_DMIC
Now that we have SOF, let it handle systems with DMICs.
2019-11-27 20:28:01 +00:00
Jan Alexander Steffens 426a33d8ae FS#63464: Disable misbehaving SOF drivers
Reading the changes made at
https://github.com/thesofproject/linux/pull/1382/files
2019-11-27 20:27:58 +00:00
Jan Alexander Steffens d27c858681 5.4.arch1-1 2019-11-25 23:56:20 +00:00
Jan Alexander Steffens c189ce4263 Enable INIT_ON_ALLOC_DEFAULT_ON
https://outflux.net/blog/archives/2019/11/14/security-things-in-linux-v5-3/
2019-11-18 21:33:26 +00:00
Jan Alexander Steffens cad3b7156f 5.3.11.1-1 2019-11-12 23:21:40 +00:00
Jan Alexander Steffens 44420b8b15 Disable full dynticks 2019-11-03 14:24:59 +00:00
Jan Alexander Steffens aa190d3c60 Disable some stray Freescale audio modules 2019-11-03 14:24:58 +00:00
Jan Alexander Steffens 35f8455e06 FS#64302: Disable Google SMI
Crashes on various non-Google Chromebooks and Coreboot-using laptops
like Librem and reflashed ThinkPads.
2019-11-03 10:45:25 +00:00
Jan Alexander Steffens a53987ae76 FS#63464: Disable Sound Open Firmware
We don't ship any firmware files (yet) and the drivers can be loaded
in preference to the SST drivers, which we do have firmware for.
2019-11-02 08:23:45 +00:00
Jan Alexander Steffens b204fb2896 Disable CONFIG_RMI4_F54
The V4L touch device created is buggy, causing userspace applications
(PipeWire) to behave badly and even kernel panics when running

    v4l2-compliance -t 0 -s 1
2019-10-31 15:11:37 +00:00
Jan Alexander Steffens 3f306c2e10 FS#55784 enable google modules 2019-10-19 14:01:12 +00:00
Jan Alexander Steffens 964e000a29 5.3.2.arch2-1 2019-10-04 00:16:59 +00:00
Jan Alexander Steffens be16067dd6 Enable SUNRPC_DISABLE_INSECURE_ENCTYPES 2019-10-03 14:51:04 +00:00
Jan Alexander Steffens bd82bdc99a 5.3.arch1-1 2019-09-16 04:19:09 +00:00
Jan Alexander Steffens 92f97e2c06 5.2.10.arch1-1 2019-08-25 18:27:22 +00:00
Jan Alexander Steffens ec7e9200bb 5.2.5.arch1-1 2019-07-31 09:05:53 +00:00
Jan Alexander Steffens c75fb07643 FS#62432: Disable FW_LOADER_USER_HELPER 2019-07-30 21:04:09 +00:00
Jan Alexander Steffens 439e5a0af4 5.2.2.arch1-1: Disable stackleak; shows up in perf as 6-7% overhead 2019-07-21 19:43:40 +00:00
Jan Alexander Steffens 53d0c2511a 5.2.1.arch1-1 2019-07-14 21:46:06 +00:00
Jan Alexander Steffens e77150c276 Enable stackleak 2019-07-10 15:18:09 +00:00
Jan Alexander Steffens 0471ab33d5 5.2.arch2-1 2019-07-09 04:10:19 +00:00
Jan Alexander Steffens c8269e7394 Update config 2019-06-24 07:28:51 +00:00
Jan Alexander Steffens 6621446c2d 5.1.8.arch1-1 2019-06-09 21:32:47 +00:00
Jan Alexander Steffens 10505f2f9b Disable integrity, enable safesetid, only load yama by default 2019-05-07 20:04:22 +00:00
Jan Alexander Steffens 78a111327b 5.1.arch1-1 2019-05-06 23:33:26 +00:00
Jan Alexander Steffens f84d330b5f 5.0.10.arch1-1 2019-04-27 22:09:22 +00:00
Jan Alexander Steffens b16b08b24a FS#42910: Enable TOMOYO and SMACK 2019-04-09 21:53:11 +00:00
Jan Alexander Steffens bcf602c7ae 5.0.arch1-1 2019-03-04 15:36:14 +00:00
Jan Alexander Steffens 6d64c139ef 4.20.3.arch1-1 2019-01-17 00:31:30 +00:00
Jan Alexander Steffens fdbdebf5f1 4.20.1.arch1-1 2019-01-10 04:59:02 +00:00
Jan Alexander Steffens 4810e21851 4.20.arch1-1 2018-12-24 04:08:00 +00:00
Jan Alexander Steffens 03525e64df FS#60879: Enable CONFIG_IEEE802154_HWSIM 2018-12-09 23:10:36 +00:00
Jan Alexander Steffens bb9d85deef 4.19.7.arch1-1 2018-12-05 21:55:32 +00:00
Jan Alexander Steffens 21df49f85d 4.19.3.arch1-1 2018-11-22 07:41:48 +00:00
Jan Alexander Steffens 9036d47c87 FS#53288: Add GVRP 2018-11-20 22:04:33 +00:00
Jan Alexander Steffens d00e2383fc 4.19.2.arch1-1 2018-11-13 22:29:23 +00:00
Jan Alexander Steffens b1f5dbdf27 4.19.1.arch1-1 2018-11-04 17:56:31 +00:00
Jan Alexander Steffens b966f6d713 FS#60614: Enable Block-MQ by default 2018-11-04 16:36:58 +00:00
Jan Alexander Steffens 757573dfbc FS#57408: Reenable 16-bit support 2018-11-03 08:52:15 +00:00
Jan Alexander Steffens cf354551c2 Disable RANDOM_TRUST_CPU and IOMMU_DEBUGFS 2018-10-29 21:35:18 +00:00
Jan Alexander Steffens 19c2451141 FS#60520 Enable LEDS_SYSCON 2018-10-26 19:04:33 +00:00
Jan Alexander Steffens 4ce5aa26d4 4.19.arch1-1 2018-10-26 18:46:07 +00:00
Jan Alexander Steffens aac6d414e3 FS#46505 Minimal config for USB serial console support 2018-10-26 12:06:56 +00:00
Jan Alexander Steffens 6e7f717f02 4.18.16.arch1-1: Build in VFIO for FS#46505 2018-10-20 22:05:36 +00:00
Jan Alexander Steffens c11f879fad FS#46505: USB Serial console support; build in USB keyboard support 2018-09-27 00:45:46 +00:00
Jan Alexander Steffens 3a29867f82 4.18.8.arch1-1 2018-09-15 22:53:00 +00:00
Jan Alexander Steffens 81fa94f9fc Add module signatures (but don't require) 2018-09-12 17:25:54 +00:00
Jan Alexander Steffens 6b918f8941 FS#59833: Disable BPFILTER 2018-09-03 19:15:29 +00:00
Jan Alexander Steffens 2e347a387f Revert "Enable TXT, SELinux and AppArmor"
All of these require significant userspace support. SELinux in
particular requires linking against its library in numerous places,
including coreutils. This makes making them available in the kernel of
dubious value. Still, AppArmor and SELinux are available in
linux-hardened for those who want it.

This reverts commit 8215d0422d37317bd154497a2240ebbdd14c131d.
2018-09-03 19:15:26 +00:00
Jan Alexander Steffens 304ce7dbcb FS#59824: build in PC RTC driver 2018-08-31 07:05:30 +00:00
Jan Alexander Steffens 8ff0dbd8eb Enable TXT, SELinux and AppArmor 2018-08-26 09:25:52 +00:00
Jan Alexander Steffens 30e994930b 4.18.1.arch1-1 2018-08-16 06:57:20 +00:00
Jan Alexander Steffens 7fa10dea65 4.18.arch1-1 2018-08-13 12:41:17 +00:00
Jan Alexander Steffens 38e2423534 4.17.11-1: Move to git sources 2018-07-29 11:29:04 +00:00
Jan Alexander Steffens f80d73be85 4.17.6-1 2018-07-11 21:23:47 +00:00
Jan Alexander Steffens 13f5fbf302 4.17-1 2018-06-04 21:58:16 +00:00
Jan Alexander Steffens 133e8566cc 4.16.10-1 2018-05-21 09:24:48 +00:00
Jan Alexander Steffens 208c34716c 4.16.9-1 2018-05-17 06:33:03 +00:00
Jan Alexander Steffens bfe3236573 FS#58486 Disable MPX 2018-05-08 04:18:37 +00:00
Jan Alexander Steffens 8d69ea3172 FS#58323: Increase max NUMA nodes back to 32
Turns out people do try to run Arch on systems with more than 4 nodes.
2018-04-25 22:05:52 +00:00
Jan Alexander Steffens 8f6da2420c 4.16.2-2 2018-04-17 20:06:12 +00:00
Jan Alexander Steffens c590a2e0be FS#58183 build in Intel pinctrl drivers 2018-04-13 17:43:59 +00:00
Jan Alexander Steffens 1b036bd1c2 4.16.1-1 2018-04-11 20:40:42 +00:00
Jan Alexander Steffens fb064678ce 4.16-1 2018-04-03 01:22:17 +00:00
Jan Alexander Steffens e180e6ba02 4.15.5-1 2018-02-22 23:04:15 +00:00
Jan Alexander Steffens 3ac6ae819e Disable non-generic, non-virtual FB drivers again 2018-02-22 06:07:42 +00:00
Jan Alexander Steffens 4a8cfbddc5 Pick some config options from Ubuntu 2018-02-14 23:57:00 +00:00
Bartłomiej Piotrowski a9645d5933 Re-enable CONFIG_X86_VSYSCALL_EMULATION in the future build 2018-02-13 21:23:06 +00:00
Jan Alexander Steffens 4ff6895d2a 4.15.2-2 2018-02-08 20:21:03 +00:00
Jan Alexander Steffens c8244b9f85 4.15.1-4 2018-02-07 20:12:17 +00:00
Jan Alexander Steffens 66d86aa447 4.15.1-3 2018-02-07 02:04:04 +00:00
Jan Alexander Steffens dfe3385d53 4.15.1-2 2018-02-04 23:56:53 +00:00
Jan Alexander Steffens 4d3aeddeb1 4.15.1-1 2018-02-04 03:48:24 +00:00
Jan Alexander Steffens 77f03fcad0 4.15-1 2018-01-29 05:32:00 +00:00
Jan Alexander Steffens 837bc45331 4.14.14-1 2018-01-19 18:50:16 +00:00
Jan Alexander Steffens 540a56c51a 4.14.11-1 2018-01-03 07:21:25 +00:00
Jan Alexander Steffens 5bc96756cc 4.14.9-1 2017-12-26 00:24:55 +00:00
Jan Alexander Steffens dfd455a453 4.14.6-1 2017-12-14 21:53:24 +00:00
Jan Alexander Steffens f6d7e8335b 4.14.4-3: Audit is not useful without the userspace to configure it 2017-12-08 10:53:48 +00:00
Jan Alexander Steffens 91b3783f7e 4.14.4-2 2017-12-07 21:38:43 +00:00
Jan Alexander Steffens ca748c5be3 4.14-1 2017-11-18 15:57:38 +00:00
Jan Alexander Steffens 7aaba75fcd 4.10-1 2017-02-26 16:39:46 +00:00
Jan Alexander Steffens 83345a2f82 Update config 2017-01-24 11:54:14 +00:00
Jan Alexander Steffens f2b1c64484 Enable all generations in amdgpu 2017-01-12 08:17:54 +00:00
Jan Alexander Steffens 9d9b3f18fa Canonicalize configs 2016-12-26 00:20:19 +00:00
Tobias Powalowski a3e56a695f reenable AMDGPU_SI, HWLAT_TRACER 2016-12-25 18:42:18 +00:00
Tobias Powalowski af6fe02a4f sync in heftig changes from last config, leave amdgpu_si disabled 2016-12-25 18:06:20 +00:00
Tobias Powalowski 0d3c06a13e bump to 4.9 series 2016-12-22 07:07:19 +00:00
Jan Alexander Steffens fece07295a Prepare 4.9 2016-12-21 19:02:35 +00:00