kjh
/
arch-linux-kernel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity
1,129 Commits 2 Branches 0 Tags 1.5 MiB
Commit Graph

966 Commits

Author SHA1 Message Date
Jan Alexander Steffens d7bf404c33 FS#71270: Don't enable "bpf" LSM by default 
It provides all possible hooks, which makes it harder to properly use
major LSMs. Using security= to enable a major LSM puts it at the end of
the list. Some functions (like security_getprocattr) only use the first
matching hook, thus prefer bpf.
 2021-06-16 22:13:34 +00:00
Jan Alexander Steffens 3f21513a71 5.12.10.arch1-1 2021-06-10 17:16:45 +00:00
Jan Alexander Steffens 9fe32edb60 5.12.9.arch1-1 2021-06-03 12:11:43 +00:00
Jan Alexander Steffens b7f14e1a69 5.12.8.arch1-1 2021-05-28 21:05:54 +00:00
Jan Alexander Steffens 99703861e1 FS#69505: Enable MTD_ROM 2021-05-27 19:39:55 +00:00
Jan Alexander Steffens b72d63df03 5.12.7.arch1-1 2021-05-26 22:45:28 +00:00
Jan Alexander Steffens 1da8e74711 5.12.6.arch1-1 2021-05-23 01:36:16 +00:00
Jan Alexander Steffens ea7ccabcad 5.12.5.arch1-1 2021-05-19 11:46:27 +00:00
Jan Alexander Steffens 3c493d93c4 5.12.4.arch2-1 2021-05-18 22:29:32 +00:00
Jan Alexander Steffens 04cd0126a3 5.12.4.arch1-2 2021-05-15 21:38:30 +00:00
Jan Alexander Steffens 2a8704f5e1 Set KFENCE_SAMPLE_INTERVAL to 0 
Turns off KFENCE by default, as requested by Levente. There are power
use issues, see
https://lore.kernel.org/linux-mm/20210421105132.3965998-1-elver@google.com/
 2021-05-15 21:38:29 +00:00
Jan Alexander Steffens 1646eced3b Enable DEBUG_INFO_DWARF4 
Required for BTF to work with GCC 11.
 2021-05-15 21:38:27 +00:00
Jan Alexander Steffens acb9384891 5.12.4.arch1-1 2021-05-14 14:20:31 +00:00
Jan Alexander Steffens 24c6f0d688 5.12.3.arch2-1 2021-05-13 20:01:56 +00:00
Jan Alexander Steffens 4b8cbaa097 5.12.3.arch1-2 2021-05-13 00:02:40 +00:00
Jan Alexander Steffens 1214e4e40a 5.12.3.arch1-1 2021-05-12 18:53:54 +00:00
Jan Alexander Steffens cc87e6b052 5.12.2.arch1-1 2021-05-07 16:08:11 +00:00
Jan Alexander Steffens db81b3eea9 FS#70742: Enable MTD_NAND_ECC_* 2021-05-07 16:08:09 +00:00
Jan Alexander Steffens 621ea2d08c 5.12.1.arch1-1 2021-05-02 13:41:41 +00:00
Jan Alexander Steffens 7f6df05917 Turn on KFENCE by default 
As requested by Levente.
 2021-05-02 13:41:40 +00:00
Jan Alexander Steffens b03b4f7e6f 5.12.arch1-1 2021-04-26 21:33:26 +00:00
Jan Alexander Steffens d71e920034 5.11.16.arch1-1 2021-04-21 20:39:28 +00:00
Jan Alexander Steffens 62782a577d FS#69181: Enable FB_UVESA 2021-04-21 20:39:27 +00:00
Jan Alexander Steffens 0d66f76ec1 FS#68698: Enable HID_SENSOR_CUSTOM_SENSOR 2021-04-21 20:39:26 +00:00
Jan Alexander Steffens 6f3f90e76b FS#69505: Enable MTD_RAM 2021-04-21 20:39:22 +00:00
Jan Alexander Steffens 3f3fcefaf5 5.11.15.arch1-2 2021-04-17 00:56:35 +00:00
Jan Alexander Steffens 85750f85be Revert "Enable LOAD_UEFI_KEYS" 
It didn't help secure dkms modules like we thought it would.
 2021-04-17 00:56:34 +00:00
Jan Alexander Steffens 4e15a9f945 5.11.15.arch1-1 2021-04-16 12:28:14 +00:00
Jan Alexander Steffens e0674e41ca 5.11.14.arch1-1 2021-04-14 12:48:08 +00:00
Jan Alexander Steffens 0ab80e4b19 5.11.13.arch3-1 2021-04-14 11:11:29 +00:00
Jan Alexander Steffens 47a3ddc4b0 5.11.13.arch2-1 2021-04-12 00:54:06 +00:00
Jan Alexander Steffens 46d00c9794 5.11.13.arch1-1 2021-04-10 21:25:36 +00:00
Jan Alexander Steffens 44305ad48b FS#70375: Disable BT_HS 2021-04-09 18:49:50 +00:00
Jan Alexander Steffens 3272234053 FS#70384: Return atkbd to a module 2021-04-09 14:49:24 +00:00
Jan Alexander Steffens eac563f39e 5.11.12.arch1-1 2021-04-07 22:37:33 +00:00
Jan Alexander Steffens 56380b3e43 FS#70299: Enable IDLE_PAGE_TRACKING 2021-04-05 12:50:09 +00:00
Jan Alexander Steffens e74e4210d3 5.11.11.arch1-1 2021-03-30 14:47:29 +00:00
Jan Alexander Steffens f99611e296 FS#69441: Revert "Disable USB gadget support" 2021-03-30 14:47:28 +00:00
Jan Alexander Steffens 320113849b 5.11.10.arch1-1 2021-03-26 00:56:43 +00:00
Jan Alexander Steffens ca32941726 5.11.9.arch1-1 2021-03-24 19:28:05 +00:00
Jan Alexander Steffens d014a88b5b FS#70140: Enable EFI_VARS_PSTORE_DEFAULT_DISABLE 2021-03-24 19:28:03 +00:00
Jan Alexander Steffens 364d5e5432 5.11.8.arch1-1 2021-03-21 02:30:21 +00:00
Jan Alexander Steffens 1cf3662d97 FS#70064: Set SND_HDA_PREALLOC_SIZE to 0 
This is also the default in Fedora.
 2021-03-21 02:30:20 +00:00
Jan Alexander Steffens 1c099ca397 5.11.7.arch1-1 2021-03-17 17:35:35 +00:00
Jan Alexander Steffens b4a2e977d4 FS#69992: Enable SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC 2021-03-15 16:28:21 +00:00
Jan Alexander Steffens 7e6eb07df5 FS#69479: Disable BCM63XX drivers 2021-03-14 14:40:19 +00:00
Jan Alexander Steffens fc7f97fc30 FS#33958, FS#35753: Fix tomoyo settings 2021-03-14 14:40:17 +00:00
Jan Alexander Steffens 80415a58a9 5.11.6.arch1-1 2021-03-11 15:05:55 +00:00
Jan Alexander Steffens 44637ec6c7 5.11.5.arch1-1 2021-03-09 20:07:14 +00:00
Jan Alexander Steffens e280f34fb3 5.11.4.arch1-1 2021-03-07 18:34:36 +00:00
Jan Alexander Steffens 62f6c03f2c 5.11.3.arch1-1 2021-03-04 22:24:21 +00:00
Jan Alexander Steffens 1dca396562 5.11.2.arch1-1 2021-02-26 22:42:58 +00:00
Jan Alexander Steffens ec11f3e288 5.11.1.arch1-1 2021-02-23 14:47:16 +00:00
Jan Alexander Steffens ae5ce75f0d 5.11.arch2-1 2021-02-19 00:11:51 +00:00
Jan Alexander Steffens cc8cce72b9 5.11.arch1-1 2021-02-15 23:56:35 +00:00
Jan Alexander Steffens c3046f0b81 5.10.16.arch1-1 2021-02-13 21:20:45 +00:00
Jan Alexander Steffens ce690b2efd 5.10.15.arch1-1 2021-02-10 19:05:11 +00:00
Jan Alexander Steffens 3550611332 5.10.14.arch1-1 2021-02-07 23:17:50 +00:00
Jan Alexander Steffens d159b9a739 5.10.13.arch1-2 2021-02-06 11:45:09 +00:00
Jan Alexander Steffens 71c2279684 FS#69158: Return psmouse to a module 2021-02-04 19:32:19 +00:00
Jan Alexander Steffens 2630980304 5.10.13.arch1-1 2021-02-04 00:25:58 +00:00
Jan Alexander Steffens 7874717d9d FS#69479: Disable Lantiq and Rockchip drivers 2021-02-04 00:25:57 +00:00
Jan Alexander Steffens 861c5dfd04 Update security config 
- Build in loadpin, but keep it disabled by default
- Enable bpf by default
 2021-02-04 00:25:55 +00:00
Jan Alexander Steffens d04972b60c FS#69212: Reenable multimedia test drivers 2021-01-31 01:33:42 +00:00
Jan Alexander Steffens 9d28b37b79 5.10.12.arch1-1 2021-01-31 01:33:39 +00:00
Jan Alexander Steffens cf0be7beee 5.10.11.arch1-1 2021-01-27 15:42:47 +00:00
Jan Alexander Steffens 66b09ae393 5.10.10.arch1-1 2021-01-24 00:56:16 +00:00
Jan Alexander Steffens 460787f437 5.10.9.arch1-1 2021-01-19 23:33:14 +00:00
Jan Alexander Steffens 732488a858 5.10.8.arch1-1 2021-01-17 23:12:23 +00:00
Jan Alexander Steffens 0007db0e69 5.10.7.arch1-1 2021-01-13 13:01:40 +00:00
Jan Alexander Steffens c19564ecfa 5.10.6.arch1-1 2021-01-09 19:17:04 +00:00
Jan Alexander Steffens 29ab84e2ba 5.10.5.arch1-1 2021-01-07 12:05:32 +00:00
Jan Alexander Steffens 8ffb940e20 5.10.4.arch2-1 2021-01-01 06:17:42 +00:00
Jan Alexander Steffens 87cfb1a823 Reenable MTD_PHRAM 
Can be used with syslinux's memdiskfind to mount a filesystem image.
 2021-01-01 06:17:41 +00:00
Jan Alexander Steffens 45857ed86c Enable SECURITY_DMESG_RESTRICT 
Default on Debian, and seems to be reasonable for us since we also don't
allow access to the system journal by default.
 2020-12-31 01:18:17 +00:00
Jan Alexander Steffens b54786ee1f 5.10.4.arch1-1 2020-12-31 01:18:16 +00:00
Jan Alexander Steffens 66ead9f4aa 5.10.3.arch1-1 2020-12-27 12:02:15 +00:00
Jan Alexander Steffens ddeb06b257 Revert two config changes 
As requested by Levente.
 2020-12-22 01:33:12 +00:00
Jan Alexander Steffens 5ee180e682 5.10.2.arch1-1 2020-12-21 20:50:34 +00:00
Jan Alexander Steffens c6467751e8 Update sums 2020-12-18 23:32:11 +00:00
Jan Alexander Steffens 056e1229cd Disable DCCP (still affected by CVE-2020-16119) 2020-12-18 17:58:35 +00:00
Jan Alexander Steffens 8c2a9a8da9 FS#68978 Enable SoundWire machine driver 2020-12-16 14:37:37 +00:00
Jan Alexander Steffens e32e0ba50d 5.10.1.arch1-1 2020-12-15 21:22:15 +00:00
Jan Alexander Steffens d0179d6259 5.9.14.arch1-1 2020-12-12 22:02:25 +00:00
Jan Alexander Steffens 01bedab48a 5.9.13.arch1-1 2020-12-08 13:13:09 +00:00
Jan Alexander Steffens 7c79d74fff 5.9.12.arch1-1 2020-12-02 17:23:51 +00:00
Jan Alexander Steffens fe6596ab57 5.9.11.arch2-1 2020-11-28 02:51:37 +00:00
Jan Alexander Steffens 0b08d44ef8 5.9.11.arch1-1 2020-11-24 16:27:08 +00:00
Jan Alexander Steffens 85e1041b01 5.9.10.arch1-1 2020-11-22 15:26:46 +00:00
Jan Alexander Steffens 6be6ead80b 5.9.9.arch1-1 2020-11-18 20:51:25 +00:00
Jan Alexander Steffens 706a33e2de 5.9.8.arch1-1 2020-11-10 23:52:19 +00:00
Jan Alexander Steffens 141dd23c01 5.9.7.arch1-1 2020-11-10 15:00:15 +00:00
Jan Alexander Steffens 073b042f87 5.9.6.arch1-1 2020-11-05 21:49:56 +00:00
Jan Alexander Steffens 1bcde0c2d1 5.9.5.arch2-1 2020-11-05 15:05:22 +00:00
Jan Alexander Steffens 87febd662a 5.9.4.arch1-1 2020-11-04 22:42:21 +00:00
Jan Alexander Steffens 34b501df44 5.9.3.arch1-1 2020-11-01 14:53:55 +00:00
Jan Alexander Steffens dea8c573f1 5.9.2.arch1-1 2020-10-29 18:18:58 +00:00
Jan Alexander Steffens a9e6574b98 5.9.1.arch1-1 2020-10-17 14:45:48 +00:00
Jan Alexander Steffens 2c8951be72 5.9.arch1-1 2020-10-12 21:06:00 +00:00
Jan Alexander Steffens dc92454675 5.8.14.arch1-1: FS#68092 Restore HDA prealloc 2020-10-07 23:59:36 +00:00