[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: a3ec10c25bc82f273551525a5bb07046ef38d76c Author: Anthony G. Basile gentoo org> AuthorDate: Fri Jun 7 14:14:16 2019 + Commit: Anthony G. Basile gentoo org> CommitDate: Fri Jun 7 14:14:36 2019 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=a3ec10c2 scripts/kernel-config: bump to 4.14.123 scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index c3e7bab..1dae980 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.113 Kernel Configuration +# Linux/x86 4.14.123 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: a5b186829d363bf501d70d30634b5265d08efede Author: Anthony G. Basile gentoo org> AuthorDate: Thu Jun 6 15:43:47 2019 + Commit: Anthony G. Basile gentoo org> CommitDate: Thu Jun 6 15:43:47 2019 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=a5b18682 scripts: 'unset CONFIGFILE' to avoid polution scripts/cycle.2.sh | 2 ++ scripts/cycle.3.sh | 2 ++ 2 files changed, 4 insertions(+) diff --git a/scripts/cycle.2.sh b/scripts/cycle.2.sh index ee7fc3a..d2daec3 100644 --- a/scripts/cycle.2.sh +++ b/scripts/cycle.2.sh @@ -4,6 +4,8 @@ source /etc/profile env-update emerge -b1q portage emerge -b1q app-portage/grs + +unset CONFIGFILE install-worldconf emerge -bevq --keep-going --verbose-conflicts --with-bdeps=y @world clean-worldconf diff --git a/scripts/cycle.3.sh b/scripts/cycle.3.sh index e106ecf..d1ac17e 100644 --- a/scripts/cycle.3.sh +++ b/scripts/cycle.3.sh @@ -2,6 +2,8 @@ source /etc/profile env-update + +unset CONFIGFILE install-worldconf emerge -buvNDq --keep-going --verbose-conflicts --with-bdeps=y @world clean-worldconf
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: bc055816e595e6101998c5095f52613b0852a7af Author: Anthony G. Basile gentoo org> AuthorDate: Wed Apr 24 01:37:18 2019 + Commit: Anthony G. Basile gentoo org> CommitDate: Wed Apr 24 01:37:18 2019 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=bc055816 Revert "scripts/kernel-config: switch to 4.19.27-gentoo-r1" This reverts commit bf1e3cbc99443ab365df92df6477d361ce861231. Fails to boot with a kernel panic. Signed-off-by: Anthony G. Basile gentoo.org> scripts/kernel-config | 2488 ++--- 1 file changed, 1129 insertions(+), 1359 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 482f937..c3e7bab 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,14 +1,48 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.19.27-gentoo-r1 Kernel Configuration +# Linux/x86 4.14.113 Kernel Configuration # - -# -# Compiler: gcc (Gentoo Hardened 8.2.0-r6 p1.7) 8.2.0 -# -CONFIG_CC_IS_GCC=y -CONFIG_GCC_VERSION=80200 -CONFIG_CLANG_VERSION=0 +CONFIG_64BIT=y +CONFIG_X86_64=y +CONFIG_X86=y +CONFIG_INSTRUCTION_DECODER=y +CONFIG_OUTPUT_FORMAT="elf64-x86-64" +CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" +CONFIG_LOCKDEP_SUPPORT=y +CONFIG_STACKTRACE_SUPPORT=y +CONFIG_MMU=y +CONFIG_ARCH_MMAP_RND_BITS_MIN=28 +CONFIG_ARCH_MMAP_RND_BITS_MAX=32 +CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 +CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_GENERIC_ISA_DMA=y +CONFIG_GENERIC_BUG=y +CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y +CONFIG_GENERIC_HWEIGHT=y +CONFIG_ARCH_MAY_HAVE_PC_FDC=y +CONFIG_RWSEM_XCHGADD_ALGORITHM=y +CONFIG_GENERIC_CALIBRATE_DELAY=y +CONFIG_ARCH_HAS_CPU_RELAX=y +CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_HAVE_SETUP_PER_CPU_AREA=y +CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y +CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y +CONFIG_ARCH_HIBERNATION_POSSIBLE=y +CONFIG_ARCH_SUSPEND_POSSIBLE=y +CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y +CONFIG_ARCH_WANT_GENERAL_HUGETLB=y +CONFIG_ZONE_DMA32=y +CONFIG_AUDIT_ARCH=y +CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y +CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y +CONFIG_HAVE_INTEL_TXT=y +CONFIG_X86_64_SMP=y +CONFIG_ARCH_SUPPORTS_UPROBES=y +CONFIG_FIX_EARLYCON_MEM=y +CONFIG_PGTABLE_LEVELS=4 +CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" CONFIG_IRQ_WORK=y CONFIG_BUILDTIME_EXTABLE_SORT=y CONFIG_THREAD_INFO_IN_TASK=y @@ -17,10 +51,10 @@ CONFIG_THREAD_INFO_IN_TASK=y # General setup # CONFIG_INIT_ENV_ARG_LIMIT=32 +CONFIG_CROSS_COMPILE="" # CONFIG_COMPILE_TEST is not set CONFIG_LOCALVERSION="" # CONFIG_LOCALVERSION_AUTO is not set -CONFIG_BUILD_SALT="" CONFIG_HAVE_KERNEL_GZIP=y CONFIG_HAVE_KERNEL_BZIP2=y CONFIG_HAVE_KERNEL_LZMA=y @@ -40,6 +74,7 @@ CONFIG_SYSVIPC_SYSCTL=y CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_CROSS_MEMORY_ATTACH=y +CONFIG_FHANDLE=y CONFIG_USELIB=y CONFIG_AUDIT=y CONFIG_HAVE_ARCH_AUDITSYSCALL=y @@ -61,8 +96,7 @@ CONFIG_IRQ_SIM=y CONFIG_IRQ_DOMAIN_HIERARCHY=y CONFIG_GENERIC_MSI_IRQ=y CONFIG_GENERIC_MSI_IRQ_DOMAIN=y -CONFIG_GENERIC_IRQ_MATRIX_ALLOCATOR=y -CONFIG_GENERIC_IRQ_RESERVATION_MODE=y +# CONFIG_IRQ_DOMAIN_DEBUG is not set CONFIG_IRQ_FORCED_THREADING=y CONFIG_SPARSE_IRQ=y # CONFIG_GENERIC_IRQ_DEBUGFS is not set @@ -85,9 +119,6 @@ CONFIG_NO_HZ_IDLE=y # CONFIG_NO_HZ_FULL is not set CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y -# CONFIG_PREEMPT_NONE is not set -CONFIG_PREEMPT_VOLUNTARY=y -# CONFIG_PREEMPT is not set # # CPU/Task time and stats accounting @@ -101,7 +132,6 @@ CONFIG_TASKSTATS=y CONFIG_TASK_DELAY_ACCT=y CONFIG_TASK_XACCT=y CONFIG_TASK_IO_ACCOUNTING=y -CONFIG_CPU_ISOLATION=y # # RCU Subsystem @@ -129,7 +159,6 @@ CONFIG_PAGE_COUNTER=y CONFIG_MEMCG=y CONFIG_MEMCG_SWAP=y # CONFIG_MEMCG_SWAP_ENABLED is not set -CONFIG_MEMCG_KMEM=y CONFIG_BLK_CGROUP=y # CONFIG_DEBUG_BLK_CGROUP is not set CONFIG_CGROUP_WRITEBACK=y @@ -149,13 +178,13 @@ CONFIG_CGROUP_PERF=y CONFIG_CGROUP_BPF=y # CONFIG_CGROUP_DEBUG is not set CONFIG_SOCK_CGROUP_DATA=y +CONFIG_CHECKPOINT_RESTORE=y CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y CONFIG_USER_NS=y CONFIG_PID_NS=y CONFIG_NET_NS=y -CONFIG_CHECKPOINT_RESTORE=y CONFIG_SCHED_AUTOGROUP=y # CONFIG_SYSFS_DEPRECATED is not set CONFIG_RELAY=y @@ -181,8 +210,11 @@ CONFIG_MULTIUSER=y CONFIG_SGETMASK_SYSCALL=y CONFIG_SYSFS_SYSCALL=y CONFIG_SYSCTL_SYSCALL=y -CONFIG_FHANDLE=y CONFIG_POSIX_TIMERS=y +CONFIG_KALLSYMS=y +CONFIG_KALLSYMS_ALL=y +CONFIG_KALLSYMS_ABSOLUTE_PERCPU=y +CONFIG_KALLSYMS_BASE_RELATIVE=y CONFIG_PRINTK=y CONFIG_PRINTK_NMI=y CONFIG_BUG=y @@ -195,20 +227,14 @@ CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y +CONFIG_BPF_SYSCALL=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_ADVISE_SYSCALLS=y -CONFIG_MEMBARRIER=y -CONFIG_KALLSYMS=y -CONFIG_KALLSYMS_ALL=y -CONFIG_KALLSYMS_ABSOLUTE_PERCPU=y -CONFIG_KALLSYMS_BASE_RELATIVE=y -CONFIG_BPF_SYS
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 4900c0a6d69de189772cda47d4ce702cb5be4f4a Author: Anthony G. Basile gentoo org> AuthorDate: Tue Apr 23 10:47:28 2019 + Commit: Anthony G. Basile gentoo org> CommitDate: Tue Apr 23 10:47:40 2019 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=4900c0a6 scripts/kernel-config: update to vanilla 4.14.113 Signed-off-by: Anthony G. Basile gentoo.org> scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 7963ce9..c3e7bab 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.112 Kernel Configuration +# Linux/x86 4.14.113 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 654c2d49cf0d6e753aa3e277ecf295d5797bb55c Author: Anthony G. Basile gentoo org> AuthorDate: Sun Apr 21 15:15:19 2019 + Commit: Anthony G. Basile gentoo org> CommitDate: Sun Apr 21 15:15:19 2019 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=654c2d49 scripts/kernel-config: update to vanilla 4.14.112 Signed-off-by: Anthony G. Basile gentoo.org> scripts/kernel-config | 32 ++-- 1 file changed, 10 insertions(+), 22 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 42900a3..7963ce9 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,20 +1,7 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.14-gentoo Kernel Configuration +# Linux/x86 4.14.112 Kernel Configuration # - -# -# Gentoo Linux -# -CONFIG_GENTOO_LINUX=y -CONFIG_GENTOO_LINUX_UDEV=y -CONFIG_GENTOO_LINUX_PORTAGE=y - -# -# Support for init systems, system and service managers -# -CONFIG_GENTOO_LINUX_INIT_SCRIPT=y -# CONFIG_GENTOO_LINUX_INIT_SYSTEMD is not set CONFIG_64BIT=y CONFIG_X86_64=y CONFIG_X86=y @@ -241,6 +228,7 @@ CONFIG_SIGNALFD=y CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_BPF_SYSCALL=y +CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_ADVISE_SYSCALLS=y @@ -272,6 +260,7 @@ CONFIG_PROFILING=y CONFIG_TRACEPOINTS=y CONFIG_CRASH_CORE=y CONFIG_KEXEC_CORE=y +CONFIG_HOTPLUG_SMT=y CONFIG_OPROFILE=m # CONFIG_OPROFILE_EVENT_MULTIPLEX is not set CONFIG_HAVE_OPROFILE=y @@ -311,6 +300,7 @@ CONFIG_HAVE_PERF_REGS=y CONFIG_HAVE_PERF_USER_STACK_DUMP=y CONFIG_HAVE_ARCH_JUMP_LABEL=y CONFIG_HAVE_RCU_TABLE_FREE=y +CONFIG_HAVE_RCU_TABLE_INVALIDATE=y CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y CONFIG_HAVE_CMPXCHG_LOCAL=y @@ -1380,6 +1370,9 @@ CONFIG_NF_CONNTRACK_IPV6=m CONFIG_NF_SOCKET_IPV6=m CONFIG_NF_TABLES_IPV6=m CONFIG_NFT_CHAIN_ROUTE_IPV6=m +CONFIG_NFT_CHAIN_NAT_IPV6=m +CONFIG_NFT_MASQ_IPV6=m +CONFIG_NFT_REDIR_IPV6=m CONFIG_NFT_REJECT_IPV6=m CONFIG_NFT_DUP_IPV6=m CONFIG_NFT_FIB_IPV6=m @@ -1387,10 +1380,7 @@ CONFIG_NF_DUP_IPV6=m CONFIG_NF_REJECT_IPV6=m CONFIG_NF_LOG_IPV6=m CONFIG_NF_NAT_IPV6=m -CONFIG_NFT_CHAIN_NAT_IPV6=m CONFIG_NF_NAT_MASQUERADE_IPV6=m -CONFIG_NFT_MASQ_IPV6=m -CONFIG_NFT_REDIR_IPV6=m CONFIG_IP6_NF_IPTABLES=m CONFIG_IP6_NF_MATCH_AH=m CONFIG_IP6_NF_MATCH_EUI64=m @@ -4000,7 +3990,7 @@ CONFIG_TCG_NSC=m CONFIG_TCG_ATMEL=m CONFIG_TCG_INFINEON=m CONFIG_TCG_XEN=m -CONFIG_TCG_CRB=m +CONFIG_TCG_CRB=y CONFIG_TCG_VTPM_PROXY=m CONFIG_TCG_TIS_ST33ZP24=m CONFIG_TCG_TIS_ST33ZP24_I2C=m @@ -7170,7 +7160,6 @@ CONFIG_SYNC_FILE=y CONFIG_SW_SYNC=y CONFIG_DCA=m CONFIG_AUXDISPLAY=y -CONFIG_CHARLCD=m CONFIG_HD44780=m CONFIG_KS0108=m CONFIG_KS0108_PORT=0x378 @@ -7182,6 +7171,7 @@ CONFIG_PANEL=m CONFIG_PANEL_PARPORT=0 CONFIG_PANEL_PROFILE=5 # CONFIG_PANEL_CHANGE_MESSAGE is not set +CONFIG_CHARLCD=m CONFIG_UIO=m CONFIG_UIO_CIF=m CONFIG_UIO_PDRV_GENIRQ=m @@ -8711,6 +8701,7 @@ CONFIG_CEPH_FS_POSIX_ACL=y CONFIG_CIFS=m CONFIG_CIFS_STATS=y # CONFIG_CIFS_STATS2 is not set +CONFIG_CIFS_ALLOW_INSECURE_LEGACY=y CONFIG_CIFS_WEAK_PW_HASH=y CONFIG_CIFS_UPCALL=y CONFIG_CIFS_XATTR=y @@ -8855,7 +8846,6 @@ CONFIG_MEMORY_NOTIFIER_ERROR_INJECT=m # CONFIG_DEBUG_PER_CPU_MAPS is not set CONFIG_HAVE_DEBUG_STACKOVERFLOW=y # CONFIG_DEBUG_STACKOVERFLOW is not set -CONFIG_HAVE_ARCH_KMEMCHECK=y CONFIG_HAVE_ARCH_KASAN=y # CONFIG_KASAN is not set CONFIG_ARCH_HAS_KCOV=y @@ -8960,7 +8950,6 @@ CONFIG_TRACER_SNAPSHOT=y # CONFIG_TRACER_SNAPSHOT_PER_CPU_SWAP is not set CONFIG_BRANCH_PROFILE_NONE=y # CONFIG_PROFILE_ANNOTATED_BRANCHES is not set -# CONFIG_PROFILE_ALL_BRANCHES is not set CONFIG_STACK_TRACER=y CONFIG_BLK_DEV_IO_TRACE=y CONFIG_KPROBE_EVENTS=y @@ -9288,7 +9277,6 @@ CONFIG_CRYPTO_DES3_EDE_X86_64=m CONFIG_CRYPTO_FCRYPT=m CONFIG_CRYPTO_KHAZAD=m CONFIG_CRYPTO_SALSA20=m -CONFIG_CRYPTO_SALSA20_X86_64=m CONFIG_CRYPTO_CHACHA20=m CONFIG_CRYPTO_CHACHA20_X86_64=m CONFIG_CRYPTO_SEED=m
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 5b357358502a79fbb1c51139e1636c2f07618886 Author: Anthony G. Basile gentoo org> AuthorDate: Fri Jan 19 00:03:52 2018 + Commit: Anthony G. Basile gentoo org> CommitDate: Fri Jan 19 00:04:25 2018 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=5b357358 kernel-config: switch to gentoo-sources, bump to 4.14.14 scripts/kernel-config | 28 ++-- 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 8ae9a21..42900a3 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,7 +1,20 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.8-vanilla Kernel Configuration +# Linux/x86 4.14.14-gentoo Kernel Configuration # + +# +# Gentoo Linux +# +CONFIG_GENTOO_LINUX=y +CONFIG_GENTOO_LINUX_UDEV=y +CONFIG_GENTOO_LINUX_PORTAGE=y + +# +# Support for init systems, system and service managers +# +CONFIG_GENTOO_LINUX_INIT_SCRIPT=y +# CONFIG_GENTOO_LINUX_INIT_SYSTEMD is not set CONFIG_64BIT=y CONFIG_X86_64=y CONFIG_X86=y @@ -347,6 +360,7 @@ CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y CONFIG_STRICT_KERNEL_RWX=y CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y CONFIG_STRICT_MODULE_RWX=y +CONFIG_ARCH_HAS_REFCOUNT=y # CONFIG_REFCOUNT_FULL is not set # @@ -462,6 +476,7 @@ CONFIG_X86_FAST_FEATURE_TESTS=y CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y # CONFIG_GOLDFISH is not set +CONFIG_RETPOLINE=y # CONFIG_INTEL_RDT is not set CONFIG_X86_EXTENDED_PLATFORM=y CONFIG_X86_NUMACHIP=y @@ -1908,6 +1923,7 @@ CONFIG_DEV_COREDUMP=y CONFIG_SYS_HYPERVISOR=y # CONFIG_GENERIC_CPU_DEVICES is not set CONFIG_GENERIC_CPU_AUTOPROBE=y +CONFIG_GENERIC_CPU_VULNERABILITIES=y CONFIG_REGMAP=y CONFIG_REGMAP_I2C=y CONFIG_REGMAP_SPI=y @@ -8810,8 +8826,7 @@ CONFIG_DEBUG_FS=y # CONFIG_HEADERS_CHECK is not set # CONFIG_DEBUG_SECTION_MISMATCH is not set CONFIG_SECTION_MISMATCH_WARN_ONLY=y -CONFIG_FRAME_POINTER=y -# CONFIG_STACK_VALIDATION is not set +CONFIG_STACK_VALIDATION=y # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set CONFIG_MAGIC_SYSRQ=y CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x01b6 @@ -9049,9 +9064,9 @@ CONFIG_OPTIMIZE_INLINING=y # CONFIG_DEBUG_NMI_SELFTEST is not set CONFIG_X86_DEBUG_FPU=y CONFIG_PUNIT_ATOM_DEBUG=m -CONFIG_FRAME_POINTER_UNWINDER=y -# CONFIG_ORC_UNWINDER is not set -# CONFIG_GUESS_UNWINDER is not set +CONFIG_UNWINDER_ORC=y +# CONFIG_UNWINDER_FRAME_POINTER is not set +# CONFIG_UNWINDER_GUESS is not set # # Security options @@ -9068,6 +9083,7 @@ CONFIG_SECURITY=y # CONFIG_SECURITY_WRITABLE_HOOKS is not set CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y +CONFIG_PAGE_TABLE_ISOLATION=y CONFIG_SECURITY_INFINIBAND=y CONFIG_SECURITY_NETWORK_XFRM=y CONFIG_SECURITY_PATH=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/, /
commit: 35032324852c10a521b9c1b2e8e0b871729675ec Author: Anthony G. Basile gentoo org> AuthorDate: Sat Dec 23 17:35:33 2017 + Commit: Anthony G. Basile gentoo org> CommitDate: Sat Dec 23 17:35:53 2017 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=35032324 build: use new syntax for kernel directive build | 4 ++-- scripts/kernel-config | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/build b/build index 3303986..10271f2 100644 --- a/build +++ b/build @@ -29,7 +29,7 @@ runscript initrc.sh runscript passwd.sh runscript clean.sh unmount -kernel +kernel x86_64 log stamp log Tar+Hash @@ -46,7 +46,7 @@ hashit +populate 4 +runscript cycle.3.sh +unmount -+kernel ++kernel x86_64 + +log stamp +log END diff --git a/scripts/kernel-config b/scripts/kernel-config index 679b07c..8ae9a21 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.4-vanilla Kernel Configuration +# Linux/x86 4.14.8-vanilla Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 9ff9d25681d4892e19b0bffab0ce8a8c24819f2a Author: Anthony G. Basile gentoo org> AuthorDate: Wed Dec 6 19:31:49 2017 + Commit: Anthony G. Basile gentoo org> CommitDate: Wed Dec 6 19:32:56 2017 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=9ff9d256 kernel-config: bump to 4.14.4 scripts/kernel-config | 321 +++--- 1 file changed, 199 insertions(+), 122 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 2fea922..679b07c 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.13.14-vanilla Kernel Configuration +# Linux/x86 4.14.4-vanilla Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -92,6 +92,7 @@ CONFIG_GENERIC_PENDING_IRQ=y CONFIG_GENERIC_IRQ_MIGRATION=y CONFIG_GENERIC_IRQ_CHIP=y CONFIG_IRQ_DOMAIN=y +CONFIG_IRQ_SIM=y CONFIG_IRQ_DOMAIN_HIERARCHY=y CONFIG_GENERIC_MSI_IRQ=y CONFIG_GENERIC_MSI_IRQ_DOMAIN=y @@ -221,6 +222,7 @@ CONFIG_ELF_CORE=y CONFIG_PCSPKR_PLATFORM=y CONFIG_BASE_FULL=y CONFIG_FUTEX=y +CONFIG_FUTEX_PI=y CONFIG_EPOLL=y CONFIG_SIGNALFD=y CONFIG_TIMERFD=y @@ -250,6 +252,7 @@ CONFIG_SLUB=y # CONFIG_SLOB is not set CONFIG_SLAB_MERGE_DEFAULT=y CONFIG_SLAB_FREELIST_RANDOM=y +CONFIG_SLAB_FREELIST_HARDENED=y CONFIG_SLUB_CPU_PARTIAL=y CONFIG_SYSTEM_DATA_VERIFICATION=y CONFIG_PROFILING=y @@ -294,6 +297,7 @@ CONFIG_HAVE_HARDLOCKUP_DETECTOR_PERF=y CONFIG_HAVE_PERF_REGS=y CONFIG_HAVE_PERF_USER_STACK_DUMP=y CONFIG_HAVE_ARCH_JUMP_LABEL=y +CONFIG_HAVE_RCU_TABLE_FREE=y CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y CONFIG_HAVE_CMPXCHG_LOCAL=y @@ -318,6 +322,7 @@ CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD=y CONFIG_HAVE_ARCH_HUGE_VMAP=y CONFIG_HAVE_ARCH_SOFT_DIRTY=y +CONFIG_HAVE_MOD_ARCH_SPECIFIC=y CONFIG_MODULES_USE_ELF_RELA=y CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y CONFIG_ARCH_HAS_ELF_RANDOMIZE=y @@ -412,6 +417,7 @@ CONFIG_CMDLINE_PARTITION=y CONFIG_BLOCK_COMPAT=y CONFIG_BLK_MQ_PCI=y CONFIG_BLK_MQ_VIRTIO=y +CONFIG_BLK_MQ_RDMA=y # # IO Schedulers @@ -456,7 +462,7 @@ CONFIG_X86_FAST_FEATURE_TESTS=y CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y # CONFIG_GOLDFISH is not set -# CONFIG_INTEL_RDT_A is not set +# CONFIG_INTEL_RDT is not set CONFIG_X86_EXTENDED_PLATFORM=y CONFIG_X86_NUMACHIP=y # CONFIG_X86_VSMP is not set @@ -550,9 +556,14 @@ CONFIG_MICROCODE_AMD=y CONFIG_MICROCODE_OLD_INTERFACE=y CONFIG_X86_MSR=m CONFIG_X86_CPUID=m +# CONFIG_X86_5LEVEL is not set CONFIG_ARCH_PHYS_ADDR_T_64BIT=y CONFIG_ARCH_DMA_ADDR_T_64BIT=y CONFIG_X86_DIRECT_GBPAGES=y +CONFIG_ARCH_HAS_MEM_ENCRYPT=y +CONFIG_AMD_MEM_ENCRYPT=y +CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT=y +CONFIG_ARCH_USE_MEMREMAP_PROT=y CONFIG_NUMA=y CONFIG_AMD_NUMA=y CONFIG_X86_64_ACPI_NUMA=y @@ -591,6 +602,7 @@ CONFIG_BALLOON_COMPACTION=y CONFIG_COMPACTION=y CONFIG_MIGRATION=y CONFIG_ARCH_ENABLE_HUGEPAGE_MIGRATION=y +CONFIG_ARCH_ENABLE_THP_MIGRATION=y CONFIG_PHYS_ADDR_T_64BIT=y CONFIG_BOUNCE=y CONFIG_VIRT_TO_BUS=y @@ -626,6 +638,10 @@ CONFIG_ARCH_SUPPORTS_DEFERRED_STRUCT_PAGE_INIT=y CONFIG_IDLE_PAGE_TRACKING=y CONFIG_ARCH_HAS_ZONE_DEVICE=y CONFIG_ZONE_DEVICE=y +CONFIG_ARCH_HAS_HMM=y +# CONFIG_HMM_MIRROR is not set +# CONFIG_DEVICE_PRIVATE is not set +# CONFIG_DEVICE_PUBLIC is not set CONFIG_FRAME_VECTOR=y CONFIG_ARCH_USES_HIGH_VMA_FLAGS=y CONFIG_ARCH_HAS_PKEYS=y @@ -679,6 +695,7 @@ CONFIG_LEGACY_VSYSCALL_EMULATE=y CONFIG_MODIFY_LDT_SYSCALL=y CONFIG_HAVE_LIVEPATCH=y CONFIG_LIVEPATCH=y +CONFIG_ARCH_HAS_ADD_PAGES=y CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y CONFIG_ARCH_ENABLE_MEMORY_HOTREMOVE=y CONFIG_USE_PERCPU_NUMA_NODE_ID=y @@ -707,6 +724,7 @@ CONFIG_PM_SLEEP_DEBUG=y # CONFIG_DPM_WATCHDOG is not set CONFIG_PM_TRACE=y CONFIG_PM_TRACE_RTC=y +CONFIG_PM_OPP=y CONFIG_PM_CLK=y CONFIG_PM_GENERIC_DOMAINS=y CONFIG_WQ_POWER_EFFICIENT_DEFAULT=y @@ -1054,14 +1072,12 @@ CONFIG_IPV6_MROUTE=y CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y CONFIG_IPV6_PIMSM_V2=y CONFIG_IPV6_SEG6_LWTUNNEL=y -CONFIG_IPV6_SEG6_INLINE=y CONFIG_IPV6_SEG6_HMAC=y CONFIG_NETLABEL=y CONFIG_NETWORK_SECMARK=y CONFIG_NET_PTP_CLASSIFY=y # CONFIG_NETWORK_PHY_TIMESTAMPING is not set CONFIG_NETFILTER=y -# CONFIG_NETFILTER_DEBUG is not set CONFIG_NETFILTER_ADVANCED=y CONFIG_BRIDGE_NETFILTER=m @@ -1144,6 +1160,7 @@ CONFIG_NFT_FIB_INET=m CONFIG_NF_DUP_NETDEV=m CONFIG_NFT_DUP_NETDEV=m CONFIG_NFT_FWD_NETDEV=m +CONFIG_NFT_FIB_NETDEV=m CONFIG_NETFILTER_XTABLES=m # @@ -1598,11 +1615,13 @@ CONFIG_VSOCKETS=m CONFIG_VMWARE_VMCI_VSOCKETS=m CONFIG_VIRTIO_VSOCKETS=m CONFIG_VIRTIO_VSOCKETS_COMMON=m +CONFIG_HYPERV_VSOCKETS=m CONFIG_NETLINK_DIAG=m CONFIG_MPLS=y CONFIG_NET_MPLS_GSO=m CONFIG_MPLS_ROUTING=m CONFIG_MPLS_IPTUNNEL=m +CONFIG_NET_NSH=m CONFIG_HSR=m CONFIG_NET_SWITCHDEV=y CONFIG_NET_L3_MASTER_DEV=y @@ -1615,6 +1634,7 @@ CONFIG_CGROUP_NET_CLASSID=y CONFIG_NET_RX_BUSY
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 42e0304fb6315ef1434856f0f75c7945edd7465a Author: Anthony G. Basile gentoo org> AuthorDate: Mon Nov 20 12:35:38 2017 + Commit: Anthony G. Basile gentoo org> CommitDate: Mon Nov 20 12:35:38 2017 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=42e0304f kernel-config: bump to 4.13.14 scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 6cf6ee0..2fea922 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.13.13-vanilla Kernel Configuration +# Linux/x86 4.13.14-vanilla Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: d235287329b5cd188b7498fdd9c4123f4c08500a Author: Anthony G. Basile gentoo org> AuthorDate: Mon Nov 20 12:34:25 2017 + Commit: Anthony G. Basile gentoo org> CommitDate: Mon Nov 20 12:34:25 2017 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=d2352873 kernel-config: bump to 4.13.13 scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 605d1e6..6cf6ee0 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.13.12-vanilla Kernel Configuration +# Linux/x86 4.13.13-vanilla Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: e8a8c6a73e81992af22924b4c153854b9891eb85 Author: Anthony G. Basile gentoo org> AuthorDate: Mon Nov 13 23:17:40 2017 + Commit: Anthony G. Basile gentoo org> CommitDate: Mon Nov 13 23:17:40 2017 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=e8a8c6a7 kernel-config: bump to 4.13.12 scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 92c7c24..605d1e6 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.13.10-vanilla Kernel Configuration +# Linux/x86 4.13.12-vanilla Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 0180803189b0ddea6b3bf34dfa44589ff65447aa Author: Anthony G. Basile gentoo org> AuthorDate: Sat Oct 28 14:35:33 2017 + Commit: Anthony G. Basile gentoo org> CommitDate: Sat Oct 28 14:35:33 2017 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=01808031 scripts/cycle.3.sh: emerge @preserved-rebuild after depclean, not before scripts/cycle.3.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/cycle.3.sh b/scripts/cycle.3.sh index 41640ae..e106ecf 100644 --- a/scripts/cycle.3.sh +++ b/scripts/cycle.3.sh @@ -5,5 +5,5 @@ env-update install-worldconf emerge -buvNDq --keep-going --verbose-conflicts --with-bdeps=y @world clean-worldconf -emerge -bq --keep-going @preserved-rebuild emerge --depclean +emerge -bq --keep-going @preserved-rebuild
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: f8ecbe1760e895a85607cd8b03a2a4096a6b1f26 Author: Anthony G. Basile gentoo org> AuthorDate: Sat Oct 28 14:08:13 2017 + Commit: Anthony G. Basile gentoo org> CommitDate: Sat Oct 28 14:08:13 2017 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=f8ecbe17 kernel-config: update to 4.13.10 scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index ba7d2cd..92c7c24 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.13.8-vanilla Kernel Configuration +# Linux/x86 4.13.10-vanilla Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: dd42af4b49a7b56598f2b0fd2e79a3f591a6fb36 Author: Anthony G. Basile gentoo org> AuthorDate: Fri Oct 27 00:46:39 2017 + Commit: Anthony G. Basile gentoo org> CommitDate: Fri Oct 27 00:46:43 2017 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=dd42af4b kernel-config: correct the source version scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 5b46a42..ba7d2cd 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.13.8 Kernel Configuration +# Linux/x86 4.13.8-vanilla Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 11acf4db0322983bf02d3b6f79221995cb3d7fa5 Author: Anthony G. Basile gentoo org> AuthorDate: Tue Oct 25 14:19:55 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Tue Oct 25 14:19:55 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=11acf4db kernel-config: bump to 4.7.10 scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 83d2325..5985a28 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.7.9-hardened Kernel Configuration +# Linux/x86 4.7.10-hardened Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: ce57bf74f007c099030c6d9a6c04f4a92035355c Author: Anthony G. Basile gentoo org> AuthorDate: Fri Oct 21 06:28:47 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Fri Oct 21 06:29:18 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=ce57bf74 kernel-config: bump to 4.7.9 scripts/kernel-config | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 03982a7..83d2325 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.7.6-hardened Kernel Configuration +# Linux/x86 4.7.9-hardened Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -589,8 +589,6 @@ CONFIG_KEXEC_BZIMAGE_VERIFY_SIG=y CONFIG_CRASH_DUMP=y CONFIG_PHYSICAL_START=0x100 CONFIG_RELOCATABLE=y -CONFIG_RANDOMIZE_BASE=y -CONFIG_X86_NEED_RELOCS=y CONFIG_PHYSICAL_ALIGN=0x100 CONFIG_HOTPLUG_CPU=y # CONFIG_BOOTPARAM_HOTPLUG_CPU0 is not set @@ -8329,6 +8327,8 @@ CONFIG_PAX_REFCOUNT=y CONFIG_PAX_USERCOPY=y # CONFIG_PAX_USERCOPY_DEBUG is not set CONFIG_PAX_SIZE_OVERFLOW=y +CONFIG_PAX_SIZE_OVERFLOW_EXTRA=y +CONFIG_HAVE_PAX_INITIFY_INIT_EXIT=y CONFIG_PAX_LATENT_ENTROPY=y CONFIG_PAX_RAP=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: efa03906e91ae67e0b1b6c7a4dde3cf56bfd3022 Author: Anthony G. Basile gentoo org> AuthorDate: Sat Oct 15 13:41:37 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Sat Oct 15 13:42:27 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=efa03906 kernel-config: bump to 4.7.6 scripts/kernel-config | 769 -- 1 file changed, 551 insertions(+), 218 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 698cb7b..03982a7 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,18 +1,20 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.4.8-hardened-r1 Kernel Configuration +# Linux/x86 4.7.6-hardened Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y CONFIG_X86=y CONFIG_INSTRUCTION_DECODER=y -CONFIG_PERF_EVENTS_INTEL_UNCORE=y CONFIG_OUTPUT_FORMAT="elf64-x86-64" CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" CONFIG_LOCKDEP_SUPPORT=y CONFIG_STACKTRACE_SUPPORT=y -CONFIG_HAVE_LATENCYTOP_SUPPORT=y CONFIG_MMU=y +CONFIG_ARCH_MMAP_RND_BITS_MIN=28 +CONFIG_ARCH_MMAP_RND_BITS_MAX=32 +CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 +CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 CONFIG_NEED_DMA_MAP_STATE=y CONFIG_NEED_SG_DMA_LENGTH=y CONFIG_GENERIC_ISA_DMA=y @@ -40,6 +42,7 @@ CONFIG_X86_64_SMP=y CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" CONFIG_ARCH_SUPPORTS_UPROBES=y CONFIG_FIX_EARLYCON_MEM=y +CONFIG_DEBUG_RODATA=y CONFIG_PGTABLE_LEVELS=4 CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" CONFIG_IRQ_WORK=y @@ -131,7 +134,7 @@ CONFIG_TASK_IO_ACCOUNTING=y CONFIG_TREE_RCU=y # CONFIG_RCU_EXPERT is not set CONFIG_SRCU=y -# CONFIG_TASKS_RCU is not set +CONFIG_TASKS_RCU=y CONFIG_RCU_STALL_COMMON=y # CONFIG_RCU_EXPEDITE_BOOT is not set CONFIG_BUILD_BIN2C=y @@ -139,33 +142,33 @@ CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 +CONFIG_NMI_LOG_BUF_SHIFT=13 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_CGROUPS=y -# CONFIG_CGROUP_DEBUG is not set -CONFIG_CGROUP_FREEZER=y -CONFIG_CGROUP_PIDS=y -CONFIG_CGROUP_DEVICE=y -CONFIG_CPUSETS=y -CONFIG_PROC_PID_CPUSET=y -CONFIG_CGROUP_CPUACCT=y CONFIG_PAGE_COUNTER=y CONFIG_MEMCG=y CONFIG_MEMCG_SWAP=y # CONFIG_MEMCG_SWAP_ENABLED is not set -CONFIG_MEMCG_KMEM=y -CONFIG_CGROUP_HUGETLB=y -CONFIG_CGROUP_PERF=y +CONFIG_BLK_CGROUP=y +# CONFIG_DEBUG_BLK_CGROUP is not set +CONFIG_CGROUP_WRITEBACK=y CONFIG_CGROUP_SCHED=y CONFIG_FAIR_GROUP_SCHED=y CONFIG_CFS_BANDWIDTH=y # CONFIG_RT_GROUP_SCHED is not set -CONFIG_BLK_CGROUP=y -# CONFIG_DEBUG_BLK_CGROUP is not set -CONFIG_CGROUP_WRITEBACK=y +CONFIG_CGROUP_PIDS=y +CONFIG_CGROUP_FREEZER=y +CONFIG_CGROUP_HUGETLB=y +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_DEVICE=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_CGROUP_PERF=y +# CONFIG_CGROUP_DEBUG is not set CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y @@ -183,6 +186,7 @@ CONFIG_RD_LZMA=y CONFIG_RD_XZ=y CONFIG_RD_LZO=y CONFIG_RD_LZ4=y +CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set CONFIG_SYSCTL=y CONFIG_ANON_INODES=y @@ -198,7 +202,10 @@ CONFIG_SYSFS_SYSCALL=y CONFIG_SYSCTL_SYSCALL=y CONFIG_KALLSYMS=y CONFIG_KALLSYMS_ALL=y +CONFIG_KALLSYMS_ABSOLUTE_PERCPU=y +CONFIG_KALLSYMS_BASE_RELATIVE=y CONFIG_PRINTK=y +CONFIG_PRINTK_NMI=y CONFIG_BUG=y CONFIG_ELF_CORE=y CONFIG_PCSPKR_PLATFORM=y @@ -212,7 +219,6 @@ CONFIG_BPF_SYSCALL=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_ADVISE_SYSCALLS=y -CONFIG_USERFAULTFD=y CONFIG_PCI_QUIRKS=y CONFIG_MEMBARRIER=y # CONFIG_EMBEDDED is not set @@ -252,8 +258,8 @@ CONFIG_HAVE_KPROBES=y CONFIG_HAVE_KRETPROBES=y CONFIG_HAVE_OPTPROBES=y CONFIG_HAVE_KPROBES_ON_FTRACE=y +CONFIG_HAVE_NMI=y CONFIG_HAVE_ARCH_TRACEHOOK=y -CONFIG_HAVE_DMA_ATTRS=y CONFIG_HAVE_DMA_CONTIGUOUS=y CONFIG_GENERIC_SMP_IDLE_THREAD=y CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y @@ -274,6 +280,8 @@ CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION=y CONFIG_ARCH_WANT_OLD_COMPAT_IPC=y CONFIG_HAVE_ARCH_SECCOMP_FILTER=y CONFIG_SECCOMP_FILTER=y +CONFIG_HAVE_GCC_PLUGINS=y +CONFIG_GCC_PLUGINS=y CONFIG_HAVE_CC_STACKPROTECTOR=y CONFIG_CC_STACKPROTECTOR=y # CONFIG_CC_STACKPROTECTOR_NONE is not set @@ -288,9 +296,18 @@ CONFIG_HAVE_ARCH_SOFT_DIRTY=y CONFIG_MODULES_USE_ELF_RELA=y CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y CONFIG_ARCH_HAS_ELF_RANDOMIZE=y +CONFIG_HAVE_ARCH_MMAP_RND_BITS=y +CONFIG_HAVE_EXIT_THREAD=y +CONFIG_ARCH_MMAP_RND_BITS=28 +CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=y +CONFIG_ARCH_MMAP_RND_COMPAT_BITS=8 CONFIG_HAVE_COPY_THREAD_TLS=y +CONFIG_HAVE_STACK_VALIDATION=y +# CONFIG_HAVE_ARCH_HASH is not set +CONFIG_ISA_BUS_API=y CONFIG_OLD_SIGSUSPEND3=y CONFIG_COMPAT_OLD_S
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: a8bb523974823a1db1e1cec8d276b96e28850469 Author: Anthony G. Basile gentoo org> AuthorDate: Mon Jun 27 09:09:59 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Mon Jun 27 09:10:19 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=a8bb5239 kernel-config: bump to 4.4.8-r1 scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 1a03a1e..698cb7b 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.4.2-hardened Kernel Configuration +# Linux/x86 4.4.8-hardened-r1 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: c0306c742264ea86a5086c22bc604ca7f3a5b5eb Author: Anthony G. Basile gentoo org> AuthorDate: Sat May 28 10:40:06 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Sat May 28 10:42:22 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=c0306c74 Revert "kernel-config: bump to 4.5.5-r1" This reverts commit f24037156bb6637a68db7959cff1eb8e507cbb05. 4.5.5-r1 is broken on VirtualBox and possibly elsewhere. scripts/kernel-config | 348 -- 1 file changed, 113 insertions(+), 235 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 9d6a38b..1a03a1e 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.5.5-hardened-r1 Kernel Configuration +# Linux/x86 4.4.2-hardened Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -11,11 +11,8 @@ CONFIG_OUTPUT_FORMAT="elf64-x86-64" CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" CONFIG_LOCKDEP_SUPPORT=y CONFIG_STACKTRACE_SUPPORT=y +CONFIG_HAVE_LATENCYTOP_SUPPORT=y CONFIG_MMU=y -CONFIG_ARCH_MMAP_RND_BITS_MIN=28 -CONFIG_ARCH_MMAP_RND_BITS_MAX=32 -CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 -CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 CONFIG_NEED_DMA_MAP_STATE=y CONFIG_NEED_SG_DMA_LENGTH=y CONFIG_GENERIC_ISA_DMA=y @@ -138,7 +135,8 @@ CONFIG_SRCU=y CONFIG_RCU_STALL_COMMON=y # CONFIG_RCU_EXPEDITE_BOOT is not set CONFIG_BUILD_BIN2C=y -# CONFIG_IKCONFIG is not set +CONFIG_IKCONFIG=y +CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y @@ -147,26 +145,27 @@ CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_CGROUPS=y +# CONFIG_CGROUP_DEBUG is not set +CONFIG_CGROUP_FREEZER=y +CONFIG_CGROUP_PIDS=y +CONFIG_CGROUP_DEVICE=y +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_CPUACCT=y CONFIG_PAGE_COUNTER=y CONFIG_MEMCG=y CONFIG_MEMCG_SWAP=y # CONFIG_MEMCG_SWAP_ENABLED is not set -CONFIG_BLK_CGROUP=y -# CONFIG_DEBUG_BLK_CGROUP is not set -CONFIG_CGROUP_WRITEBACK=y +CONFIG_MEMCG_KMEM=y +CONFIG_CGROUP_HUGETLB=y +CONFIG_CGROUP_PERF=y CONFIG_CGROUP_SCHED=y CONFIG_FAIR_GROUP_SCHED=y CONFIG_CFS_BANDWIDTH=y # CONFIG_RT_GROUP_SCHED is not set -CONFIG_CGROUP_PIDS=y -CONFIG_CGROUP_FREEZER=y -CONFIG_CGROUP_HUGETLB=y -CONFIG_CPUSETS=y -CONFIG_PROC_PID_CPUSET=y -CONFIG_CGROUP_DEVICE=y -CONFIG_CGROUP_CPUACCT=y -CONFIG_CGROUP_PERF=y -# CONFIG_CGROUP_DEBUG is not set +CONFIG_BLK_CGROUP=y +# CONFIG_DEBUG_BLK_CGROUP is not set +CONFIG_CGROUP_WRITEBACK=y CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y @@ -254,6 +253,7 @@ CONFIG_HAVE_KRETPROBES=y CONFIG_HAVE_OPTPROBES=y CONFIG_HAVE_KPROBES_ON_FTRACE=y CONFIG_HAVE_ARCH_TRACEHOOK=y +CONFIG_HAVE_DMA_ATTRS=y CONFIG_HAVE_DMA_CONTIGUOUS=y CONFIG_GENERIC_SMP_IDLE_THREAD=y CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y @@ -288,10 +288,6 @@ CONFIG_HAVE_ARCH_SOFT_DIRTY=y CONFIG_MODULES_USE_ELF_RELA=y CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y CONFIG_ARCH_HAS_ELF_RANDOMIZE=y -CONFIG_HAVE_ARCH_MMAP_RND_BITS=y -CONFIG_ARCH_MMAP_RND_BITS=28 -CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=y -CONFIG_ARCH_MMAP_RND_COMPAT_BITS=8 CONFIG_HAVE_COPY_THREAD_TLS=y CONFIG_OLD_SIGSUSPEND3=y CONFIG_COMPAT_OLD_SIGACTION=y @@ -389,7 +385,6 @@ CONFIG_FREEZER=y CONFIG_ZONE_DMA=y CONFIG_SMP=y CONFIG_X86_FEATURE_NAMES=y -CONFIG_X86_FAST_FEATURE_TESTS=y CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y CONFIG_X86_EXTENDED_PLATFORM=y @@ -397,7 +392,6 @@ CONFIG_X86_NUMACHIP=y # CONFIG_X86_VSMP is not set # CONFIG_X86_UV is not set # CONFIG_X86_GOLDFISH is not set -# CONFIG_X86_INTEL_MID is not set CONFIG_X86_INTEL_LPSS=y CONFIG_X86_AMD_PLATFORM_DEVICE=y CONFIG_IOSF_MBI=y @@ -468,6 +462,7 @@ CONFIG_X86_MSR=m CONFIG_X86_CPUID=m CONFIG_ARCH_PHYS_ADDR_T_64BIT=y CONFIG_ARCH_DMA_ADDR_T_64BIT=y +CONFIG_X86_DIRECT_GBPAGES=y CONFIG_NUMA=y CONFIG_AMD_NUMA=y CONFIG_X86_64_ACPI_NUMA=y @@ -572,7 +567,7 @@ CONFIG_LEGACY_VSYSCALL_EMULATE=y # CONFIG_LEGACY_VSYSCALL_NONE is not set # CONFIG_CMDLINE_BOOL is not set CONFIG_MODIFY_LDT_SYSCALL=y -# CONFIG_DEFAULT_MODIFY_LDT_SYSCALL is not set +CONFIG_DEFAULT_MODIFY_LDT_SYSCALL=y CONFIG_HAVE_LIVEPATCH=y CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y CONFIG_ARCH_ENABLE_MEMORY_HOTREMOVE=y @@ -798,11 +793,9 @@ CONFIG_SYSVIPC_COMPAT=y CONFIG_KEYS_COMPAT=y CONFIG_X86_DEV_DMA_OPS=y CONFIG_PMC_ATOM=y -CONFIG_VMD=m CONFIG_NET=y CONFIG_COMPAT_NETLINK_MESSAGES=y CONFIG_NET_INGRESS=y -CONFIG_NET_EGRESS=y # # Networking options @@ -828,7 +821,10 @@ CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y CONFIG_IP_ROUTE_CLASSID=y -# CONFIG_IP_PNP is not set +CONFIG_IP_PNP=y +CONFIG_IP_PNP_DHCP=y +# CONFIG_IP_PNP_BOOTP is not set +# CONFIG_IP_PNP_RARP is not set CONFIG_NET_IPIP=m CONFIG_NET_IPGRE_DEMUX=m CONFIG_NET_IP_TUNNEL=m @@ -855,7 +851,6 @@ CONFIG_INET_LRO=
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: ae7264bfda97e7464bed0ab0c75690819c203613 Author: Anthony G. Basile gentoo org> AuthorDate: Thu May 26 22:50:42 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Thu May 26 22:50:42 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=ae7264bf kernel-config: bump to 4.5.5-r1 scripts/kernel-config | 348 ++ 1 file changed, 235 insertions(+), 113 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 1a03a1e..9d6a38b 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.4.2-hardened Kernel Configuration +# Linux/x86 4.5.5-hardened-r1 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -11,8 +11,11 @@ CONFIG_OUTPUT_FORMAT="elf64-x86-64" CONFIG_ARCH_DEFCONFIG="arch/x86/configs/x86_64_defconfig" CONFIG_LOCKDEP_SUPPORT=y CONFIG_STACKTRACE_SUPPORT=y -CONFIG_HAVE_LATENCYTOP_SUPPORT=y CONFIG_MMU=y +CONFIG_ARCH_MMAP_RND_BITS_MIN=28 +CONFIG_ARCH_MMAP_RND_BITS_MAX=32 +CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 +CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 CONFIG_NEED_DMA_MAP_STATE=y CONFIG_NEED_SG_DMA_LENGTH=y CONFIG_GENERIC_ISA_DMA=y @@ -135,8 +138,7 @@ CONFIG_SRCU=y CONFIG_RCU_STALL_COMMON=y # CONFIG_RCU_EXPEDITE_BOOT is not set CONFIG_BUILD_BIN2C=y -CONFIG_IKCONFIG=y -CONFIG_IKCONFIG_PROC=y +# CONFIG_IKCONFIG is not set CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y @@ -145,27 +147,26 @@ CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_CGROUPS=y -# CONFIG_CGROUP_DEBUG is not set -CONFIG_CGROUP_FREEZER=y -CONFIG_CGROUP_PIDS=y -CONFIG_CGROUP_DEVICE=y -CONFIG_CPUSETS=y -CONFIG_PROC_PID_CPUSET=y -CONFIG_CGROUP_CPUACCT=y CONFIG_PAGE_COUNTER=y CONFIG_MEMCG=y CONFIG_MEMCG_SWAP=y # CONFIG_MEMCG_SWAP_ENABLED is not set -CONFIG_MEMCG_KMEM=y -CONFIG_CGROUP_HUGETLB=y -CONFIG_CGROUP_PERF=y +CONFIG_BLK_CGROUP=y +# CONFIG_DEBUG_BLK_CGROUP is not set +CONFIG_CGROUP_WRITEBACK=y CONFIG_CGROUP_SCHED=y CONFIG_FAIR_GROUP_SCHED=y CONFIG_CFS_BANDWIDTH=y # CONFIG_RT_GROUP_SCHED is not set -CONFIG_BLK_CGROUP=y -# CONFIG_DEBUG_BLK_CGROUP is not set -CONFIG_CGROUP_WRITEBACK=y +CONFIG_CGROUP_PIDS=y +CONFIG_CGROUP_FREEZER=y +CONFIG_CGROUP_HUGETLB=y +CONFIG_CPUSETS=y +CONFIG_PROC_PID_CPUSET=y +CONFIG_CGROUP_DEVICE=y +CONFIG_CGROUP_CPUACCT=y +CONFIG_CGROUP_PERF=y +# CONFIG_CGROUP_DEBUG is not set CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y @@ -253,7 +254,6 @@ CONFIG_HAVE_KRETPROBES=y CONFIG_HAVE_OPTPROBES=y CONFIG_HAVE_KPROBES_ON_FTRACE=y CONFIG_HAVE_ARCH_TRACEHOOK=y -CONFIG_HAVE_DMA_ATTRS=y CONFIG_HAVE_DMA_CONTIGUOUS=y CONFIG_GENERIC_SMP_IDLE_THREAD=y CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y @@ -288,6 +288,10 @@ CONFIG_HAVE_ARCH_SOFT_DIRTY=y CONFIG_MODULES_USE_ELF_RELA=y CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y CONFIG_ARCH_HAS_ELF_RANDOMIZE=y +CONFIG_HAVE_ARCH_MMAP_RND_BITS=y +CONFIG_ARCH_MMAP_RND_BITS=28 +CONFIG_HAVE_ARCH_MMAP_RND_COMPAT_BITS=y +CONFIG_ARCH_MMAP_RND_COMPAT_BITS=8 CONFIG_HAVE_COPY_THREAD_TLS=y CONFIG_OLD_SIGSUSPEND3=y CONFIG_COMPAT_OLD_SIGACTION=y @@ -385,6 +389,7 @@ CONFIG_FREEZER=y CONFIG_ZONE_DMA=y CONFIG_SMP=y CONFIG_X86_FEATURE_NAMES=y +CONFIG_X86_FAST_FEATURE_TESTS=y CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y CONFIG_X86_EXTENDED_PLATFORM=y @@ -392,6 +397,7 @@ CONFIG_X86_NUMACHIP=y # CONFIG_X86_VSMP is not set # CONFIG_X86_UV is not set # CONFIG_X86_GOLDFISH is not set +# CONFIG_X86_INTEL_MID is not set CONFIG_X86_INTEL_LPSS=y CONFIG_X86_AMD_PLATFORM_DEVICE=y CONFIG_IOSF_MBI=y @@ -462,7 +468,6 @@ CONFIG_X86_MSR=m CONFIG_X86_CPUID=m CONFIG_ARCH_PHYS_ADDR_T_64BIT=y CONFIG_ARCH_DMA_ADDR_T_64BIT=y -CONFIG_X86_DIRECT_GBPAGES=y CONFIG_NUMA=y CONFIG_AMD_NUMA=y CONFIG_X86_64_ACPI_NUMA=y @@ -567,7 +572,7 @@ CONFIG_LEGACY_VSYSCALL_EMULATE=y # CONFIG_LEGACY_VSYSCALL_NONE is not set # CONFIG_CMDLINE_BOOL is not set CONFIG_MODIFY_LDT_SYSCALL=y -CONFIG_DEFAULT_MODIFY_LDT_SYSCALL=y +# CONFIG_DEFAULT_MODIFY_LDT_SYSCALL is not set CONFIG_HAVE_LIVEPATCH=y CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y CONFIG_ARCH_ENABLE_MEMORY_HOTREMOVE=y @@ -793,9 +798,11 @@ CONFIG_SYSVIPC_COMPAT=y CONFIG_KEYS_COMPAT=y CONFIG_X86_DEV_DMA_OPS=y CONFIG_PMC_ATOM=y +CONFIG_VMD=m CONFIG_NET=y CONFIG_COMPAT_NETLINK_MESSAGES=y CONFIG_NET_INGRESS=y +CONFIG_NET_EGRESS=y # # Networking options @@ -821,10 +828,7 @@ CONFIG_IP_MULTIPLE_TABLES=y CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_ROUTE_VERBOSE=y CONFIG_IP_ROUTE_CLASSID=y -CONFIG_IP_PNP=y -CONFIG_IP_PNP_DHCP=y -# CONFIG_IP_PNP_BOOTP is not set -# CONFIG_IP_PNP_RARP is not set +# CONFIG_IP_PNP is not set CONFIG_NET_IPIP=m CONFIG_NET_IPGRE_DEMUX=m CONFIG_NET_IP_TUNNEL=m @@ -851,6 +855,7 @@ CONFIG_INET_LRO=y CONFIG_INET_DIAG=m CONFIG_INET_TCP_DIAG=m CONFIG_INET_UDP_DIAG=m +# CONFIG_INET_DIAG_DESTROY is not set CONFIG_TCP_CONG_ADVA
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 1ec4c3a3fcd5c7e5448aacc44675623a4ef25196 Author: Anthony G. Basile gentoo org> AuthorDate: Thu May 26 17:31:50 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Thu May 26 17:31:50 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=1ec4c3a3 scripts/cycle.2.sh: sys-fs/eudev is now the default provider scripts/cycle.2.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/cycle.2.sh b/scripts/cycle.2.sh index 599dec8..ee7fc3a 100644 --- a/scripts/cycle.2.sh +++ b/scripts/cycle.2.sh @@ -4,8 +4,6 @@ source /etc/profile env-update emerge -b1q portage emerge -b1q app-portage/grs -emerge --unmerge sys-fs/udev -emerge -b1q sys-fs/eudev install-worldconf emerge -bevq --keep-going --verbose-conflicts --with-bdeps=y @world clean-worldconf
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 0a46f47682510eb7af1cb23dc1b9fada948ec172 Author: Anthony G. Basile gentoo org> AuthorDate: Tue May 24 09:12:25 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Tue May 24 09:12:25 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=0a46f476 scripts: add --verbose-conflicts scripts/cycle.2.sh | 2 +- scripts/cycle.3.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/cycle.2.sh b/scripts/cycle.2.sh index 148a344..599dec8 100644 --- a/scripts/cycle.2.sh +++ b/scripts/cycle.2.sh @@ -7,5 +7,5 @@ emerge -b1q app-portage/grs emerge --unmerge sys-fs/udev emerge -b1q sys-fs/eudev install-worldconf -emerge -bevq --keep-going --with-bdeps=y @world +emerge -bevq --keep-going --verbose-conflicts --with-bdeps=y @world clean-worldconf diff --git a/scripts/cycle.3.sh b/scripts/cycle.3.sh index 2acd55a..41640ae 100644 --- a/scripts/cycle.3.sh +++ b/scripts/cycle.3.sh @@ -3,7 +3,7 @@ source /etc/profile env-update install-worldconf -emerge -buvNDq --keep-going --with-bdeps=y @world +emerge -buvNDq --keep-going --verbose-conflicts --with-bdeps=y @world clean-worldconf emerge -bq --keep-going @preserved-rebuild emerge --depclean
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 03dbe06a3229d57c12406b8e8bb482d0bcddeb08 Author: Anthony G. Basile gentoo org> AuthorDate: Fri Feb 26 21:55:12 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Fri Feb 26 21:55:38 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=03dbe06a kernel-config: turn on ikconfig scripts/kernel-config | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 0b25402..1a03a1e 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -135,7 +135,8 @@ CONFIG_SRCU=y CONFIG_RCU_STALL_COMMON=y # CONFIG_RCU_EXPEDITE_BOOT is not set CONFIG_BUILD_BIN2C=y -# CONFIG_IKCONFIG is not set +CONFIG_IKCONFIG=y +CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 6f6622168aa67fd5eca8bca96a47a358e69c8878 Author: Anthony G. Basile gentoo org> AuthorDate: Sun Feb 21 05:11:08 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Sun Feb 21 05:11:08 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=6f662216 kernel-config: tweak 4.4.2, grsec allow ioperm/ioctl scripts/kernel-config | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index b8b807f..0b25402 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -8016,7 +8016,7 @@ CONFIG_PAX_LATENT_ENTROPY=y # Memory Protections # CONFIG_GRKERNSEC_KMEM=y -CONFIG_GRKERNSEC_IO=y +# CONFIG_GRKERNSEC_IO is not set CONFIG_GRKERNSEC_BPF_HARDEN=y CONFIG_GRKERNSEC_PERF_HARDEN=y CONFIG_GRKERNSEC_RAND_THREADSTACK=y @@ -8121,7 +8121,6 @@ CONFIG_GRKERNSEC_DENYUSB=y # Sysctl Support # CONFIG_GRKERNSEC_SYSCTL=y -# CONFIG_GRKERNSEC_SYSCTL_DISTRO is not set CONFIG_GRKERNSEC_SYSCTL_ON=y #
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 3b9397d3025ffd608023ae466d5d8d0796a5a0f7 Author: Anthony G. Basile gentoo org> AuthorDate: Sun Feb 21 00:12:34 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Sun Feb 21 00:12:34 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=3b9397d3 kernel-config: bump to 4.4.2 scripts/kernel-config | 473 +++--- 1 file changed, 336 insertions(+), 137 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 76ddb92..b8b807f 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.2.7-hardened Kernel Configuration +# Linux/x86 4.4.2-hardened Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -73,7 +73,6 @@ CONFIG_POSIX_MQUEUE=y CONFIG_POSIX_MQUEUE_SYSCTL=y CONFIG_CROSS_MEMORY_ATTACH=y CONFIG_FHANDLE=y -CONFIG_USELIB=y CONFIG_AUDIT=y CONFIG_HAVE_ARCH_AUDITSYSCALL=y CONFIG_AUDITSYSCALL=y @@ -134,24 +133,20 @@ CONFIG_TREE_RCU=y CONFIG_SRCU=y # CONFIG_TASKS_RCU is not set CONFIG_RCU_STALL_COMMON=y -CONFIG_RCU_NOCB_CPU=y -# CONFIG_RCU_NOCB_CPU_NONE is not set -# CONFIG_RCU_NOCB_CPU_ZERO is not set -CONFIG_RCU_NOCB_CPU_ALL=y # CONFIG_RCU_EXPEDITE_BOOT is not set CONFIG_BUILD_BIN2C=y -CONFIG_IKCONFIG=y -CONFIG_IKCONFIG_PROC=y +# CONFIG_IKCONFIG is not set CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y -CONFIG_ARCH_SUPPORTS_INT128=y +CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_CGROUPS=y # CONFIG_CGROUP_DEBUG is not set CONFIG_CGROUP_FREEZER=y +CONFIG_CGROUP_PIDS=y CONFIG_CGROUP_DEVICE=y CONFIG_CPUSETS=y CONFIG_PROC_PID_CPUSET=y @@ -216,7 +211,9 @@ CONFIG_BPF_SYSCALL=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_ADVISE_SYSCALLS=y +CONFIG_USERFAULTFD=y CONFIG_PCI_QUIRKS=y +CONFIG_MEMBARRIER=y # CONFIG_EMBEDDED is not set CONFIG_HAVE_PERF_EVENTS=y @@ -232,14 +229,16 @@ CONFIG_SLUB_DEBUG=y CONFIG_SLUB=y # CONFIG_SLOB is not set CONFIG_SLUB_CPU_PARTIAL=y -CONFIG_SYSTEM_TRUSTED_KEYRING=y +CONFIG_SYSTEM_DATA_VERIFICATION=y CONFIG_PROFILING=y +CONFIG_KEXEC_CORE=y CONFIG_OPROFILE=m # CONFIG_OPROFILE_EVENT_MULTIPLEX is not set CONFIG_HAVE_OPROFILE=y CONFIG_OPROFILE_NMI_TIMER=y CONFIG_KPROBES=y CONFIG_JUMP_LABEL=y +# CONFIG_STATIC_KEYS_SELFTEST is not set CONFIG_OPTPROBES=y # CONFIG_UPROBES is not set # CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set @@ -277,8 +276,8 @@ CONFIG_SECCOMP_FILTER=y CONFIG_HAVE_CC_STACKPROTECTOR=y CONFIG_CC_STACKPROTECTOR=y # CONFIG_CC_STACKPROTECTOR_NONE is not set -CONFIG_CC_STACKPROTECTOR_REGULAR=y -# CONFIG_CC_STACKPROTECTOR_STRONG is not set +# CONFIG_CC_STACKPROTECTOR_REGULAR is not set +CONFIG_CC_STACKPROTECTOR_STRONG=y CONFIG_HAVE_CONTEXT_TRACKING=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y @@ -317,7 +316,6 @@ CONFIG_MODULE_SIG_SHA512=y CONFIG_MODULE_SIG_HASH="sha512" # CONFIG_MODULE_COMPRESS is not set CONFIG_MODULES_TREE_LOOKUP=y -CONFIG_STOP_MACHINE=y CONFIG_BLOCK=y CONFIG_BLK_DEV_BSG=y CONFIG_BLK_DEV_BSGLIB=y @@ -329,13 +327,7 @@ CONFIG_BLK_CMDLINE_PARSER=y # Partition Types # CONFIG_PARTITION_ADVANCED=y -CONFIG_ACORN_PARTITION=y -CONFIG_ACORN_PARTITION_CUMANA=y -CONFIG_ACORN_PARTITION_EESOX=y -CONFIG_ACORN_PARTITION_ICS=y -CONFIG_ACORN_PARTITION_ADFS=y -CONFIG_ACORN_PARTITION_POWERTEC=y -CONFIG_ACORN_PARTITION_RISCIX=y +# CONFIG_ACORN_PARTITION is not set CONFIG_AIX_PARTITION=y CONFIG_OSF_PARTITION=y CONFIG_AMIGA_PARTITION=y @@ -400,8 +392,8 @@ CONFIG_X86_NUMACHIP=y # CONFIG_X86_UV is not set # CONFIG_X86_GOLDFISH is not set CONFIG_X86_INTEL_LPSS=y -# CONFIG_X86_AMD_PLATFORM_DEVICE is not set -CONFIG_IOSF_MBI=m +CONFIG_X86_AMD_PLATFORM_DEVICE=y +CONFIG_IOSF_MBI=y CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y CONFIG_SCHED_OMIT_FRAME_POINTER=y CONFIG_HYPERVISOR_GUEST=y @@ -411,7 +403,7 @@ CONFIG_PARAVIRT_SPINLOCKS=y CONFIG_XEN=y CONFIG_XEN_DOM0=y CONFIG_XEN_PVHVM=y -CONFIG_XEN_MAX_DOMAIN_MEMORY=500 +CONFIG_XEN_512GB=y CONFIG_XEN_SAVE_RESTORE=y CONFIG_XEN_PVH=y CONFIG_KVM_GUEST=y @@ -458,15 +450,13 @@ CONFIG_X86_MCE_AMD=y CONFIG_X86_MCE_THRESHOLD=y CONFIG_X86_MCE_INJECT=m CONFIG_X86_THERMAL_VECTOR=y +# CONFIG_VM86 is not set CONFIG_X86_VSYSCALL_EMULATION=y CONFIG_I8K=m CONFIG_MICROCODE=y CONFIG_MICROCODE_INTEL=y CONFIG_MICROCODE_AMD=y CONFIG_MICROCODE_OLD_INTERFACE=y -CONFIG_MICROCODE_INTEL_EARLY=y -CONFIG_MICROCODE_AMD_EARLY=y -CONFIG_MICROCODE_EARLY=y CONFIG_X86_MSR=m CONFIG_X86_CPUID=m CONFIG_ARCH_PHYS_ADDR_T_64BIT=y @@ -501,7 +491,6 @@ CONFIG_HAVE_BOOTMEM_INFO_NODE=y CONFIG_MEMORY_HOTPLUG=y CONFIG_MEMORY_HOTPLUG_SPARSE=y CONFIG_MEMORY_HOTREMOVE=y -CONFIG_PAGEFLAGS_EXTENDED=y CONFIG_SPLIT_PTLOCK_CPUS=4 CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y CONFIG_MEMORY_BALLOON=y @@ -534,6 +523,9 @@ CONFIG_PGTABLE_MAPPING=y CONFIG_GENERIC_EARLY_I
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: a2d4be7090496ffa1cc5116a4dfb560dfede806f Author: Anthony G. Basile gentoo org> AuthorDate: Sat Feb 20 00:51:51 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Sat Feb 20 00:51:51 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=a2d4be70 kernel-config: bump to 4.2.7 scripts/kernel-config | 319 +++--- 1 file changed, 171 insertions(+), 148 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 8d5492c..76ddb92 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.1.7-hardened-r1 Kernel Configuration +# Linux/x86 4.2.7-hardened Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -37,7 +37,6 @@ CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y CONFIG_HAVE_INTEL_TXT=y CONFIG_X86_64_SMP=y -CONFIG_X86_HT=y CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" CONFIG_ARCH_SUPPORTS_UPROBES=y CONFIG_FIX_EARLYCON_MEM=y @@ -86,12 +85,12 @@ CONFIG_AUDIT_TREE=y # CONFIG_GENERIC_IRQ_PROBE=y CONFIG_GENERIC_IRQ_SHOW=y -CONFIG_GENERIC_IRQ_LEGACY_ALLOC_HWIRQ=y CONFIG_GENERIC_PENDING_IRQ=y CONFIG_GENERIC_IRQ_CHIP=y CONFIG_IRQ_DOMAIN=y +CONFIG_IRQ_DOMAIN_HIERARCHY=y CONFIG_GENERIC_MSI_IRQ=y -# CONFIG_IRQ_DOMAIN_DEBUG is not set +CONFIG_GENERIC_MSI_IRQ_DOMAIN=y CONFIG_IRQ_FORCED_THREADING=y CONFIG_SPARSE_IRQ=y CONFIG_CLOCKSOURCE_WATCHDOG=y @@ -131,18 +130,10 @@ CONFIG_TASK_IO_ACCOUNTING=y # RCU Subsystem # CONFIG_TREE_RCU=y +# CONFIG_RCU_EXPERT is not set CONFIG_SRCU=y # CONFIG_TASKS_RCU is not set CONFIG_RCU_STALL_COMMON=y -CONFIG_CONTEXT_TRACKING=y -CONFIG_RCU_USER_QS=y -# CONFIG_CONTEXT_TRACKING_FORCE is not set -CONFIG_RCU_FANOUT=64 -CONFIG_RCU_FANOUT_LEAF=16 -# CONFIG_RCU_FANOUT_EXACT is not set -CONFIG_RCU_FAST_NO_HZ=y -# CONFIG_TREE_RCU_TRACE is not set -CONFIG_RCU_KTHREAD_PRIO=0 CONFIG_RCU_NOCB_CPU=y # CONFIG_RCU_NOCB_CPU_NONE is not set # CONFIG_RCU_NOCB_CPU_ZERO is not set @@ -155,6 +146,7 @@ CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y +CONFIG_ARCH_SUPPORTS_INT128=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_CGROUPS=y @@ -177,6 +169,7 @@ CONFIG_CFS_BANDWIDTH=y # CONFIG_RT_GROUP_SCHED is not set CONFIG_BLK_CGROUP=y # CONFIG_DEBUG_BLK_CGROUP is not set +CONFIG_CGROUP_WRITEBACK=y CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y @@ -241,7 +234,6 @@ CONFIG_SLUB=y CONFIG_SLUB_CPU_PARTIAL=y CONFIG_SYSTEM_TRUSTED_KEYRING=y CONFIG_PROFILING=y -CONFIG_TRACEPOINTS=y CONFIG_OPROFILE=m # CONFIG_OPROFILE_EVENT_MULTIPLEX is not set CONFIG_HAVE_OPROFILE=y @@ -249,8 +241,7 @@ CONFIG_OPROFILE_NMI_TIMER=y CONFIG_KPROBES=y CONFIG_JUMP_LABEL=y CONFIG_OPTPROBES=y -CONFIG_KPROBES_ON_FTRACE=y -CONFIG_UPROBES=y +# CONFIG_UPROBES is not set # CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y CONFIG_ARCH_USE_BUILTIN_BSWAP=y @@ -297,13 +288,13 @@ CONFIG_HAVE_ARCH_SOFT_DIRTY=y CONFIG_MODULES_USE_ELF_RELA=y CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y CONFIG_ARCH_HAS_ELF_RANDOMIZE=y +CONFIG_HAVE_COPY_THREAD_TLS=y CONFIG_OLD_SIGSUSPEND3=y CONFIG_COMPAT_OLD_SIGACTION=y # # GCOV-based kernel profiling # -# CONFIG_GCOV_KERNEL is not set CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y @@ -325,6 +316,7 @@ CONFIG_MODULE_SIG_ALL=y CONFIG_MODULE_SIG_SHA512=y CONFIG_MODULE_SIG_HASH="sha512" # CONFIG_MODULE_COMPRESS is not set +CONFIG_MODULES_TREE_LOOKUP=y CONFIG_STOP_MACHINE=y CONFIG_BLOCK=y CONFIG_BLK_DEV_BSG=y @@ -379,7 +371,6 @@ CONFIG_DEFAULT_IOSCHED="deadline" CONFIG_PREEMPT_NOTIFIERS=y CONFIG_PADATA=y CONFIG_ASN1=y -CONFIG_UNINLINE_SPIN_UNLOCK=y CONFIG_INLINE_SPIN_UNLOCK_IRQ=y CONFIG_INLINE_READ_UNLOCK=y CONFIG_INLINE_READ_UNLOCK_IRQ=y @@ -389,8 +380,10 @@ CONFIG_ARCH_SUPPORTS_ATOMIC_RMW=y CONFIG_MUTEX_SPIN_ON_OWNER=y CONFIG_RWSEM_SPIN_ON_OWNER=y CONFIG_LOCK_SPIN_ON_OWNER=y -CONFIG_ARCH_USE_QUEUE_RWLOCK=y -CONFIG_QUEUE_RWLOCK=y +CONFIG_ARCH_USE_QUEUED_SPINLOCKS=y +CONFIG_QUEUED_SPINLOCKS=y +CONFIG_ARCH_USE_QUEUED_RWLOCKS=y +CONFIG_QUEUED_RWLOCKS=y CONFIG_FREEZER=y # @@ -409,7 +402,6 @@ CONFIG_X86_NUMACHIP=y CONFIG_X86_INTEL_LPSS=y # CONFIG_X86_AMD_PLATFORM_DEVICE is not set CONFIG_IOSF_MBI=m -CONFIG_IOSF_MBI_DEBUG=y CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y CONFIG_SCHED_OMIT_FRAME_POINTER=y CONFIG_HYPERVISOR_GUEST=y @@ -421,10 +413,8 @@ CONFIG_XEN_DOM0=y CONFIG_XEN_PVHVM=y CONFIG_XEN_MAX_DOMAIN_MEMORY=500 CONFIG_XEN_SAVE_RESTORE=y -# CONFIG_XEN_DEBUG_FS is not set CONFIG_XEN_PVH=y CONFIG_KVM_GUEST=y -CONFIG_KVM_DEBUG_FS=y # CONFIG_PARAVIRT_TIME_ACCOUNTING is not set CONFIG_PARAVIRT_CLOCK=y CONFIG_NO_BOOTMEM=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 8615196a59ecc4ae9424f594ee48a82831bc3318 Author: Anthony G. Basile gentoo org> AuthorDate: Mon Feb 15 15:37:47 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Mon Feb 15 15:37:47 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=8615196a kernel-config: backup to 4.1.7-r1 scripts/kernel-config | 567 -- 1 file changed, 224 insertions(+), 343 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 98e5871..8d5492c 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.3.5-hardened-r2 Kernel Configuration +# Linux/x86 4.1.7-hardened-r1 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -37,6 +37,7 @@ CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y CONFIG_HAVE_INTEL_TXT=y CONFIG_X86_64_SMP=y +CONFIG_X86_HT=y CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" CONFIG_ARCH_SUPPORTS_UPROBES=y CONFIG_FIX_EARLYCON_MEM=y @@ -85,12 +86,12 @@ CONFIG_AUDIT_TREE=y # CONFIG_GENERIC_IRQ_PROBE=y CONFIG_GENERIC_IRQ_SHOW=y +CONFIG_GENERIC_IRQ_LEGACY_ALLOC_HWIRQ=y CONFIG_GENERIC_PENDING_IRQ=y CONFIG_GENERIC_IRQ_CHIP=y CONFIG_IRQ_DOMAIN=y -CONFIG_IRQ_DOMAIN_HIERARCHY=y CONFIG_GENERIC_MSI_IRQ=y -CONFIG_GENERIC_MSI_IRQ_DOMAIN=y +# CONFIG_IRQ_DOMAIN_DEBUG is not set CONFIG_IRQ_FORCED_THREADING=y CONFIG_SPARSE_IRQ=y CONFIG_CLOCKSOURCE_WATCHDOG=y @@ -130,24 +131,35 @@ CONFIG_TASK_IO_ACCOUNTING=y # RCU Subsystem # CONFIG_TREE_RCU=y -# CONFIG_RCU_EXPERT is not set CONFIG_SRCU=y # CONFIG_TASKS_RCU is not set CONFIG_RCU_STALL_COMMON=y +CONFIG_CONTEXT_TRACKING=y +CONFIG_RCU_USER_QS=y +# CONFIG_CONTEXT_TRACKING_FORCE is not set +CONFIG_RCU_FANOUT=64 +CONFIG_RCU_FANOUT_LEAF=16 +# CONFIG_RCU_FANOUT_EXACT is not set +CONFIG_RCU_FAST_NO_HZ=y +# CONFIG_TREE_RCU_TRACE is not set +CONFIG_RCU_KTHREAD_PRIO=0 +CONFIG_RCU_NOCB_CPU=y +# CONFIG_RCU_NOCB_CPU_NONE is not set +# CONFIG_RCU_NOCB_CPU_ZERO is not set +CONFIG_RCU_NOCB_CPU_ALL=y # CONFIG_RCU_EXPEDITE_BOOT is not set CONFIG_BUILD_BIN2C=y -# CONFIG_IKCONFIG is not set +CONFIG_IKCONFIG=y +CONFIG_IKCONFIG_PROC=y CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y -CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_CGROUPS=y # CONFIG_CGROUP_DEBUG is not set CONFIG_CGROUP_FREEZER=y -CONFIG_CGROUP_PIDS=y CONFIG_CGROUP_DEVICE=y CONFIG_CPUSETS=y CONFIG_PROC_PID_CPUSET=y @@ -165,7 +177,6 @@ CONFIG_CFS_BANDWIDTH=y # CONFIG_RT_GROUP_SCHED is not set CONFIG_BLK_CGROUP=y # CONFIG_DEBUG_BLK_CGROUP is not set -CONFIG_CGROUP_WRITEBACK=y CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y @@ -212,9 +223,7 @@ CONFIG_BPF_SYSCALL=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_ADVISE_SYSCALLS=y -CONFIG_USERFAULTFD=y CONFIG_PCI_QUIRKS=y -CONFIG_MEMBARRIER=y # CONFIG_EMBEDDED is not set CONFIG_HAVE_PERF_EVENTS=y @@ -230,18 +239,18 @@ CONFIG_SLUB_DEBUG=y CONFIG_SLUB=y # CONFIG_SLOB is not set CONFIG_SLUB_CPU_PARTIAL=y -CONFIG_SYSTEM_DATA_VERIFICATION=y +CONFIG_SYSTEM_TRUSTED_KEYRING=y CONFIG_PROFILING=y -CONFIG_KEXEC_CORE=y +CONFIG_TRACEPOINTS=y CONFIG_OPROFILE=m # CONFIG_OPROFILE_EVENT_MULTIPLEX is not set CONFIG_HAVE_OPROFILE=y CONFIG_OPROFILE_NMI_TIMER=y CONFIG_KPROBES=y CONFIG_JUMP_LABEL=y -# CONFIG_STATIC_KEYS_SELFTEST is not set CONFIG_OPTPROBES=y -# CONFIG_UPROBES is not set +CONFIG_KPROBES_ON_FTRACE=y +CONFIG_UPROBES=y # CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y CONFIG_ARCH_USE_BUILTIN_BSWAP=y @@ -277,8 +286,8 @@ CONFIG_SECCOMP_FILTER=y CONFIG_HAVE_CC_STACKPROTECTOR=y CONFIG_CC_STACKPROTECTOR=y # CONFIG_CC_STACKPROTECTOR_NONE is not set -# CONFIG_CC_STACKPROTECTOR_REGULAR is not set -CONFIG_CC_STACKPROTECTOR_STRONG=y +CONFIG_CC_STACKPROTECTOR_REGULAR=y +# CONFIG_CC_STACKPROTECTOR_STRONG is not set CONFIG_HAVE_CONTEXT_TRACKING=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y @@ -288,13 +297,13 @@ CONFIG_HAVE_ARCH_SOFT_DIRTY=y CONFIG_MODULES_USE_ELF_RELA=y CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y CONFIG_ARCH_HAS_ELF_RANDOMIZE=y -CONFIG_HAVE_COPY_THREAD_TLS=y CONFIG_OLD_SIGSUSPEND3=y CONFIG_COMPAT_OLD_SIGACTION=y # # GCOV-based kernel profiling # +# CONFIG_GCOV_KERNEL is not set CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y @@ -316,7 +325,6 @@ CONFIG_MODULE_SIG_ALL=y CONFIG_MODULE_SIG_SHA512=y CONFIG_MODULE_SIG_HASH="sha512" # CONFIG_MODULE_COMPRESS is not set -CONFIG_MODULES_TREE_LOOKUP=y CONFIG_STOP_MACHINE=y CONFIG_BLOCK=y CONFIG_BLK_DEV_BSG=y @@ -329,7 +337,13 @@ CONFIG_BLK_CMDLINE_PARSER=y # Partition Types
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 1b994cf67049e9f95156daa721a6284a3072d83f Author: Anthony G. Basile gentoo org> AuthorDate: Sun Feb 14 15:59:49 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Sun Feb 14 15:59:49 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=1b994cf6 kernel-config: udpate to 4.3.5-r2 scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 6a7e55b..98e5871 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.3.3-hardened-r4 Kernel Configuration +# Linux/x86 4.3.5-hardened-r2 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: d164ec7e03080b5150ec5a883a9be9b68ea80037 Author: Anthony G. Basile gentoo org> AuthorDate: Sat Jan 9 15:06:15 2016 + Commit: Anthony G. Basile gentoo org> CommitDate: Sat Jan 9 15:06:15 2016 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=d164ec7e scripts/kernel-config: update to hardened-sources-4.3.3-r4 scripts/kernel-config | 380 +- 1 file changed, 190 insertions(+), 190 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 96b42ca..6a7e55b 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.2.3-hardened-r3 Kernel Configuration +# Linux/x86 4.3.3-hardened-r4 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -91,7 +91,6 @@ CONFIG_IRQ_DOMAIN=y CONFIG_IRQ_DOMAIN_HIERARCHY=y CONFIG_GENERIC_MSI_IRQ=y CONFIG_GENERIC_MSI_IRQ_DOMAIN=y -# CONFIG_IRQ_DOMAIN_DEBUG is not set CONFIG_IRQ_FORCED_THREADING=y CONFIG_SPARSE_IRQ=y CONFIG_CLOCKSOURCE_WATCHDOG=y @@ -135,25 +134,20 @@ CONFIG_TREE_RCU=y CONFIG_SRCU=y # CONFIG_TASKS_RCU is not set CONFIG_RCU_STALL_COMMON=y -# CONFIG_TREE_RCU_TRACE is not set -CONFIG_RCU_NOCB_CPU=y -# CONFIG_RCU_NOCB_CPU_NONE is not set -# CONFIG_RCU_NOCB_CPU_ZERO is not set -CONFIG_RCU_NOCB_CPU_ALL=y # CONFIG_RCU_EXPEDITE_BOOT is not set CONFIG_BUILD_BIN2C=y -CONFIG_IKCONFIG=y -CONFIG_IKCONFIG_PROC=y +# CONFIG_IKCONFIG is not set CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y -CONFIG_ARCH_SUPPORTS_INT128=y +CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_CGROUPS=y # CONFIG_CGROUP_DEBUG is not set CONFIG_CGROUP_FREEZER=y +CONFIG_CGROUP_PIDS=y CONFIG_CGROUP_DEVICE=y CONFIG_CPUSETS=y CONFIG_PROC_PID_CPUSET=y @@ -218,7 +212,9 @@ CONFIG_BPF_SYSCALL=y CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_ADVISE_SYSCALLS=y +CONFIG_USERFAULTFD=y CONFIG_PCI_QUIRKS=y +CONFIG_MEMBARRIER=y # CONFIG_EMBEDDED is not set CONFIG_HAVE_PERF_EVENTS=y @@ -234,18 +230,18 @@ CONFIG_SLUB_DEBUG=y CONFIG_SLUB=y # CONFIG_SLOB is not set CONFIG_SLUB_CPU_PARTIAL=y -CONFIG_SYSTEM_TRUSTED_KEYRING=y +CONFIG_SYSTEM_DATA_VERIFICATION=y CONFIG_PROFILING=y -CONFIG_TRACEPOINTS=y +CONFIG_KEXEC_CORE=y CONFIG_OPROFILE=m # CONFIG_OPROFILE_EVENT_MULTIPLEX is not set CONFIG_HAVE_OPROFILE=y CONFIG_OPROFILE_NMI_TIMER=y CONFIG_KPROBES=y CONFIG_JUMP_LABEL=y +# CONFIG_STATIC_KEYS_SELFTEST is not set CONFIG_OPTPROBES=y -CONFIG_KPROBES_ON_FTRACE=y -CONFIG_UPROBES=y +# CONFIG_UPROBES is not set # CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y CONFIG_ARCH_USE_BUILTIN_BSWAP=y @@ -281,8 +277,8 @@ CONFIG_SECCOMP_FILTER=y CONFIG_HAVE_CC_STACKPROTECTOR=y CONFIG_CC_STACKPROTECTOR=y # CONFIG_CC_STACKPROTECTOR_NONE is not set -CONFIG_CC_STACKPROTECTOR_REGULAR=y -# CONFIG_CC_STACKPROTECTOR_STRONG is not set +# CONFIG_CC_STACKPROTECTOR_REGULAR is not set +CONFIG_CC_STACKPROTECTOR_STRONG=y CONFIG_HAVE_CONTEXT_TRACKING=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y @@ -299,7 +295,6 @@ CONFIG_COMPAT_OLD_SIGACTION=y # # GCOV-based kernel profiling # -# CONFIG_GCOV_KERNEL is not set CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y # CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_SLABINFO=y @@ -334,13 +329,7 @@ CONFIG_BLK_CMDLINE_PARSER=y # Partition Types # CONFIG_PARTITION_ADVANCED=y -CONFIG_ACORN_PARTITION=y -CONFIG_ACORN_PARTITION_CUMANA=y -CONFIG_ACORN_PARTITION_EESOX=y -CONFIG_ACORN_PARTITION_ICS=y -CONFIG_ACORN_PARTITION_ADFS=y -CONFIG_ACORN_PARTITION_POWERTEC=y -CONFIG_ACORN_PARTITION_RISCIX=y +# CONFIG_ACORN_PARTITION is not set CONFIG_AIX_PARTITION=y CONFIG_OSF_PARTITION=y CONFIG_AMIGA_PARTITION=y @@ -405,9 +394,8 @@ CONFIG_X86_NUMACHIP=y # CONFIG_X86_UV is not set # CONFIG_X86_GOLDFISH is not set CONFIG_X86_INTEL_LPSS=y -# CONFIG_X86_AMD_PLATFORM_DEVICE is not set +CONFIG_X86_AMD_PLATFORM_DEVICE=y CONFIG_IOSF_MBI=m -CONFIG_IOSF_MBI_DEBUG=y CONFIG_X86_SUPPORTS_MEMORY_FAILURE=y CONFIG_SCHED_OMIT_FRAME_POINTER=y CONFIG_HYPERVISOR_GUEST=y @@ -417,12 +405,10 @@ CONFIG_PARAVIRT_SPINLOCKS=y CONFIG_XEN=y CONFIG_XEN_DOM0=y CONFIG_XEN_PVHVM=y -CONFIG_XEN_MAX_DOMAIN_MEMORY=500 +CONFIG_XEN_512GB=y CONFIG_XEN_SAVE_RESTORE=y -# CONFIG_XEN_DEBUG_FS is not set CONFIG_XEN_PVH=y CONFIG_KVM_GUEST=y -CONFIG_KVM_DEBUG_FS=y # CONFIG_PARAVIRT_TIME_ACCOUNTING is not set CONFIG_PARAVIRT_CLOCK=y CONFIG_NO_BOOTMEM=y @@ -466,6 +452,7 @@ CONFIG_X86_MCE_AMD=y CONFIG_X86_MCE_THRESHOLD=y CONFIG_X86_MCE_INJECT=m CONFIG_X86_THERMAL_VECTOR=y +# CONFIG_VM86 is not set CONFIG_X86_VSYSCALL_EMULATION=y CONFIG_I8K=m CONFIG_MICROCODE=y @@ -479,7 +466,6 @@ CONFIG_X86_MSR=m CONFIG_X86_CPUID=m CONFIG_ARCH_PHYS_ADDR_T_64BIT=y CONFIG_ARCH_DMA_ADDR_T_64BIT=y -CONFIG_X86_DIRECT_GBPAGES=y CONFIG_NUMA=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 5fcf0f1e26a4c284ed6c13a889fde19f68eb8099 Author: Anthony G. Basile gentoo org> AuthorDate: Mon Nov 23 21:39:17 2015 + Commit: Anthony G. Basile gentoo org> CommitDate: Mon Nov 23 21:39:48 2015 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=5fcf0f1e scripts/cycle.3.sh: don't bail if emerge @world fails scripts/cycle.3.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/cycle.3.sh b/scripts/cycle.3.sh index 496ea94..2acd55a 100644 --- a/scripts/cycle.3.sh +++ b/scripts/cycle.3.sh @@ -1,4 +1,4 @@ -#!/bin/bash -e +#!/bin/bash source /etc/profile env-update
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: be09f5a7d7e3562bf26b922aa1e30f08d215c7e7 Author: Anthony G. Basile gentoo org> AuthorDate: Thu Oct 15 02:08:29 2015 + Commit: Anthony G. Basile gentoo org> CommitDate: Thu Oct 15 02:09:04 2015 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=be09f5a7 scripts/kernel-config: bump to hardened-sources-4.2.3-r3 scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index a746783..96b42ca 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.2.3-hardened Kernel Configuration +# Linux/x86 4.2.3-hardened-r3 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 6afbf290d281ed985e76e590a47df8caa8e41850 Author: Anthony G. Basile gentoo org> AuthorDate: Thu Oct 8 18:12:18 2015 + Commit: Anthony G. Basile gentoo org> CommitDate: Thu Oct 8 18:12:42 2015 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=6afbf290 grs/kernel-config: fix version. scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index a3a7f93..a746783 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.2.3-hardened-r1 Kernel Configuration +# Linux/x86 4.2.3-hardened Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 787c82af9f3bbb5457b98c542b232e082fbb1460 Author: Anthony G. Basile gentoo org> AuthorDate: Thu Oct 8 17:50:35 2015 + Commit: Anthony G. Basile gentoo org> CommitDate: Thu Oct 8 17:50:35 2015 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=787c82af scripts/kernel-config: bump 4.2.3 scripts/kernel-config | 221 ++ 1 file changed, 170 insertions(+), 51 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index f00907d..a3a7f93 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.1.6-hardened-r2 Kernel Configuration +# Linux/x86 4.2.3-hardened-r1 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -37,7 +37,6 @@ CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y CONFIG_HAVE_INTEL_TXT=y CONFIG_X86_64_SMP=y -CONFIG_X86_HT=y CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" CONFIG_ARCH_SUPPORTS_UPROBES=y CONFIG_FIX_EARLYCON_MEM=y @@ -86,11 +85,12 @@ CONFIG_AUDIT_TREE=y # CONFIG_GENERIC_IRQ_PROBE=y CONFIG_GENERIC_IRQ_SHOW=y -CONFIG_GENERIC_IRQ_LEGACY_ALLOC_HWIRQ=y CONFIG_GENERIC_PENDING_IRQ=y CONFIG_GENERIC_IRQ_CHIP=y CONFIG_IRQ_DOMAIN=y +CONFIG_IRQ_DOMAIN_HIERARCHY=y CONFIG_GENERIC_MSI_IRQ=y +CONFIG_GENERIC_MSI_IRQ_DOMAIN=y # CONFIG_IRQ_DOMAIN_DEBUG is not set CONFIG_IRQ_FORCED_THREADING=y CONFIG_SPARSE_IRQ=y @@ -131,18 +131,11 @@ CONFIG_TASK_IO_ACCOUNTING=y # RCU Subsystem # CONFIG_TREE_RCU=y +# CONFIG_RCU_EXPERT is not set CONFIG_SRCU=y # CONFIG_TASKS_RCU is not set CONFIG_RCU_STALL_COMMON=y -CONFIG_CONTEXT_TRACKING=y -CONFIG_RCU_USER_QS=y -# CONFIG_CONTEXT_TRACKING_FORCE is not set -CONFIG_RCU_FANOUT=64 -CONFIG_RCU_FANOUT_LEAF=16 -# CONFIG_RCU_FANOUT_EXACT is not set -CONFIG_RCU_FAST_NO_HZ=y # CONFIG_TREE_RCU_TRACE is not set -CONFIG_RCU_KTHREAD_PRIO=0 CONFIG_RCU_NOCB_CPU=y # CONFIG_RCU_NOCB_CPU_NONE is not set # CONFIG_RCU_NOCB_CPU_ZERO is not set @@ -155,6 +148,7 @@ CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y +CONFIG_ARCH_SUPPORTS_INT128=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_CGROUPS=y @@ -177,6 +171,7 @@ CONFIG_CFS_BANDWIDTH=y # CONFIG_RT_GROUP_SCHED is not set CONFIG_BLK_CGROUP=y # CONFIG_DEBUG_BLK_CGROUP is not set +CONFIG_CGROUP_WRITEBACK=y CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y @@ -297,6 +292,7 @@ CONFIG_HAVE_ARCH_SOFT_DIRTY=y CONFIG_MODULES_USE_ELF_RELA=y CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y CONFIG_ARCH_HAS_ELF_RANDOMIZE=y +CONFIG_HAVE_COPY_THREAD_TLS=y CONFIG_OLD_SIGSUSPEND3=y CONFIG_COMPAT_OLD_SIGACTION=y @@ -325,6 +321,7 @@ CONFIG_MODULE_SIG_ALL=y CONFIG_MODULE_SIG_SHA512=y CONFIG_MODULE_SIG_HASH="sha512" # CONFIG_MODULE_COMPRESS is not set +CONFIG_MODULES_TREE_LOOKUP=y CONFIG_STOP_MACHINE=y CONFIG_BLOCK=y CONFIG_BLK_DEV_BSG=y @@ -379,7 +376,6 @@ CONFIG_DEFAULT_IOSCHED="deadline" CONFIG_PREEMPT_NOTIFIERS=y CONFIG_PADATA=y CONFIG_ASN1=y -CONFIG_UNINLINE_SPIN_UNLOCK=y CONFIG_INLINE_SPIN_UNLOCK_IRQ=y CONFIG_INLINE_READ_UNLOCK=y CONFIG_INLINE_READ_UNLOCK_IRQ=y @@ -389,8 +385,10 @@ CONFIG_ARCH_SUPPORTS_ATOMIC_RMW=y CONFIG_MUTEX_SPIN_ON_OWNER=y CONFIG_RWSEM_SPIN_ON_OWNER=y CONFIG_LOCK_SPIN_ON_OWNER=y -CONFIG_ARCH_USE_QUEUE_RWLOCK=y -CONFIG_QUEUE_RWLOCK=y +CONFIG_ARCH_USE_QUEUED_SPINLOCKS=y +CONFIG_QUEUED_SPINLOCKS=y +CONFIG_ARCH_USE_QUEUED_RWLOCKS=y +CONFIG_QUEUED_RWLOCKS=y CONFIG_FREEZER=y # @@ -544,6 +542,8 @@ CONFIG_ZSMALLOC=y CONFIG_PGTABLE_MAPPING=y # CONFIG_ZSMALLOC_STAT is not set CONFIG_GENERIC_EARLY_IOREMAP=y +CONFIG_ARCH_SUPPORTS_DEFERRED_STRUCT_PAGE_INIT=y +# CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set CONFIG_X86_PMEM_LEGACY=y CONFIG_X86_CHECK_BIOS_CORRUPTION=y CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y @@ -613,6 +613,7 @@ CONFIG_ARCH_MIGHT_HAVE_ACPI_PDC=y CONFIG_ACPI_SYSTEM_POWER_STATES_SUPPORT=y CONFIG_ACPI_SLEEP=y # CONFIG_ACPI_PROCFS_POWER is not set +CONFIG_ACPI_REV_OVERRIDE_POSSIBLE=y CONFIG_ACPI_EC_DEBUGFS=m CONFIG_ACPI_AC=y CONFIG_ACPI_BATTERY=y @@ -640,6 +641,8 @@ CONFIG_ACPI_HED=y # CONFIG_ACPI_CUSTOM_METHOD is not set CONFIG_ACPI_BGRT=y # CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set +CONFIG_ACPI_NFIT=m +# CONFIG_ACPI_NFIT_DEBUG is not set CONFIG_HAVE_ACPI_APEI=y CONFIG_HAVE_ACPI_APEI_NMI=y CONFIG_ACPI_APEI=y @@ -724,6 +727,7 @@ CONFIG_PCIEASPM_DEFAULT=y CONFIG_PCIE_PME=y CONFIG_PCI_BUS_ADDR_T_64BIT=y CONFIG_PCI_MSI=y +CONFIG_PCI_MSI_IRQ_DOMAIN=y # CONFIG_PCI_DEBUG is not set CONFIG_PCI_REALLOC_ENABLE_AUTO=y CONFIG_PCI_STUB=m @@ -802,6 +806,7 @@ CONFIG_X86_DEV_DMA_OPS=y CONFIG_PMC_ATOM=y CONFIG_NET=y CONFIG_COMPAT_NETLINK_MESSAGES=y +CONFIG_NET_INGRESS=y # # Networking options @@ -845,7 +850,7 @@ CONFI
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 63773aa7a5be5e747f9ba5783796a71d2ee652c9 Author: Anthony G. Basile gentoo org> AuthorDate: Sun Sep 27 13:24:09 2015 + Commit: Anthony G. Basile gentoo org> CommitDate: Sun Sep 27 13:24:09 2015 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=63773aa7 scripts/cycle.3.sh: keep going during revdep-rebuild. scripts/cycle.3.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/cycle.3.sh b/scripts/cycle.3.sh index 53d7c3b..496ea94 100644 --- a/scripts/cycle.3.sh +++ b/scripts/cycle.3.sh @@ -5,5 +5,5 @@ env-update install-worldconf emerge -buvNDq --keep-going --with-bdeps=y @world clean-worldconf -emerge -bq @preserved-rebuild +emerge -bq --keep-going @preserved-rebuild emerge --depclean
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: c2f0c5cbebe321846b9be34ee1ff374b3a2468c4 Author: Anthony G. Basile gentoo org> AuthorDate: Wed Sep 16 05:34:39 2015 + Commit: Anthony G. Basile gentoo org> CommitDate: Wed Sep 16 05:34:39 2015 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=c2f0c5cb scripts/kernel-config: update to hardened-sources-4.1.6-r2 scripts/kernel-config | 231 -- 1 file changed, 148 insertions(+), 83 deletions(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 215386c..f00907d 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.0.8-hardened Kernel Configuration +# Linux/x86 4.1.6-hardened-r2 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -41,6 +41,7 @@ CONFIG_X86_HT=y CONFIG_ARCH_HWEIGHT_CFLAGS="-fcall-saved-rdi -fcall-saved-rsi -fcall-saved-rdx -fcall-saved-rcx -fcall-saved-r8 -fcall-saved-r9 -fcall-saved-r10 -fcall-saved-r11" CONFIG_ARCH_SUPPORTS_UPROBES=y CONFIG_FIX_EARLYCON_MEM=y +CONFIG_PGTABLE_LEVELS=4 CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config" CONFIG_IRQ_WORK=y CONFIG_BUILDTIME_EXTABLE_SORT=y @@ -98,7 +99,6 @@ CONFIG_ARCH_CLOCKSOURCE_DATA=y CONFIG_CLOCKSOURCE_VALIDATE_LAST_CYCLE=y CONFIG_GENERIC_TIME_VSYSCALL=y CONFIG_GENERIC_CLOCKEVENTS=y -CONFIG_GENERIC_CLOCKEVENTS_BUILD=y CONFIG_GENERIC_CLOCKEVENTS_BROADCAST=y CONFIG_GENERIC_CLOCKEVENTS_MIN_ADJUST=y CONFIG_GENERIC_CMOS_UPDATE=y @@ -147,6 +147,7 @@ CONFIG_RCU_NOCB_CPU=y # CONFIG_RCU_NOCB_CPU_NONE is not set # CONFIG_RCU_NOCB_CPU_ZERO is not set CONFIG_RCU_NOCB_CPU_ALL=y +# CONFIG_RCU_EXPEDITE_BOOT is not set CONFIG_BUILD_BIN2C=y CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y @@ -154,7 +155,6 @@ CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y -CONFIG_ARCH_SUPPORTS_INT128=y CONFIG_NUMA_BALANCING=y CONFIG_NUMA_BALANCING_DEFAULT_ENABLED=y CONFIG_CGROUPS=y @@ -203,6 +203,7 @@ CONFIG_HAVE_PCSPKR_PLATFORM=y CONFIG_BPF=y CONFIG_EXPERT=y CONFIG_UID16=y +CONFIG_MULTIUSER=y CONFIG_SGETMASK_SYSCALL=y CONFIG_SYSFS_SYSCALL=y CONFIG_SYSCTL_SYSCALL=y @@ -291,9 +292,11 @@ CONFIG_HAVE_CONTEXT_TRACKING=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y +CONFIG_HAVE_ARCH_HUGE_VMAP=y CONFIG_HAVE_ARCH_SOFT_DIRTY=y CONFIG_MODULES_USE_ELF_RELA=y CONFIG_HAVE_IRQ_EXIT_ON_IRQ_STACK=y +CONFIG_ARCH_HAS_ELF_RANDOMIZE=y CONFIG_OLD_SIGSUSPEND3=y CONFIG_COMPAT_OLD_SIGACTION=y @@ -425,7 +428,6 @@ CONFIG_KVM_DEBUG_FS=y # CONFIG_PARAVIRT_TIME_ACCOUNTING is not set CONFIG_PARAVIRT_CLOCK=y CONFIG_NO_BOOTMEM=y -CONFIG_MEMTEST=y # CONFIG_MK8 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set @@ -457,7 +459,6 @@ CONFIG_SCHED_MC=y # CONFIG_PREEMPT_NONE is not set CONFIG_PREEMPT_VOLUNTARY=y # CONFIG_PREEMPT is not set -CONFIG_X86_UP_APIC_MSI=y CONFIG_X86_LOCAL_APIC=y CONFIG_X86_IO_APIC=y CONFIG_X86_REROUTE_FOR_BROKEN_BOOT_IRQS=y @@ -480,7 +481,7 @@ CONFIG_X86_MSR=m CONFIG_X86_CPUID=m CONFIG_ARCH_PHYS_ADDR_T_64BIT=y CONFIG_ARCH_DMA_ADDR_T_64BIT=y -CONFIG_DIRECT_GBPAGES=y +CONFIG_X86_DIRECT_GBPAGES=y CONFIG_NUMA=y CONFIG_AMD_NUMA=y CONFIG_X86_64_ACPI_NUMA=y @@ -534,6 +535,7 @@ CONFIG_CLEANCACHE=y CONFIG_FRONTSWAP=y CONFIG_CMA=y # CONFIG_CMA_DEBUG is not set +# CONFIG_CMA_DEBUGFS is not set CONFIG_CMA_AREAS=7 CONFIG_ZSWAP=y CONFIG_ZPOOL=y @@ -542,6 +544,7 @@ CONFIG_ZSMALLOC=y CONFIG_PGTABLE_MAPPING=y # CONFIG_ZSMALLOC_STAT is not set CONFIG_GENERIC_EARLY_IOREMAP=y +CONFIG_X86_PMEM_LEGACY=y CONFIG_X86_CHECK_BIOS_CORRUPTION=y CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y CONFIG_X86_RESERVE_LOW=64 @@ -575,6 +578,7 @@ CONFIG_HOTPLUG_CPU=y # CONFIG_BOOTPARAM_HOTPLUG_CPU0 is not set # CONFIG_DEBUG_HOTPLUG_CPU0 is not set # CONFIG_CMDLINE_BOOL is not set +# CONFIG_DEFAULT_MODIFY_LDT_SYSCALL is not set CONFIG_HAVE_LIVEPATCH=y # CONFIG_LIVEPATCH is not set CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y @@ -606,6 +610,7 @@ CONFIG_WQ_POWER_EFFICIENT_DEFAULT=y CONFIG_ACPI=y CONFIG_ACPI_LEGACY_TABLES_LOOKUP=y CONFIG_ARCH_MIGHT_HAVE_ACPI_PDC=y +CONFIG_ACPI_SYSTEM_POWER_STATES_SUPPORT=y CONFIG_ACPI_SLEEP=y # CONFIG_ACPI_PROCFS_POWER is not set CONFIG_ACPI_EC_DEBUGFS=m @@ -717,6 +722,7 @@ CONFIG_PCIEASPM_DEFAULT=y # CONFIG_PCIEASPM_POWERSAVE is not set # CONFIG_PCIEASPM_PERFORMANCE is not set CONFIG_PCIE_PME=y +CONFIG_PCI_BUS_ADDR_T_64BIT=y CONFIG_PCI_MSI=y # CONFIG_PCI_DEBUG is not set CONFIG_PCI_REALLOC_ENABLE_AUTO=y @@ -780,7 +786,6 @@ CONFIG_RAPIDIO_CPS_GEN2=m # CONFIG_BINFMT_ELF=y CONFIG_COMPAT_BINFMT_ELF=y -CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE=y CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y CONFIG_BINFMT_SCRIPT=y # CONFIG_HAVE_AOUT is not set @@ -1123,13 +1128,13 @@ CONFIG_IP_VS_PE_SIP=m # CONFIG_NF_DEFRAG_IPV4=m CONFIG_NF_CONNTRACK_IPV4=m -CONFIG_NF_LOG_ARP=m -CONF
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 461b50493590b60c422b667faf46a3abfe751629 Author: Anthony G. Basile gentoo org> AuthorDate: Mon Aug 17 06:19:02 2015 + Commit: Anthony G. Basile gentoo org> CommitDate: Mon Aug 17 06:19:02 2015 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=461b5049 scripts/cycle.3.sh: fix typo scripts/cycle.3.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/cycle.3.sh b/scripts/cycle.3.sh index 7f195c0..53d7c3b 100644 --- a/scripts/cycle.3.sh +++ b/scripts/cycle.3.sh @@ -6,4 +6,4 @@ install-worldconf emerge -buvNDq --keep-going --with-bdeps=y @world clean-worldconf emerge -bq @preserved-rebuild -emerge --deplcean +emerge --depclean
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: /, scripts/, core/var/lib/portage/
commit: 2deee6b4203e1f6234541264e744cc1e045d6dd5
Author: Anthony G. Basile gentoo org>
AuthorDate: Sat Jul 25 21:56:21 2015 +
Commit: Anthony G. Basile gentoo org>
CommitDate: Sat Jul 25 21:56:21 2015 +
URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=2deee6b4
Bring build steps in line with desktop-amd64-uclibc-hardened.
build | 11 +-
core/var/lib/portage/world.CYCLE.1 | 64 -
core/var/lib/portage/world.CYCLE.2 |2 -
core/var/lib/portage/world.CYCLE.3 | 3514
.../lib/portage/{world.CYCLE.3 => world.CYCLE.4} |0
scripts/cycle.1.sh | 20 +-
scripts/cycle.2.sh |7 +-
scripts/{cycle.2.sh => cycle.3.sh} |0
8 files changed, 25 insertions(+), 3593 deletions(-)
diff --git a/build b/build
index 1dca94e..77cd44f 100644
--- a/build
+++ b/build
@@ -15,6 +15,13 @@ populate 2
runscript cycle.2.sh
log stamp
+log CYCLE_3
+log stamp
+
+populate 3
+runscript cycle.3.sh
+
+log stamp
log Configure+Cleanup+Kernel
log stamp
@@ -36,8 +43,8 @@ hashit
+log stamp
+
+mount
-+populate 3
-+runscript cycle.2.sh
++populate 4
++runscript cycle.3.sh
+unmount
+
+log stamp
diff --git a/core/var/lib/portage/world.CYCLE.1
b/core/var/lib/portage/world.CYCLE.1
index f388d48..e69de29 100644
--- a/core/var/lib/portage/world.CYCLE.1
+++ b/core/var/lib/portage/world.CYCLE.1
@@ -1,64 +0,0 @@
-app-admin/sudo
-app-admin/syslog-ng
-app-arch/file-roller
-app-editors/gedit
-app-editors/nano
-app-editors/vim
-app-office/abiword
-app-portage/gentoolkit
-app-portage/layman
-app-text/evince
-app-text/tree
-dev-lang/python
-dev-lang/tcl
-dev-libs/gmp
-dev-util/strace
-dev-vcs/git
-gnome-extra/gnome-system-monitor
-mail-client/claws-mail
-mail-client/nail
-mail-mta/postfix
-media-gfx/eog
-media-gfx/gimp
-media-sound/alsa-utils
-media-video/smplayer
-net-analyzer/tcpdump
-net-dns/avahi
-net-dns/bind-tools
-net-fs/samba
-net-ftp/lftp
-net-irc/hexchat
-net-mail/dovecot
-net-misc/openntpd
-net-misc/rdate
-net-misc/tor
-net-misc/vinagre
-net-p2p/transmission
-net-wireless/wpa_supplicant
-sys-apps/dbus
-sys-apps/elfix
-sys-apps/gradm
-sys-apps/less
-sys-apps/paxctl
-sys-apps/pciutils
-sys-boot/lilo
-sys-devel/gdb
-sys-fs/cryptsetup
-sys-kernel/genkernel
-sys-kernel/linux-firmware
-sys-libs/cracklib
-sys-libs/db
-sys-libs/gdbm
-sys-process/lsof
-www-client/midori
-x11-base/xorg-server
-x11-libs/gksu
-x11-misc/slim
-x11-terms/xfce4-terminal
-x11-terms/xterm
-xfce-base/xfce4-appfinder
-xfce-base/xfce4-meta
-xfce-extra/thunar-archive-plugin
-xfce-extra/thunar-shares-plugin
-xfce-extra/xfce4-mixer
-xfce-extra/xfce4-volumed
diff --git a/core/var/lib/portage/world.CYCLE.2
b/core/var/lib/portage/world.CYCLE.2
index 99a66a4..f388d48 100644
--- a/core/var/lib/portage/world.CYCLE.2
+++ b/core/var/lib/portage/world.CYCLE.2
@@ -5,7 +5,6 @@ app-editors/gedit
app-editors/nano
app-editors/vim
app-office/abiword
-app-office/gnumeric
app-portage/gentoolkit
app-portage/layman
app-text/evince
@@ -50,7 +49,6 @@ sys-kernel/linux-firmware
sys-libs/cracklib
sys-libs/db
sys-libs/gdbm
-sys-process/fcron
sys-process/lsof
www-client/midori
x11-base/xorg-server
diff --git a/core/var/lib/portage/world.CYCLE.3
b/core/var/lib/portage/world.CYCLE.3
index 50fb095..99a66a4 100644
--- a/core/var/lib/portage/world.CYCLE.3
+++ b/core/var/lib/portage/world.CYCLE.3
@@ -1,3580 +1,66 @@
-app-accessibility/accerciser
-app-accessibility/emacspeak
-app-accessibility/epos
-app-accessibility/espeakup
-app-accessibility/nfbtrans
-app-accessibility/speechd-el
-app-admin/analog
-app-admin/ansible
-app-admin/apachetop
-app-admin/apg
-app-admin/chroot_safe
-app-admin/chrootuid
-app-admin/clustershell
-app-admin/conky
-app-admin/conserver
-app-admin/cpulimit
-app-admin/cronolog
-app-admin/denyhosts
-app-admin/diradm
-app-admin/durep
-app-admin/emacs-updater
-app-admin/evtxtools
-app-admin/fetchlog
-app-admin/genromfs
-app-admin/gentoo-rsync-mirror
-app-admin/grubconfig
-app-admin/gtkdiskfree
-app-admin/hardening-check
-app-admin/hardinfo
-app-admin/ide-smart
-app-admin/kedpm
-app-admin/lib_users
-app-admin/localepurge
-app-admin/logcheck
-app-admin/logmon
-app-admin/logsurfer+
-app-admin/lsat
-app-admin/lsyncd
-app-admin/mcelog
-app-admin/mktwpol
-app-admin/monit
-app-admin/passook
-app-admin/pprocm
-app-admin/procinfo-ng
-app-admin/psmon
-app-admin/pwcrypt
-app-admin/pwgen
-app-admin/pydf
-app-admin/qpage
-app-admin/quickswitch
-app-admin/ranpwd
-app-admin/reportmagic
-app-admin/showconsole
-app-admin/sshguard
app-admin/sudo
-app-admin/superadduser
-app-admin/supervisor
-app-admin/swatch
-app-admin/sxid
app-admin/syslog-ng
-app-admin/syslog-summary
-app-admin/sysstat
-app-admin/tenshi
-app-admin/testdisk
-app-admin/tmpreaper
-app-admin/tmpwatch
-app-admin/ulogd
-app-admin/usbview
-app-admin/verynice
-app-admin/webalizer
-app-ad
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 2e8a8d5a2d9a114b950bb4765e94b7807ca55732 Author: Anthony G. Basile gentoo org> AuthorDate: Sat Jul 25 19:22:10 2015 + Commit: Anthony G. Basile gentoo org> CommitDate: Sat Jul 25 19:22:10 2015 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=2e8a8d5a scripts/initrc.sh: use classical interface naming. scripts/initrc.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/initrc.sh b/scripts/initrc.sh index 9cf5883..5e58d6a 100644 --- a/scripts/initrc.sh +++ b/scripts/initrc.sh @@ -1,6 +1,9 @@ #!/bin/bash -e +# We default to classical interface naming. ln -sf /etc/init.d/net.lo /etc/init.d/net.eth0 +touch /etc/udev/rules.d/80-net-name-slot.rules + rc-update add alsasound default rc-update add cupsd default rc-update add fcron default
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: 6869a9b2c0a0861e1772822165fd2ea6bdc39574 Author: Anthony G. Basile gentoo org> AuthorDate: Sat Jul 25 01:11:41 2015 + Commit: Anthony G. Basile gentoo org> CommitDate: Sat Jul 25 01:11:41 2015 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=6869a9b2 Bump kernel to 4.0.8. scripts/kernel-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/kernel-config b/scripts/kernel-config index 114243a..215386c 100644 --- a/scripts/kernel-config +++ b/scripts/kernel-config @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.0.6-hardened-r2 Kernel Configuration +# Linux/x86 4.0.8-hardened Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: fdd8759e62eeef7680769d6381256ba171473fbe
Author: Anthony G. Basile gentoo org>
AuthorDate: Thu Jul 9 01:24:30 2015 +
Commit: Anthony G. Basile gentoo org>
CommitDate: Thu Jul 9 01:24:30 2015 +
URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=fdd8759e
scripts/clean.sh: fix typo again
scripts/clean.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/scripts/clean.sh b/scripts/clean.sh
index b1ad9e0..2022316 100644
--- a/scripts/clean.sh
+++ b/scripts/clean.sh
@@ -2,4 +2,5 @@
for d in /tmp /var/tmp /var/log; do
find ${d} -mindepth 1 -exec rm -rf {} +
+done
rm -rf /etc/resolv.conf
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: d75aa00ff213e50bae833fa6c64eefa50d22d8ed
Author: Anthony G. Basile gentoo org>
AuthorDate: Wed Jul 8 18:50:40 2015 +
Commit: Anthony G. Basile gentoo org>
CommitDate: Wed Jul 8 18:50:40 2015 +
URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=d75aa00f
scripts/clean.sh: fix typo.
scripts/clean.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/clean.sh b/scripts/clean.sh
index 0424c9d..b1ad9e0 100644
--- a/scripts/clean.sh
+++ b/scripts/clean.sh
@@ -2,4 +2,4 @@
for d in /tmp /var/tmp /var/log; do
find ${d} -mindepth 1 -exec rm -rf {} +
-rm -rf /etc/resolv.con
+rm -rf /etc/resolv.conf
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/, /
commit: ace87bdaff524bc5ddc79dd25bb237fbe82d67b2
Author: Anthony G. Basile gentoo org>
AuthorDate: Wed Jul 8 15:18:54 2015 +
Commit: Anthony G. Basile gentoo org>
CommitDate: Wed Jul 8 15:18:54 2015 +
URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=ace87bda
scripts/clean.sh: migrate cleaning to chroot script.
build| 9 ++---
scripts/clean.sh | 5 +
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/build b/build
index 49d2f2e..1dca94e 100644
--- a/build
+++ b/build
@@ -20,20 +20,15 @@ log stamp
runscript initrc.sh
runscript passwd.sh
+runscript clean.sh
unmount
-clean
kernel
log stamp
-log Tar_it
+log Tar+Hash
log stamp
tarit
-
-log stamp
-log Hash_it
-log stamp
-
hashit
+log stamp
diff --git a/scripts/clean.sh b/scripts/clean.sh
new file mode 100644
index 000..0424c9d
--- /dev/null
+++ b/scripts/clean.sh
@@ -0,0 +1,5 @@
+#!/bin/bash -e
+
+for d in /tmp /var/tmp /var/log; do
+find ${d} -mindepth 1 -exec rm -rf {} +
+rm -rf /etc/resolv.con
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/
commit: d53604f06653028042c7c8ec85cb3ea47c248a6d Author: Anthony G. Basile gentoo org> AuthorDate: Sat Jul 4 22:39:32 2015 + Commit: Anthony G. Basile gentoo org> CommitDate: Sat Jul 4 22:39:32 2015 + URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=d53604f0 Switch from udev to eudev. scripts/cycle.1.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/cycle.1.sh b/scripts/cycle.1.sh index 37caa55..c542a02 100644 --- a/scripts/cycle.1.sh +++ b/scripts/cycle.1.sh @@ -4,6 +4,8 @@ source /etc/profile env-update emerge -b1q portage emerge -b1q =app-portage/grs- +emerge --unmerge sys-fs/udev +emerge -b1q sys-fs/eudev install-worldconf emerge -bevq --keep-going --with-bdeps=y @world clean-worldconf
[gentoo-commits] proj/grs:desktop-amd64-hardened commit in: scripts/, core/etc/portage/, core/etc/grs/
commit: 7b08b93c96d3b33bf92dddb65ff8b3b07b3c46de
Author: Anthony G. Basile gentoo org>
AuthorDate: Sat Jul 4 21:51:56 2015 +
Commit: Anthony G. Basile gentoo org>
CommitDate: Sat Jul 4 21:51:56 2015 +
URL:https://gitweb.gentoo.org/proj/grs.git/commit/?id=7b08b93c
Restore python3.4 because of app-portage/grs.
core/etc/grs/world.conf| 2 +-
core/etc/portage/make.conf.CYCLE.1 | 1 +
core/etc/portage/make.conf.CYCLE.2 | 1 +
scripts/cycle.1.sh | 2 ++
4 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/core/etc/grs/world.conf b/core/etc/grs/world.conf
index c37b166..63df540 100644
--- a/core/etc/grs/world.conf
+++ b/core/etc/grs/world.conf
@@ -6284,7 +6284,7 @@ package.use/net-irc_shadowircd_0 : net-irc/shadowircd:0
-debug -largenet ipv6 ss
package.use/net-irc_weechat_0 : net-irc/weechat:0 -doc -nls -test alias
charset exec fifo guile irc logger lua perl python relay ruby scripts spell ssl
tcl trigger xfer
[net-irc/znc:0]
-package.use/net-irc_znc_0 : net-irc/znc:0 -daemon -debug ipv6 perl python sasl
ssl tcl
+package.use/net-irc_znc_0 : net-irc/znc:0 -daemon -debug ipv6 perl python sasl
ssl tcl python_targets_python3_3
[net-libs/daq:0]
package.use/net-libs_daq_0 : net-libs/daq:0 -ipq -nfq afpacket dump ipv6 pcap
static-libs
diff --git a/core/etc/portage/make.conf.CYCLE.1
b/core/etc/portage/make.conf.CYCLE.1
index b403319..2706b1e 100644
--- a/core/etc/portage/make.conf.CYCLE.1
+++ b/core/etc/portage/make.conf.CYCLE.1
@@ -3,6 +3,7 @@ CXXFLAGS="${CFLAGS}"
CHOST="x86_64-gentoo-linux-uclibc"
MAKEOPTS="-j17"
PAX_MARKINGS="XT"
+PYTHON_TARGETS="python2_7 python3_4"
LINGUAS="ach af af_ZA ak am an ar ar_JO ar_SA ar_SY as as_IN ast az be
be@latin be_BY bg bg_BG bn bn_BD bn_IN bo bo_CN br brx bs byn ca ca@valencia
ca_ES ca_XV cmn crh cs cs_CZ csb cy cy_GB da da_DK de de_1901 de_CH de_DE de_FR
dgo doi dz ee el el_GR en en@shaw en_AU en_CA en_EN en_GB en_US en_ZA eo eo_UY
es es_419 es_AR es_CL es_CO es_CR es_DO es_ES es_LA es_MX es_UY es_VE et et_EE
eu eu_ES fa fa_IR fi fi_FI fil fo fr fr_CA fr_FR fy fy_NL ga ga_IE gd gez gl
gl_ES gu gu_IN haw he he_IL hi hi_IN hne hr hr_HR hsb ht hu hu_HU hy hy_AM ia
id id_ID is is_IS it it_IT ja ja_JP jv ka ka_GE kk kk_KZ km kn kn_IN ko ko_KR
kok ks ksw ku ky ky_KG la lb lg li lo lt lt_LT lv lv_LV mai me mg mi mk ml
ml_IN mn mni mr mr_IN ms ms_MY mt my my_MM nan nb nb_NO nds ne nl nl_BE nl_NL
nn nn_NO no nqo nr ns nso oc om or or_IN pa pa_IN pam pap pl pl_PL ps pt pt_BR
pt_PT rm ro ro_RO ru ru_RU ru_RU_0 rue rw sa sa_IN sah sat sco sd se sh sh_YU
shn si si_LK sk sk_SK sl sl_SI so son sq sq_AL sr sr@Latn sr@ijekavi
an sr@ijekavianlatin sr@latin sr_BA sr_BA@latin sr_CS sr_RS sr_RS@cyrillic
sr_RS@latin ss st sv sv_SE sw sw_TZ syc ta ta_IN ta_LK te te_IN tg tg_TJ th
th_TH ti ti_ER tig tk tl tlh tn tpi tr tr_TR ts tt tt@iqtelif tt_RU ug uk uk_UA
ur ur_IN ur_PK uz uz@Cyrl uz@Latn uz@cyrillic uz_UZ ve vi vi_VN wa wal wo xh yi
zh zh_CN zh_HK zh_TW zu"
diff --git a/core/etc/portage/make.conf.CYCLE.2
b/core/etc/portage/make.conf.CYCLE.2
index 74720a7..844a47f 100644
--- a/core/etc/portage/make.conf.CYCLE.2
+++ b/core/etc/portage/make.conf.CYCLE.2
@@ -3,5 +3,6 @@ CXXFLAGS="${CFLAGS}"
CHOST="x86_64-gentoo-linux-uclibc"
MAKEOPTS="-j17"
PAX_MARKINGS="XT"
+PYTHON_TARGETS="python2_7 python3_4"
LINGUAS="ach af af_ZA ak am an ar ar_JO ar_SA ar_SY as as_IN ast az be
be@latin be_BY bg bg_BG bn bn_BD bn_IN bo bo_CN br brx bs byn ca ca@valencia
ca_ES ca_XV cmn crh cs cs_CZ csb cy cy_GB da da_DK de de_1901 de_CH de_DE de_FR
dgo doi dz ee el el_GR en en@shaw en_AU en_CA en_EN en_GB en_US en_ZA eo eo_UY
es es_419 es_AR es_CL es_CO es_CR es_DO es_ES es_LA es_MX es_UY es_VE et et_EE
eu eu_ES fa fa_IR fi fi_FI fil fo fr fr_CA fr_FR fy fy_NL ga ga_IE gd gez gl
gl_ES gu gu_IN haw he he_IL hi hi_IN hne hr hr_HR hsb ht hu hu_HU hy hy_AM ia
id id_ID is is_IS it it_IT ja ja_JP jv ka ka_GE kk kk_KZ km kn kn_IN ko ko_KR
kok ks ksw ku ky ky_KG la lb lg li lo lt lt_LT lv lv_LV mai me mg mi mk ml
ml_IN mn mni mr mr_IN ms ms_MY mt my my_MM nan nb nb_NO nds ne nl nl_BE nl_NL
nn nn_NO no nqo nr ns nso oc om or or_IN pa pa_IN pam pap pl pl_PL ps pt pt_BR
pt_PT rm ro ro_RO ru ru_RU ru_RU_0 rue rw sa sa_IN sah sat sco sd se sh sh_YU
shn si si_LK sk sk_SK sl sl_SI so son sq sq_AL sr sr@Latn sr@ijekavi
an sr@ijekavianlatin sr@latin sr_BA sr_BA@latin sr_CS sr_RS sr_RS@cyrillic
sr_RS@latin ss st sv sv_SE sw sw_TZ syc ta ta_IN ta_LK te te_IN tg tg_TJ th
th_TH ti ti_ER tig tk tl tlh tn tpi tr tr_TR ts tt tt@iqtelif tt_RU ug uk uk_UA
ur ur_IN ur_PK uz uz@Cyrl uz@Latn uz@cyrillic uz_UZ ve vi vi_VN wa wal wo xh yi
zh zh_CN zh_HK zh_TW zu"
diff --git a/scripts/cycle.1.sh b/scripts/cycle.1.sh
index d77df0d..37caa55 100644
--- a/scripts/cycle.1.sh
+++ b/scripts/cycle.1.sh
@@ -2,6 +2,8 @@
source /etc/profile
env-update
+emerge -b1q portage
+emerge -b1q =app-portage/grs-
install-worldconf
emerge
