commit: 90223082cf6a76ff8a08f341ebdf08e388bbf8f4 Author: Arisu Tachibana <alicef <AT> gentoo <DOT> org> AuthorDate: Fri Nov 14 07:42:08 2025 +0000 Commit: Arisu Tachibana <alicef <AT> gentoo <DOT> org> CommitDate: Fri Nov 14 08:36:07 2025 +0000 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=90223082
Update distro gentoo kconfig with KSPP updates Signed-off-by: Arisu Tachibana <alicef <AT> gentoo.org> 4567_distro-Gentoo-Kconfig.patch | 56 ++++++++++++++++++++++++++++------------ 1 file changed, 40 insertions(+), 16 deletions(-) diff --git a/4567_distro-Gentoo-Kconfig.patch b/4567_distro-Gentoo-Kconfig.patch index c34629a6..5543daa0 100644 --- a/4567_distro-Gentoo-Kconfig.patch +++ b/4567_distro-Gentoo-Kconfig.patch @@ -1,13 +1,39 @@ ---- a/Kconfig 2025-05-11 15:08:39.749096585 -0400 -+++ b/Kconfig 2025-05-11 15:09:02.490873859 -0400 +From 15772d7f271de72be9e954a37de4a820ceeeae92 Mon Sep 17 00:00:00 2001 +From: Arisu Tachibana <[email protected]> +Date: Fri, 14 Nov 2025 17:09:23 +0900 +Subject: [PATCH] 4567_distro-Gentoo-Kconfig.patch + +Drop structleak gcc plugin +Ref: https://github.com/torvalds/linux/commit/8530ea3c9b9747faba46ed3a59ad103b894f1189 + +Drop ARCH_EPHEMERAL_INODES +Ref: https://github.com/torvalds/linux/commit/74ce793bcbde5cef0f82d6ccb3c47cb651295a9a + +Switch to RANDSTRUCT_FULL + +Signed-off-by: Arisu Tachibana <[email protected]> +--- + Kconfig | 2 + + distro/Kconfig | 310 +++++++++++++++++++++++++++++++++++++++++++++++++ + mm/Kconfig | 2 + + 3 files changed, 314 insertions(+) + create mode 100644 distro/Kconfig + +diff --git a/Kconfig b/Kconfig +index 307e58114..91aa4be3d 100644 +--- a/Kconfig ++++ b/Kconfig @@ -32,3 +32,5 @@ source "lib/Kconfig.debug" source "Documentation/Kconfig" source "io_uring/Kconfig" + +source "distro/Kconfig" ---- /dev/null 2024-05-05 10:40:37.103999988 -0400 -+++ b/distro/Kconfig 2024-05-05 13:37:37.699554927 -0400 +diff --git a/distro/Kconfig b/distro/Kconfig +new file mode 100644 +index 000000000..41797d8f8 +--- /dev/null ++++ b/distro/Kconfig @@ -0,0 +1,310 @@ +menu "Gentoo Linux" + @@ -185,10 +211,11 @@ +config GENTOO_KERNEL_SELF_PROTECTION_COMMON + bool "Enable Kernel Self Protection Project Recommendations" + -+ depends on GENTOO_LINUX && !ACPI_CUSTOM_METHOD && !COMPAT_BRK && !PROC_KCORE && !COMPAT_VDSO && !KEXEC && !HIBERNATION && !LEGACY_PTYS && !X86_X32_ABI && !MODIFY_LDT_SYSCALL && GCC_PLUGINS && !IOMMU_DEFAULT_DMA_LAZY && !IOMMU_DEFAULT_PASSTHROUGH && IOMMU_DEFAULT_DMA_STRICT && SECURITY && !ARCH_EPHEMERAL_INODES && RANDSTRUCT_PERFORMANCE ++ depends on GENTOO_LINUX && !SLAB_MERGE_DEFAULT && !SLUB_TINY && !COMPAT_BRK && !PROC_KCORE && !COMPAT_VDSO && !KEXEC && !HIBERNATION && !LEGACY_PTYS && !X86_X32_ABI && !MODIFY_LDT_SYSCALL && GCC_PLUGINS && !IOMMU_DEFAULT_DMA_LAZY && !IOMMU_DEFAULT_PASSTHROUGH && IOMMU_DEFAULT_DMA_STRICT && SECURITY + + select BUG + select STRICT_KERNEL_RWX ++ select DEBUG_VIRTUAL + select DEBUG_WX + select STACKPROTECTOR + select STACKPROTECTOR_STRONG @@ -199,7 +226,7 @@ + select DEBUG_NOTIFIERS + select DEBUG_LIST + select DEBUG_SG -+ select HARDENED_USERCOPY if HAVE_HARDENED_USERCOPY_ALLOCATOR=y ++ select HARDENED_USERCOPY + select KFENCE if HAVE_ARCH_KFENCE && (!SLAB || SLUB) + select PAGE_TABLE_CHECK if ARCH_SUPPORTS_PAGE_TABLE_CHECK=y && EXCLUSIVE_SYSTEM_RAM=y + select PAGE_TABLE_CHECK_ENFORCED if PAGE_TABLE_CHECK=y @@ -214,6 +241,7 @@ + select SECURITY_YAMA + select SLAB_FREELIST_RANDOM + select SLAB_FREELIST_HARDENED ++ select SLAB_BUCKETS + select SHUFFLE_PAGE_ALLOCATOR + select SLUB_DEBUG + select UBSAN @@ -230,10 +258,8 @@ + select SECURITY_DMESG_RESTRICT + select PANIC_ON_OOPS + select GCC_PLUGIN_LATENT_ENTROPY -+ select GCC_PLUGIN_STRUCTLEAK -+ select GCC_PLUGIN_STRUCTLEAK_BYREF_ALL -+ select GCC_PLUGIN_RANDSTRUCT -+ select GCC_PLUGIN_RANDSTRUCT_PERFORMANCE ++ select GCC_PLUGIN_RANDSTRUCT ++ select RANDSTRUCT_FULL + select ZERO_CALL_USED_REGS if CC_HAS_ZERO_CALL_USED_REGS + + help @@ -319,14 +345,11 @@ + See the settings that become available for more details and fine-tuning. + +endmenu - mm/Kconfig | 2 ++ - 1 file changed, 2 insertions(+) - diff --git a/mm/Kconfig b/mm/Kconfig -index 24c045b24..e13fc740c 100644 +index e443fe8cd..cefe9f0cf 100644 --- a/mm/Kconfig +++ b/mm/Kconfig -@@ -321,6 +321,8 @@ config KSM +@@ -753,6 +753,8 @@ config KSM config DEFAULT_MMAP_MIN_ADDR int "Low address space to protect from user allocation" depends on MMU @@ -336,4 +359,5 @@ index 24c045b24..e13fc740c 100644 help This is the portion of low virtual memory which should be protected -- -2.31.1 +2.51.0 +
