diff --git a/IDs.md b/IDs.md index d2f136e..7d59397 100644 --- a/IDs.md +++ b/IDs.md @@ -9,6 +9,7 @@ 606 jitsi 607 jicofo 608 jvb +608 razorfy 611 unifi 2000 admin \ No newline at end of file diff --git a/mailgw/Makefile b/mailgw/Makefile index 9c34c09..dc76a62 100644 --- a/mailgw/Makefile +++ b/mailgw/Makefile @@ -3,16 +3,21 @@ OT_SUBVER ?= OT_TARBALL = oletools-$(OT_VER).tar.gz OT_URL = https://github.com/decalage2/oletools/releases/download/v$(OT_VER)$(OT_SUBVER)/$(OT_TARBALL) -OF_COMMIT ?= d66e8aeda9b906e0af946218c7460161aa094f61 +OF_COMMIT ?= 738079cbc1fda7db85917ee3764222d55f5b1b3c OF_TARBALL = $(OF_COMMIT).tar.gz OF_URL = https://github.com/HeinleinSupport/olefy/archive/$(OF_TARBALL) +RF_COMMIT ?= 93f31400f1a6a02d69d9ddcf16a589ac54cad58e +RF_TARBALL = $(RF_COMMIT).tar.gz +RF_URL = https://github.com/HeinleinSupport/razorfy/archive/$(RF_TARBALL) + preinstall: # hardcoded users and groups $(inroot) useradd --system --comment="created from appliance building - zabbix user" --home-dir="/var/lib/zabbix/home" --shell="/sbin/nologin" --no-create-home --uid 600 --user-group zabbix $(inroot) useradd --system --comment="created from appliance building - clamav user" --home-dir="/dev/null" --shell="/sbin/nologin" --no-create-home --uid 601 --user-group clamav $(inroot) useradd --system --comment="created from appliance building - rspamd user" --home-dir="/var/lib/rspamd" --shell="/sbin/nologin" --no-create-home --uid 602 --user-group rspamd $(inroot) useradd --system --comment="created from appliance building - olefy user" --home-dir="/dev/null" --shell="/sbin/nologin" --no-create-home --uid 603 --user-group olefy + $(inroot) useradd --system --comment="created from appliance building - razorfy user" --home-dir="/dev/null" --shell="/sbin/nologin" --no-create-home --uid 608 --user-group razorfy # switch to hardened, build hardened toolchain, rebuild everything mkdir -p $(CHROOT)/etc/portage/profile echo "-hardened" >> $(CHROOT)/etc/portage/profile/use.mask @@ -35,6 +40,12 @@ install_olefy: sed -i 's#/usr/local/bin/#/usr/bin/#' $(CHROOT)/etc/olefy.conf sed -i 's#/usr/local/bin/#/usr/bin/#' $(CHROOT)/etc/systemd/system/olefy.service +install_razorfy: + $(inroot) test -f /usr/portage/distfiles/$(RF_TARBALL) || \ + $(inroot) wget -P /usr/portage/distfiles $(RF_URL) + $(inroot) sh -c 'tar xf /usr/portage/distfiles/$(RF_TARBALL) -C /tmp && cd /tmp/razorfy-$(RF_COMMIT) && cp razorfy.pl /usr/bin && cp razorfy.conf /etc && cp razorfy.service /etc/systemd/system' + sed -i 's#/usr/local/bin/#/usr/bin/#' $(CHROOT)/etc/systemd/system/razorfy.service + postinstall: base/timesyncd.conf base/firstboot.start # Konfigurationen anpassen cp base/timesyncd.conf $(CHROOT)/etc/systemd/timesyncd.conf @@ -68,10 +79,17 @@ postinstall: base/timesyncd.conf base/firstboot.start rm -rf $(CHROOT)/var/lib/mysql/* $(inroot) bash -c 'yes gentoo | emerge --config dev-db/mariadb' + # Wegen razorfy muß Perl mit USE=ithreads gebaut werden. + # Deswegen müssen auch alle Module neu erstellt werden. + $(inroot)perl-cleaner --reallyall + # oletools zur Office-Macro-Erkennung in rspamd $(MAKE) install_oletools $(MAKE) install_olefy + # razorfy zur Razor-Einbindung in rspamd + $(MAKE) install_razorfy + # Anpassungen $(inroot) usermod -a -G clamav rspamd clean: diff --git a/mailgw/kernel.config b/mailgw/kernel.config index 5da9c5f..700828c 100644 --- a/mailgw/kernel.config +++ b/mailgw/kernel.config @@ -1,15 +1,18 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.19.97-gentoo Kernel Configuration +# Linux/x86 5.4.28-gentoo Kernel Configuration # # -# Compiler: gcc (Gentoo 9.2.0-r2 p3) 9.2.0 +# Compiler: gcc (Gentoo Hardened 9.2.0-r2 p3) 9.2.0 # CONFIG_CC_IS_GCC=y CONFIG_GCC_VERSION=90200 CONFIG_CLANG_VERSION=0 +CONFIG_CC_CAN_LINK=y CONFIG_CC_HAS_ASM_GOTO=y +CONFIG_CC_HAS_ASM_INLINE=y +CONFIG_CC_HAS_WARN_MAYBE_UNINITIALIZED=y CONFIG_IRQ_WORK=y CONFIG_BUILDTIME_EXTABLE_SORT=y CONFIG_THREAD_INFO_IN_TASK=y @@ -61,8 +64,11 @@ CONFIG_GENERIC_IRQ_MATRIX_ALLOCATOR=y CONFIG_GENERIC_IRQ_RESERVATION_MODE=y CONFIG_IRQ_FORCED_THREADING=y CONFIG_SPARSE_IRQ=y +# end of IRQ subsystem + CONFIG_CLOCKSOURCE_WATCHDOG=y CONFIG_ARCH_CLOCKSOURCE_DATA=y +CONFIG_ARCH_CLOCKSOURCE_INIT=y CONFIG_CLOCKSOURCE_VALIDATE_LAST_CYCLE=y CONFIG_GENERIC_TIME_VSYSCALL=y CONFIG_GENERIC_CLOCKEVENTS=y @@ -80,6 +86,8 @@ CONFIG_NO_HZ_IDLE=y # CONFIG_NO_HZ_FULL is not set CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y +# end of Timers subsystem + CONFIG_PREEMPT_NONE=y # CONFIG_PREEMPT_VOLUNTARY is not set # CONFIG_PREEMPT is not set @@ -92,6 +100,9 @@ CONFIG_TICK_CPU_ACCOUNTING=y # CONFIG_IRQ_TIME_ACCOUNTING is not set # CONFIG_BSD_PROCESS_ACCT is not set # CONFIG_TASKSTATS is not set +# CONFIG_PSI is not set +# end of CPU/Task time and stats accounting + CONFIG_CPU_ISOLATION=y # @@ -103,13 +114,22 @@ CONFIG_SRCU=y CONFIG_TREE_SRCU=y CONFIG_RCU_STALL_COMMON=y CONFIG_RCU_NEED_SEGCBLIST=y -CONFIG_BUILD_BIN2C=y +# end of RCU Subsystem + CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y +# CONFIG_IKHEADERS is not set CONFIG_LOG_BUF_SHIFT=18 CONFIG_LOG_CPU_MAX_BUF_SHIFT=12 CONFIG_PRINTK_SAFE_LOG_BUF_SHIFT=13 CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y + +# +# Scheduler features +# +# CONFIG_UCLAMP_TASK is not set +# end of Scheduler features + CONFIG_ARCH_SUPPORTS_NUMA_BALANCING=y CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y CONFIG_ARCH_SUPPORTS_INT128=y @@ -124,7 +144,9 @@ CONFIG_CGROUPS=y # CONFIG_CGROUP_DEVICE is not set # CONFIG_CGROUP_CPUACCT is not set # CONFIG_CGROUP_PERF is not set +CONFIG_CGROUP_BPF=y # CONFIG_CGROUP_DEBUG is not set +CONFIG_SOCK_CGROUP_DATA=y CONFIG_NAMESPACES=y CONFIG_UTS_NS=y CONFIG_IPC_NS=y @@ -139,7 +161,6 @@ CONFIG_CHECKPOINT_RESTORE=y CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set CONFIG_SYSCTL=y -CONFIG_ANON_INODES=y CONFIG_HAVE_UID16=y CONFIG_SYSCTL_EXCEPTION_TRACE=y CONFIG_HAVE_PCSPKR_PLATFORM=y @@ -165,13 +186,14 @@ CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y +CONFIG_IO_URING=y CONFIG_ADVISE_SYSCALLS=y CONFIG_MEMBARRIER=y CONFIG_KALLSYMS=y # CONFIG_KALLSYMS_ALL is not set CONFIG_KALLSYMS_ABSOLUTE_PERCPU=y CONFIG_KALLSYMS_BASE_RELATIVE=y -# CONFIG_BPF_SYSCALL is not set +CONFIG_BPF_SYSCALL=y # CONFIG_USERFAULTFD is not set CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y CONFIG_RSEQ=y @@ -183,6 +205,8 @@ CONFIG_HAVE_PERF_EVENTS=y # CONFIG_PERF_EVENTS=y # CONFIG_DEBUG_PERF_USE_VMALLOC is not set +# end of Kernel Performance Events And Counters + CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLUB_DEBUG=y # CONFIG_COMPAT_BRK is not set @@ -191,8 +215,11 @@ CONFIG_SLUB=y CONFIG_SLAB_MERGE_DEFAULT=y # CONFIG_SLAB_FREELIST_RANDOM is not set CONFIG_SLAB_FREELIST_HARDENED=y +# CONFIG_SHUFFLE_PAGE_ALLOCATOR is not set CONFIG_SLUB_CPU_PARTIAL=y # CONFIG_PROFILING is not set +# end of General setup + CONFIG_64BIT=y CONFIG_X86_64=y CONFIG_X86=y @@ -209,9 +236,7 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 CONFIG_GENERIC_ISA_DMA=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y -CONFIG_GENERIC_HWEIGHT=y CONFIG_ARCH_MAY_HAVE_PC_FDC=y -CONFIG_RWSEM_XCHGADD_ALGORITHM=y CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_ARCH_HAS_CPU_RELAX=y CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y @@ -221,11 +246,9 @@ CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y CONFIG_ARCH_HIBERNATION_POSSIBLE=y CONFIG_ARCH_SUSPEND_POSSIBLE=y -CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y CONFIG_ARCH_WANT_GENERAL_HUGETLB=y CONFIG_ZONE_DMA32=y CONFIG_AUDIT_ARCH=y -CONFIG_ARCH_SUPPORTS_OPTIMIZED_INLINING=y CONFIG_ARCH_SUPPORTS_DEBUG_PAGEALLOC=y CONFIG_X86_64_SMP=y CONFIG_ARCH_SUPPORTS_UPROBES=y @@ -243,7 +266,7 @@ CONFIG_X86_FEATURE_NAMES=y # CONFIG_X86_MPPARSE is not set # CONFIG_GOLDFISH is not set CONFIG_RETPOLINE=y -# CONFIG_INTEL_RDT is not set +# CONFIG_X86_CPU_RESCTRL is not set # CONFIG_X86_EXTENDED_PLATFORM is not set # CONFIG_X86_INTEL_LPSS is not set # CONFIG_X86_AMD_PLATFORM_DEVICE is not set @@ -251,8 +274,10 @@ CONFIG_IOSF_MBI=y # CONFIG_SCHED_OMIT_FRAME_POINTER is not set CONFIG_HYPERVISOR_GUEST=y CONFIG_PARAVIRT=y +CONFIG_PARAVIRT_XXL=y # CONFIG_PARAVIRT_DEBUG is not set # CONFIG_PARAVIRT_SPINLOCKS is not set +CONFIG_X86_HV_CALLBACK_VECTOR=y CONFIG_XEN=y CONFIG_XEN_PV=y CONFIG_XEN_PV_SMP=y @@ -263,10 +288,12 @@ CONFIG_XEN_512GB=y CONFIG_XEN_SAVE_RESTORE=y CONFIG_XEN_PVH=y CONFIG_KVM_GUEST=y +CONFIG_ARCH_CPUIDLE_HALTPOLL=y +CONFIG_PVH=y # CONFIG_PARAVIRT_TIME_ACCOUNTING is not set CONFIG_PARAVIRT_CLOCK=y # CONFIG_JAILHOUSE_GUEST is not set -CONFIG_NO_BOOTMEM=y +# CONFIG_ACRN_GUEST is not set # CONFIG_MK8 is not set # CONFIG_MPSC is not set # CONFIG_MCORE2 is not set @@ -281,7 +308,9 @@ CONFIG_X86_MINIMUM_CPU_FAMILY=64 CONFIG_X86_DEBUGCTLMSR=y CONFIG_CPU_SUP_INTEL=y CONFIG_CPU_SUP_AMD=y +CONFIG_CPU_SUP_HYGON=y CONFIG_CPU_SUP_CENTAUR=y +CONFIG_CPU_SUP_ZHAOXIN=y CONFIG_HPET_TIMER=y CONFIG_HPET_EMULATE_RTC=y CONFIG_DMI=y @@ -307,6 +336,8 @@ CONFIG_PERF_EVENTS_INTEL_UNCORE=y CONFIG_PERF_EVENTS_INTEL_RAPL=y CONFIG_PERF_EVENTS_INTEL_CSTATE=y # CONFIG_PERF_EVENTS_AMD_POWER is not set +# end of Performance monitoring + CONFIG_X86_16BIT=y CONFIG_X86_ESPFIX64=y CONFIG_X86_VSYSCALL_EMULATION=y @@ -316,7 +347,6 @@ CONFIG_X86_VSYSCALL_EMULATION=y # CONFIG_X86_CPUID is not set # CONFIG_X86_5LEVEL is not set CONFIG_X86_DIRECT_GBPAGES=y -CONFIG_ARCH_HAS_MEM_ENCRYPT=y # CONFIG_AMD_MEM_ENCRYPT is not set # CONFIG_NUMA is not set CONFIG_ARCH_SPARSEMEM_ENABLE=y @@ -360,10 +390,13 @@ CONFIG_HOTPLUG_CPU=y # CONFIG_DEBUG_HOTPLUG_CPU0 is not set # CONFIG_COMPAT_VDSO is not set # CONFIG_LEGACY_VSYSCALL_EMULATE is not set +# CONFIG_LEGACY_VSYSCALL_XONLY is not set CONFIG_LEGACY_VSYSCALL_NONE=y # CONFIG_CMDLINE_BOOL is not set CONFIG_MODIFY_LDT_SYSCALL=y CONFIG_HAVE_LIVEPATCH=y +# end of Processor type and features + CONFIG_ARCH_HAS_ADD_PAGES=y CONFIG_ARCH_ENABLE_MEMORY_HOTPLUG=y CONFIG_ARCH_ENABLE_SPLIT_PMD_PTLOCK=y @@ -383,6 +416,7 @@ CONFIG_PM=y # CONFIG_PM_DEBUG is not set CONFIG_PM_CLK=y # CONFIG_WQ_POWER_EFFICIENT_DEFAULT is not set +# CONFIG_ENERGY_MODEL is not set CONFIG_ARCH_SUPPORTS_ACPI=y CONFIG_ACPI=y CONFIG_ACPI_LEGACY_TABLES_LOOKUP=y @@ -461,6 +495,7 @@ CONFIG_X86_ACPI_CPUFREQ=y # # shared options # +# end of CPU Frequency scaling # # CPU Idle @@ -468,96 +503,41 @@ CONFIG_X86_ACPI_CPUFREQ=y CONFIG_CPU_IDLE=y CONFIG_CPU_IDLE_GOV_LADDER=y CONFIG_CPU_IDLE_GOV_MENU=y +# CONFIG_CPU_IDLE_GOV_TEO is not set +# CONFIG_CPU_IDLE_GOV_HALTPOLL is not set +CONFIG_HALTPOLL_CPUIDLE=y +# end of CPU Idle + # CONFIG_INTEL_IDLE is not set +# end of Power management and ACPI options # # Bus options (PCI etc.) # -CONFIG_PCI=y CONFIG_PCI_DIRECT=y # CONFIG_PCI_MMCONFIG is not set CONFIG_PCI_XEN=y -CONFIG_PCI_DOMAINS=y -CONFIG_PCIEPORTBUS=y -CONFIG_HOTPLUG_PCI_PCIE=y -# CONFIG_PCIEAER is not set -CONFIG_PCIEASPM=y -# CONFIG_PCIEASPM_DEBUG is not set -CONFIG_PCIEASPM_DEFAULT=y -# CONFIG_PCIEASPM_POWERSAVE is not set -# CONFIG_PCIEASPM_POWER_SUPERSAVE is not set -# CONFIG_PCIEASPM_PERFORMANCE is not set -CONFIG_PCIE_PME=y -# CONFIG_PCIE_PTM is not set -CONFIG_PCI_MSI=y -CONFIG_PCI_MSI_IRQ_DOMAIN=y -CONFIG_PCI_QUIRKS=y -# CONFIG_PCI_DEBUG is not set -# CONFIG_PCI_REALLOC_ENABLE_AUTO is not set -# CONFIG_PCI_STUB is not set -# CONFIG_PCI_PF_STUB is not set -CONFIG_XEN_PCIDEV_FRONTEND=y -CONFIG_PCI_ATS=y -CONFIG_PCI_LOCKLESS_CONFIG=y -CONFIG_PCI_IOV=y -# CONFIG_PCI_PRI is not set -# CONFIG_PCI_PASID is not set -CONFIG_PCI_LABEL=y -CONFIG_HOTPLUG_PCI=y -CONFIG_HOTPLUG_PCI_ACPI=y -# CONFIG_HOTPLUG_PCI_ACPI_IBM is not set -# CONFIG_HOTPLUG_PCI_CPCI is not set -# CONFIG_HOTPLUG_PCI_SHPC is not set - -# -# PCI controller drivers -# - -# -# Cadence PCIe controllers support -# -# CONFIG_VMD is not set - -# -# DesignWare PCI Core Support -# -# CONFIG_PCIE_DW_PLAT_HOST is not set - -# -# PCI Endpoint -# -# CONFIG_PCI_ENDPOINT is not set - -# -# PCI switch controller drivers -# -# CONFIG_PCI_SW_SWITCHTEC is not set CONFIG_ISA_DMA_API=y CONFIG_AMD_NB=y -# CONFIG_PCCARD is not set -# CONFIG_RAPIDIO is not set # CONFIG_X86_SYSFB is not set +# end of Bus options (PCI etc.) # # Binary Emulations # CONFIG_IA32_EMULATION=y -# CONFIG_IA32_AOUT is not set # CONFIG_X86_X32 is not set CONFIG_COMPAT_32=y CONFIG_COMPAT=y CONFIG_COMPAT_FOR_U64_ALIGNMENT=y CONFIG_SYSVIPC_COMPAT=y -CONFIG_X86_DEV_DMA_OPS=y -CONFIG_HAVE_GENERIC_GUP=y +# end of Binary Emulations # # Firmware Drivers # # CONFIG_EDD is not set CONFIG_FIRMWARE_MEMMAP=y -# CONFIG_DELL_RBU is not set -# CONFIG_DCDBAS is not set CONFIG_DMIID=y # CONFIG_DMI_SYSFS is not set CONFIG_DMI_SCAN_MACHINE_NON_EFI_FALLBACK=y @@ -565,10 +545,14 @@ CONFIG_DMI_SCAN_MACHINE_NON_EFI_FALLBACK=y CONFIG_FW_CFG_SYSFS=y # CONFIG_FW_CFG_SYSFS_CMDLINE is not set # CONFIG_GOOGLE_FIRMWARE is not set +CONFIG_EFI_EARLYCON=y # # Tegra firmware driver # +# end of Tegra firmware driver +# end of Firmware Drivers + CONFIG_HAVE_KVM=y CONFIG_VIRTUALIZATION=y # CONFIG_KVM is not set @@ -599,10 +583,13 @@ CONFIG_HAVE_DMA_CONTIGUOUS=y CONFIG_GENERIC_SMP_IDLE_THREAD=y CONFIG_ARCH_HAS_FORTIFY_SOURCE=y CONFIG_ARCH_HAS_SET_MEMORY=y +CONFIG_ARCH_HAS_SET_DIRECT_MAP=y CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y CONFIG_ARCH_WANTS_DYNAMIC_TASK_STRUCT=y +CONFIG_HAVE_ASM_MODVERSIONS=y CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y CONFIG_HAVE_RSEQ=y +CONFIG_HAVE_FUNCTION_ARG_ACCESS_API=y CONFIG_HAVE_CLK=y CONFIG_HAVE_HW_BREAKPOINT=y CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y @@ -612,8 +599,8 @@ CONFIG_HAVE_HARDLOCKUP_DETECTOR_PERF=y CONFIG_HAVE_PERF_REGS=y CONFIG_HAVE_PERF_USER_STACK_DUMP=y CONFIG_HAVE_ARCH_JUMP_LABEL=y +CONFIG_HAVE_ARCH_JUMP_LABEL_RELATIVE=y CONFIG_HAVE_RCU_TABLE_FREE=y -CONFIG_HAVE_RCU_TABLE_INVALIDATE=y CONFIG_ARCH_HAVE_NMI_SAFE_CMPXCHG=y CONFIG_HAVE_ALIGNED_STRUCT_PAGE=y CONFIG_HAVE_CMPXCHG_LOCAL=y @@ -622,6 +609,7 @@ CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION=y CONFIG_ARCH_WANT_OLD_COMPAT_IPC=y CONFIG_HAVE_ARCH_SECCOMP_FILTER=y CONFIG_SECCOMP_FILTER=y +CONFIG_HAVE_ARCH_STACKLEAK=y CONFIG_HAVE_STACKPROTECTOR=y CONFIG_CC_HAS_STACKPROTECTOR_NONE=y CONFIG_STACKPROTECTOR=y @@ -630,9 +618,11 @@ CONFIG_HAVE_ARCH_WITHIN_STACK_FRAMES=y CONFIG_HAVE_CONTEXT_TRACKING=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y +CONFIG_HAVE_MOVE_PMD=y CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE=y CONFIG_HAVE_ARCH_TRANSPARENT_HUGEPAGE_PUD=y CONFIG_HAVE_ARCH_HUGE_VMAP=y +CONFIG_ARCH_WANT_HUGE_PMD_SHARE=y CONFIG_HAVE_ARCH_SOFT_DIRTY=y CONFIG_HAVE_MOD_ARCH_SPECIFIC=y CONFIG_MODULES_USE_ELF_RELA=y @@ -649,6 +639,7 @@ CONFIG_HAVE_STACK_VALIDATION=y CONFIG_HAVE_RELIABLE_STACKTRACE=y CONFIG_OLD_SIGSUSPEND3=y CONFIG_COMPAT_OLD_SIGACTION=y +CONFIG_64BIT_TIME=y CONFIG_COMPAT_32BIT_TIME=y CONFIG_HAVE_ARCH_VMAP_STACK=y CONFIG_VMAP_STACK=y @@ -658,14 +649,20 @@ CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y CONFIG_ARCH_HAS_REFCOUNT=y # CONFIG_REFCOUNT_FULL is not set CONFIG_HAVE_ARCH_PREL32_RELOCATIONS=y +CONFIG_ARCH_USE_MEMREMAP_PROT=y +CONFIG_ARCH_HAS_MEM_ENCRYPT=y # # GCOV-based kernel profiling # CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y +# end of GCOV-based kernel profiling + CONFIG_PLUGIN_HOSTCC="g++" CONFIG_HAVE_GCC_PLUGINS=y # CONFIG_GCC_PLUGINS is not set +# end of General architecture-dependent options + CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 # CONFIG_MODULES is not set @@ -703,22 +700,21 @@ CONFIG_MSDOS_PARTITION=y CONFIG_EFI_PARTITION=y # CONFIG_SYSV68_PARTITION is not set # CONFIG_CMDLINE_PARTITION is not set +# end of Partition Types + CONFIG_BLOCK_COMPAT=y CONFIG_BLK_MQ_PCI=y CONFIG_BLK_MQ_VIRTIO=y +CONFIG_BLK_PM=y # # IO Schedulers # -CONFIG_IOSCHED_NOOP=y -# CONFIG_IOSCHED_DEADLINE is not set -CONFIG_IOSCHED_CFQ=y -CONFIG_DEFAULT_CFQ=y -# CONFIG_DEFAULT_NOOP is not set -CONFIG_DEFAULT_IOSCHED="cfq" CONFIG_MQ_IOSCHED_DEADLINE=y CONFIG_MQ_IOSCHED_KYBER=y CONFIG_IOSCHED_BFQ=y +# end of IO Schedulers + CONFIG_INLINE_SPIN_UNLOCK_IRQ=y CONFIG_INLINE_READ_UNLOCK=y CONFIG_INLINE_READ_UNLOCK_IRQ=y @@ -746,6 +742,7 @@ CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y CONFIG_BINFMT_SCRIPT=y # CONFIG_BINFMT_MISC is not set CONFIG_COREDUMP=y +# end of Executable file formats # # Memory Management options @@ -757,9 +754,8 @@ CONFIG_HAVE_MEMORY_PRESENT=y CONFIG_SPARSEMEM_EXTREME=y CONFIG_SPARSEMEM_VMEMMAP_ENABLE=y CONFIG_SPARSEMEM_VMEMMAP=y -CONFIG_HAVE_MEMBLOCK=y CONFIG_HAVE_MEMBLOCK_NODE_MAP=y -CONFIG_ARCH_DISCARD_MEMBLOCK=y +CONFIG_HAVE_FAST_GUP=y # CONFIG_MEMORY_HOTPLUG is not set CONFIG_SPLIT_PTLOCK_CPUS=4 CONFIG_MEMORY_BALLOON=y @@ -786,12 +782,14 @@ CONFIG_ZBUD=y CONFIG_GENERIC_EARLY_IOREMAP=y # CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set # CONFIG_IDLE_PAGE_TRACKING is not set -CONFIG_ARCH_HAS_ZONE_DEVICE=y +CONFIG_ARCH_HAS_PTE_DEVMAP=y CONFIG_ARCH_USES_HIGH_VMA_FLAGS=y CONFIG_ARCH_HAS_PKEYS=y # CONFIG_PERCPU_STATS is not set # CONFIG_GUP_BENCHMARK is not set CONFIG_ARCH_HAS_PTE_SPECIAL=y +# end of Memory Management options + CONFIG_NET=y # @@ -800,16 +798,13 @@ CONFIG_NET=y CONFIG_PACKET=y # CONFIG_PACKET_DIAG is not set CONFIG_UNIX=y +CONFIG_UNIX_SCM=y # CONFIG_UNIX_DIAG is not set CONFIG_TLS=y # CONFIG_TLS_DEVICE is not set -CONFIG_XFRM=y # CONFIG_XFRM_USER is not set -# CONFIG_XFRM_INTERFACE is not set -# CONFIG_XFRM_SUB_POLICY is not set -# CONFIG_XFRM_MIGRATE is not set -# CONFIG_XFRM_STATISTICS is not set # CONFIG_NET_KEY is not set +# CONFIG_XDP_SOCKETS is not set CONFIG_INET=y # CONFIG_IP_MULTICAST is not set # CONFIG_IP_ADVANCED_ROUTER is not set @@ -818,15 +813,13 @@ CONFIG_INET=y # CONFIG_NET_IPGRE_DEMUX is not set CONFIG_NET_IP_TUNNEL=y CONFIG_SYN_COOKIES=y +# CONFIG_NET_IPVTI is not set # CONFIG_NET_FOU is not set # CONFIG_NET_FOU_IP_TUNNELS is not set # CONFIG_INET_AH is not set # CONFIG_INET_ESP is not set # CONFIG_INET_IPCOMP is not set CONFIG_INET_TUNNEL=y -# CONFIG_INET_XFRM_MODE_TRANSPORT is not set -# CONFIG_INET_XFRM_MODE_TUNNEL is not set -# CONFIG_INET_XFRM_MODE_BEET is not set # CONFIG_INET_DIAG is not set # CONFIG_TCP_CONG_ADVANCED is not set CONFIG_TCP_CONG_CUBIC=y @@ -840,10 +833,6 @@ CONFIG_IPV6=y # CONFIG_INET6_IPCOMP is not set # CONFIG_IPV6_MIP6 is not set # CONFIG_IPV6_ILA is not set -CONFIG_INET6_XFRM_MODE_TRANSPORT=y -CONFIG_INET6_XFRM_MODE_TUNNEL=y -CONFIG_INET6_XFRM_MODE_BEET=y -# CONFIG_INET6_XFRM_MODE_ROUTEOPTIMIZATION is not set # CONFIG_IPV6_VTI is not set CONFIG_IPV6_SIT=y # CONFIG_IPV6_SIT_6RD is not set @@ -891,8 +880,8 @@ CONFIG_NF_CONNTRACK=y # CONFIG_NF_CONNTRACK_TFTP is not set # CONFIG_NF_CT_NETLINK is not set CONFIG_NF_NAT=y -CONFIG_NF_NAT_NEEDED=y CONFIG_NF_NAT_REDIRECT=y +CONFIG_NF_NAT_MASQUERADE=y # CONFIG_NF_TABLES is not set CONFIG_NETFILTER_XTABLES=y @@ -917,6 +906,7 @@ CONFIG_NETFILTER_XT_TARGET_NETMAP=y # CONFIG_NETFILTER_XT_TARGET_NFQUEUE is not set # CONFIG_NETFILTER_XT_TARGET_RATEEST is not set CONFIG_NETFILTER_XT_TARGET_REDIRECT=y +CONFIG_NETFILTER_XT_TARGET_MASQUERADE=y # CONFIG_NETFILTER_XT_TARGET_TEE is not set # CONFIG_NETFILTER_XT_TARGET_TCPMSS is not set @@ -953,7 +943,6 @@ CONFIG_NETFILTER_XT_TARGET_REDIRECT=y # CONFIG_NETFILTER_XT_MATCH_NFACCT is not set # CONFIG_NETFILTER_XT_MATCH_OSF is not set # CONFIG_NETFILTER_XT_MATCH_OWNER is not set -# CONFIG_NETFILTER_XT_MATCH_POLICY is not set # CONFIG_NETFILTER_XT_MATCH_PKTTYPE is not set # CONFIG_NETFILTER_XT_MATCH_QUOTA is not set # CONFIG_NETFILTER_XT_MATCH_RATEEST is not set @@ -967,6 +956,8 @@ CONFIG_NETFILTER_XT_TARGET_REDIRECT=y # CONFIG_NETFILTER_XT_MATCH_TCPMSS is not set # CONFIG_NETFILTER_XT_MATCH_TIME is not set # CONFIG_NETFILTER_XT_MATCH_U32 is not set +# end of Core Netfilter Configuration + # CONFIG_IP_SET is not set # CONFIG_IP_VS is not set @@ -980,8 +971,6 @@ CONFIG_NF_DEFRAG_IPV4=y # CONFIG_NF_LOG_ARP is not set # CONFIG_NF_LOG_IPV4 is not set # CONFIG_NF_REJECT_IPV4 is not set -CONFIG_NF_NAT_IPV4=y -CONFIG_NF_NAT_MASQUERADE_IPV4=y CONFIG_IP_NF_IPTABLES=y # CONFIG_IP_NF_MATCH_AH is not set # CONFIG_IP_NF_MATCH_ECN is not set @@ -995,6 +984,7 @@ CONFIG_IP_NF_TARGET_REDIRECT=y # CONFIG_IP_NF_MANGLE is not set # CONFIG_IP_NF_RAW is not set # CONFIG_IP_NF_ARPTABLES is not set +# end of IP: Netfilter Configuration # # IPv6: Netfilter Configuration @@ -1004,8 +994,6 @@ CONFIG_IP_NF_TARGET_REDIRECT=y # CONFIG_NF_DUP_IPV6 is not set # CONFIG_NF_REJECT_IPV6 is not set # CONFIG_NF_LOG_IPV6 is not set -CONFIG_NF_NAT_IPV6=y -CONFIG_NF_NAT_MASQUERADE_IPV6=y CONFIG_IP6_NF_IPTABLES=y # CONFIG_IP6_NF_MATCH_AH is not set # CONFIG_IP6_NF_MATCH_EUI64 is not set @@ -1023,7 +1011,10 @@ CONFIG_IP6_NF_IPTABLES=y CONFIG_IP6_NF_NAT=y CONFIG_IP6_NF_TARGET_MASQUERADE=y CONFIG_IP6_NF_TARGET_NPT=y +# end of IPv6: Netfilter Configuration + CONFIG_NF_DEFRAG_IPV6=y +# CONFIG_NF_CONNTRACK_BRIDGE is not set # CONFIG_BPFILTER is not set # CONFIG_IP_DCCP is not set # CONFIG_IP_SCTP is not set @@ -1066,12 +1057,16 @@ CONFIG_XPS=y # CONFIG_CGROUP_NET_CLASSID is not set CONFIG_NET_RX_BUSY_POLL=y CONFIG_BQL=y +# CONFIG_BPF_STREAM_PARSER is not set CONFIG_NET_FLOW_LIMIT=y # # Network testing # # CONFIG_NET_PKTGEN is not set +# end of Network testing +# end of Networking options + # CONFIG_HAMRADIO is not set # CONFIG_CAN is not set # CONFIG_BT is not set @@ -1090,14 +1085,83 @@ CONFIG_STREAM_PARSER=y # CONFIG_LWTUNNEL is not set CONFIG_DST_CACHE=y CONFIG_GRO_CELLS=y -# CONFIG_NET_DEVLINK is not set -CONFIG_MAY_USE_DEVLINK=y +CONFIG_NET_SOCK_MSG=y CONFIG_FAILOVER=y CONFIG_HAVE_EBPF_JIT=y # # Device Drivers # +CONFIG_HAVE_EISA=y +# CONFIG_EISA is not set +CONFIG_HAVE_PCI=y +CONFIG_PCI=y +CONFIG_PCI_DOMAINS=y +CONFIG_PCIEPORTBUS=y +CONFIG_HOTPLUG_PCI_PCIE=y +# CONFIG_PCIEAER is not set +CONFIG_PCIEASPM=y +# CONFIG_PCIEASPM_DEBUG is not set +CONFIG_PCIEASPM_DEFAULT=y +# CONFIG_PCIEASPM_POWERSAVE is not set +# CONFIG_PCIEASPM_POWER_SUPERSAVE is not set +# CONFIG_PCIEASPM_PERFORMANCE is not set +CONFIG_PCIE_PME=y +# CONFIG_PCIE_PTM is not set +# CONFIG_PCIE_BW is not set +CONFIG_PCI_MSI=y +CONFIG_PCI_MSI_IRQ_DOMAIN=y +CONFIG_PCI_QUIRKS=y +# CONFIG_PCI_DEBUG is not set +# CONFIG_PCI_REALLOC_ENABLE_AUTO is not set +# CONFIG_PCI_STUB is not set +# CONFIG_PCI_PF_STUB is not set +CONFIG_XEN_PCIDEV_FRONTEND=y +CONFIG_PCI_ATS=y +CONFIG_PCI_LOCKLESS_CONFIG=y +CONFIG_PCI_IOV=y +# CONFIG_PCI_PRI is not set +# CONFIG_PCI_PASID is not set +CONFIG_PCI_LABEL=y +CONFIG_HOTPLUG_PCI=y +CONFIG_HOTPLUG_PCI_ACPI=y +# CONFIG_HOTPLUG_PCI_ACPI_IBM is not set +# CONFIG_HOTPLUG_PCI_CPCI is not set +# CONFIG_HOTPLUG_PCI_SHPC is not set + +# +# PCI controller drivers +# + +# +# Cadence PCIe controllers support +# +# end of Cadence PCIe controllers support + +# CONFIG_VMD is not set + +# +# DesignWare PCI Core Support +# +# CONFIG_PCIE_DW_PLAT_HOST is not set +# CONFIG_PCI_MESON is not set +# end of DesignWare PCI Core Support +# end of PCI controller drivers + +# +# PCI Endpoint +# +# CONFIG_PCI_ENDPOINT is not set +# end of PCI Endpoint + +# +# PCI switch controller drivers +# +# CONFIG_PCI_SW_SWITCHTEC is not set +# end of PCI switch controller drivers + +# CONFIG_PCCARD is not set +# CONFIG_RAPIDIO is not set # # Generic Driver Options @@ -1114,6 +1178,9 @@ CONFIG_PREVENT_FIRMWARE_BUILD=y CONFIG_FW_LOADER=y CONFIG_EXTRA_FIRMWARE="" # CONFIG_FW_LOADER_USER_HELPER is not set +# CONFIG_FW_LOADER_COMPRESS is not set +# end of Firmware loader + CONFIG_ALLOW_DEV_COREDUMP=y # CONFIG_DEBUG_DRIVER is not set # CONFIG_DEBUG_DEVRES is not set @@ -1121,12 +1188,13 @@ CONFIG_ALLOW_DEV_COREDUMP=y CONFIG_SYS_HYPERVISOR=y CONFIG_GENERIC_CPU_AUTOPROBE=y CONFIG_GENERIC_CPU_VULNERABILITIES=y -CONFIG_REGMAP=y -CONFIG_REGMAP_I2C=y +# end of Generic Driver Options # # Bus devices # +# end of Bus devices + CONFIG_CONNECTOR=y CONFIG_PROC_EVENTS=y # CONFIG_GNSS is not set @@ -1146,7 +1214,6 @@ CONFIG_BLK_DEV=y # CONFIG_BLK_DEV_FD is not set CONFIG_CDROM=y # CONFIG_BLK_DEV_PCIESSD_MTIP32XX is not set -# CONFIG_BLK_DEV_DAC960 is not set # CONFIG_BLK_DEV_UMEM is not set CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 @@ -1170,6 +1237,7 @@ CONFIG_VIRTIO_BLK_SCSI=y # # CONFIG_BLK_DEV_NVME is not set # CONFIG_NVME_FC is not set +# end of NVME Support # # Misc devices @@ -1178,7 +1246,6 @@ CONFIG_VIRTIO_BLK_SCSI=y # CONFIG_DUMMY_IRQ is not set # CONFIG_IBM_ASM is not set # CONFIG_PHANTOM is not set -# CONFIG_SGI_IOC4 is not set # CONFIG_TIFM_CORE is not set # CONFIG_ICS932S401 is not set # CONFIG_ENCLOSURE_SERVICES is not set @@ -1192,9 +1259,10 @@ CONFIG_VIRTIO_BLK_SCSI=y # CONFIG_HMC6352 is not set # CONFIG_DS1682 is not set CONFIG_VMWARE_BALLOON=y -# CONFIG_USB_SWITCH_FSA9480 is not set # CONFIG_SRAM is not set # CONFIG_PCI_ENDPOINT_TEST is not set +# CONFIG_XILINX_SDFEC is not set +# CONFIG_PVPANIC is not set # CONFIG_C2PORT is not set # @@ -1205,11 +1273,16 @@ CONFIG_VMWARE_BALLOON=y # CONFIG_EEPROM_MAX6875 is not set # CONFIG_EEPROM_93CX6 is not set # CONFIG_EEPROM_IDT_89HPESX is not set +# CONFIG_EEPROM_EE1004 is not set +# end of EEPROM support + # CONFIG_CB710_CORE is not set # # Texas Instruments shared transport line discipline # +# end of Texas Instruments shared transport line discipline + # CONFIG_SENSORS_LIS3_I2C is not set # CONFIG_ALTERA_STAPL is not set # CONFIG_INTEL_MEI is not set @@ -1255,9 +1328,15 @@ CONFIG_VMWARE_VMCI=y # # VOP Driver # +# end of Intel MIC & related support + # CONFIG_GENWQE is not set # CONFIG_ECHO is not set +# CONFIG_MISC_ALCOR_PCI is not set # CONFIG_MISC_RTSX_PCI is not set +# CONFIG_HABANA_AI is not set +# end of Misc devices + CONFIG_HAVE_IDE=y # CONFIG_IDE is not set @@ -1269,7 +1348,6 @@ CONFIG_SCSI_MOD=y CONFIG_SCSI=y CONFIG_SCSI_DMA=y CONFIG_SCSI_NETLINK=y -# CONFIG_SCSI_MQ_DEFAULT is not set # CONFIG_SCSI_PROC_FS is not set # @@ -1277,7 +1355,6 @@ CONFIG_SCSI_NETLINK=y # CONFIG_BLK_DEV_SD=y # CONFIG_CHR_DEV_ST is not set -# CONFIG_CHR_DEV_OSST is not set CONFIG_BLK_DEV_SR=y CONFIG_BLK_DEV_SR_VENDOR=y CONFIG_CHR_DEV_SG=y @@ -1295,6 +1372,8 @@ CONFIG_SCSI_FC_ATTRS=y CONFIG_SCSI_SAS_ATTRS=y # CONFIG_SCSI_SAS_LIBSAS is not set # CONFIG_SCSI_SRP_ATTRS is not set +# end of SCSI Transports + CONFIG_SCSI_LOWLEVEL=y # CONFIG_ISCSI_TCP is not set # CONFIG_ISCSI_BOOT_SYSFS is not set @@ -1326,11 +1405,14 @@ CONFIG_SCSI_LOWLEVEL=y # CONFIG_SCSI_UFSHCD is not set # CONFIG_SCSI_HPTIOP is not set # CONFIG_SCSI_BUSLOGIC is not set +# CONFIG_SCSI_MYRB is not set +# CONFIG_SCSI_MYRS is not set CONFIG_VMWARE_PVSCSI=y CONFIG_XEN_SCSI_FRONTEND=y # CONFIG_LIBFC is not set # CONFIG_SCSI_SNIC is not set # CONFIG_SCSI_DMX3191D is not set +# CONFIG_SCSI_FDOMAIN_PCI is not set # CONFIG_SCSI_GDTH is not set # CONFIG_SCSI_ISCI is not set # CONFIG_SCSI_IPS is not set @@ -1357,7 +1439,8 @@ CONFIG_SCSI_SYM53C8XX_MMIO=y CONFIG_SCSI_VIRTIO=y # CONFIG_SCSI_CHELSIO_FCOE is not set # CONFIG_SCSI_DH is not set -# CONFIG_SCSI_OSD_INITIATOR is not set +# end of SCSI device support + CONFIG_ATA=y # CONFIG_ATA_VERBOSE_ERROR is not set CONFIG_ATA_ACPI=y @@ -1469,6 +1552,8 @@ CONFIG_MD_RAID1=y # # CONFIG_FIREWIRE is not set # CONFIG_FIREWIRE_NOSY is not set +# end of IEEE 1394 (FireWire) support + # CONFIG_MACINTOSH_DRIVERS is not set CONFIG_NETDEVICES=y CONFIG_MII=y @@ -1499,6 +1584,8 @@ CONFIG_VIRTIO_NET=y # # Distributed Switch Architecture drivers # +# end of Distributed Switch Architecture drivers + CONFIG_ETHERNET=y # CONFIG_NET_VENDOR_3COM is not set # CONFIG_NET_VENDOR_ADAPTEC is not set @@ -1528,6 +1615,7 @@ CONFIG_PCNET32=y # CONFIG_NET_VENDOR_DLINK is not set # CONFIG_NET_VENDOR_EMULEX is not set # CONFIG_NET_VENDOR_EZCHIP is not set +# CONFIG_NET_VENDOR_GOOGLE is not set # CONFIG_NET_VENDOR_HP is not set # CONFIG_NET_VENDOR_HUAWEI is not set CONFIG_NET_VENDOR_I825XX=y @@ -1545,10 +1633,12 @@ CONFIG_IGB=y # CONFIG_I40EVF is not set # CONFIG_ICE is not set # CONFIG_FM10K is not set +# CONFIG_IGC is not set # CONFIG_JME is not set # CONFIG_NET_VENDOR_MARVELL is not set # CONFIG_NET_VENDOR_MELLANOX is not set # CONFIG_NET_VENDOR_MICREL is not set +# CONFIG_NET_VENDOR_MICROCHIP is not set # CONFIG_NET_VENDOR_MICROSEMI is not set # CONFIG_NET_VENDOR_MYRI is not set # CONFIG_FEALNX is not set @@ -1564,6 +1654,7 @@ CONFIG_NE2K_PCI=y # CONFIG_NET_VENDOR_OKI is not set # CONFIG_ETHOC is not set # CONFIG_NET_VENDOR_PACKET_ENGINES is not set +# CONFIG_NET_VENDOR_PENSANDO is not set # CONFIG_NET_VENDOR_QLOGIC is not set # CONFIG_NET_VENDOR_QUALCOMM is not set # CONFIG_NET_VENDOR_RDC is not set @@ -1589,6 +1680,7 @@ CONFIG_8139CP=y CONFIG_NET_VENDOR_WIZNET=y # CONFIG_WIZNET_W5100 is not set # CONFIG_WIZNET_W5300 is not set +# CONFIG_NET_VENDOR_XILINX is not set # CONFIG_FDDI is not set # CONFIG_HIPPI is not set # CONFIG_NET_SB1000 is not set @@ -1603,6 +1695,7 @@ CONFIG_PHYLIB=y # # MII PHY device drivers # +# CONFIG_ADIN_PHY is not set # CONFIG_AMD_PHY is not set # CONFIG_AQUANTIA_PHY is not set # CONFIG_AX88796B_PHY is not set @@ -1685,6 +1778,7 @@ CONFIG_INPUT_KEYBOARD=y # CONFIG_KEYBOARD_ADP5588 is not set # CONFIG_KEYBOARD_ADP5589 is not set CONFIG_KEYBOARD_ATKBD=y +# CONFIG_KEYBOARD_QT1050 is not set # CONFIG_KEYBOARD_QT1070 is not set # CONFIG_KEYBOARD_QT2160 is not set # CONFIG_KEYBOARD_DLINK_DIR685 is not set @@ -1744,6 +1838,8 @@ CONFIG_SERIO_LIBPS2=y # CONFIG_SERIO_ARC_PS2 is not set # CONFIG_USERIO is not set # CONFIG_GAMEPORT is not set +# end of Hardware I/O ports +# end of Input device support # # Character devices @@ -1761,6 +1857,7 @@ CONFIG_UNIX98_PTYS=y # CONFIG_NOZOMI is not set # CONFIG_N_GSM is not set # CONFIG_TRACE_SINK is not set +# CONFIG_NULL_TTY is not set CONFIG_LDISC_AUTOLOAD=y CONFIG_DEVMEM=y # CONFIG_DEVKMEM is not set @@ -1779,11 +1876,11 @@ CONFIG_SERIAL_8250_PCI=y CONFIG_SERIAL_8250_NR_UARTS=4 CONFIG_SERIAL_8250_RUNTIME_UARTS=4 # CONFIG_SERIAL_8250_EXTENDED is not set +CONFIG_SERIAL_8250_DWLIB=y # CONFIG_SERIAL_8250_DW is not set # CONFIG_SERIAL_8250_RT288X is not set CONFIG_SERIAL_8250_LPSS=y CONFIG_SERIAL_8250_MID=y -# CONFIG_SERIAL_8250_MOXA is not set # # Non-8250 serial port support @@ -1799,6 +1896,9 @@ CONFIG_SERIAL_CORE_CONSOLE=y # CONFIG_SERIAL_ARC is not set # CONFIG_SERIAL_RP2 is not set # CONFIG_SERIAL_FSL_LPUART is not set +# CONFIG_SERIAL_FSL_LINFLEXUART is not set +# end of Serial drivers + # CONFIG_SERIAL_DEV_BUS is not set CONFIG_HVC_DRIVER=y CONFIG_HVC_IRQ=y @@ -1822,7 +1922,10 @@ CONFIG_HW_RANDOM_INTEL=y # CONFIG_TELCLOCK is not set CONFIG_DEVPORT=y # CONFIG_XILLYBUS is not set +# end of Character devices + # CONFIG_RANDOM_TRUST_CPU is not set +# CONFIG_RANDOM_TRUST_BOOTLOADER is not set # # I2C support @@ -1848,11 +1951,13 @@ CONFIG_I2C_ALGOBIT=y # CONFIG_I2C_ALI15X3 is not set # CONFIG_I2C_AMD756 is not set # CONFIG_I2C_AMD8111 is not set +# CONFIG_I2C_AMD_MP2 is not set # CONFIG_I2C_I801 is not set # CONFIG_I2C_ISCH is not set # CONFIG_I2C_ISMT is not set # CONFIG_I2C_PIIX4 is not set # CONFIG_I2C_NFORCE2 is not set +# CONFIG_I2C_NVIDIA_GPU is not set # CONFIG_I2C_SIS5595 is not set # CONFIG_I2C_SIS630 is not set # CONFIG_I2C_SIS96X is not set @@ -1885,10 +1990,15 @@ CONFIG_I2C_ALGOBIT=y # Other I2C/SMBus bus drivers # # CONFIG_I2C_MLXCPLD is not set +# end of I2C Hardware Bus support + # CONFIG_I2C_SLAVE is not set # CONFIG_I2C_DEBUG_CORE is not set # CONFIG_I2C_DEBUG_ALGO is not set # CONFIG_I2C_DEBUG_BUS is not set +# end of I2C support + +# CONFIG_I3C is not set # CONFIG_SPI is not set # CONFIG_SPMI is not set # CONFIG_HSI is not set @@ -1915,6 +2025,8 @@ CONFIG_PTP_1588_CLOCK=y # Enable PHYLIB and NETWORK_PHY_TIMESTAMPING to see the additional clocks. # CONFIG_PTP_1588_CLOCK_KVM=y +# end of PTP clock support + # CONFIG_PINCTRL is not set # CONFIG_GPIOLIB is not set # CONFIG_W1 is not set @@ -1936,6 +2048,10 @@ CONFIG_THERMAL_GOV_STEP_WISE=y # CONFIG_THERMAL_GOV_USER_SPACE is not set # CONFIG_THERMAL_GOV_POWER_ALLOCATOR is not set # CONFIG_THERMAL_EMULATION is not set + +# +# Intel thermal drivers +# # CONFIG_INTEL_POWERCLAMP is not set # CONFIG_INTEL_SOC_DTS_THERMAL is not set @@ -1943,7 +2059,11 @@ CONFIG_THERMAL_GOV_STEP_WISE=y # ACPI INT340X thermal drivers # # CONFIG_INT340X_THERMAL is not set +# end of ACPI INT340X thermal drivers + # CONFIG_INTEL_PCH_THERMAL is not set +# end of Intel thermal drivers + # CONFIG_WATCHDOG is not set CONFIG_SSB_POSSIBLE=y # CONFIG_SSB is not set @@ -1958,7 +2078,6 @@ CONFIG_BCMA_POSSIBLE=y # CONFIG_MFD_BCM590XX is not set # CONFIG_MFD_BD9571MWV is not set # CONFIG_MFD_AXP20X_I2C is not set -# CONFIG_MFD_CROS_EC is not set # CONFIG_MFD_MADERA is not set # CONFIG_PMIC_DA903X is not set # CONFIG_MFD_DA9052_I2C is not set @@ -2016,12 +2135,15 @@ CONFIG_BCMA_POSSIBLE=y # CONFIG_TWL6040_CORE is not set # CONFIG_MFD_WL1273_CORE is not set # CONFIG_MFD_LM3533 is not set +# CONFIG_MFD_TQMX86 is not set # CONFIG_MFD_VX855 is not set # CONFIG_MFD_ARIZONA_I2C is not set # CONFIG_MFD_WM8400 is not set # CONFIG_MFD_WM831X_I2C is not set # CONFIG_MFD_WM8350_I2C is not set # CONFIG_MFD_WM8994 is not set +# end of Multifunction device drivers + # CONFIG_REGULATOR is not set # CONFIG_RC_CORE is not set # CONFIG_MEDIA_SUPPORT is not set @@ -2041,19 +2163,29 @@ CONFIG_VGA_ARB_MAX_GPUS=16 # CONFIG_DRM_DP_CEC is not set # -# ACP (Audio CoProcessor) Configuration +# ARM devices # +# end of ARM devices # -# AMD Library routines +# ACP (Audio CoProcessor) Configuration # +# end of ACP (Audio CoProcessor) Configuration + # CONFIG_DRM_XEN is not set # # Frame buffer Devices # # CONFIG_FB is not set -# CONFIG_BACKLIGHT_LCD_SUPPORT is not set +# end of Frame buffer Devices + +# +# Backlight & LCD device support +# +# CONFIG_LCD_CLASS_DEVICE is not set +# CONFIG_BACKLIGHT_CLASS_DEVICE is not set +# end of Backlight & LCD device support # # Console display driver support @@ -2063,6 +2195,9 @@ CONFIG_VGA_CONSOLE=y CONFIG_DUMMY_CONSOLE=y CONFIG_DUMMY_CONSOLE_COLUMNS=80 CONFIG_DUMMY_CONSOLE_ROWS=25 +# end of Console display driver support +# end of Graphics support + # CONFIG_SOUND is not set # @@ -2085,6 +2220,7 @@ CONFIG_HID_GENERIC=y # CONFIG_HID_CHERRY is not set # CONFIG_HID_CHICONY is not set # CONFIG_HID_COUGAR is not set +# CONFIG_HID_MACALLY is not set # CONFIG_HID_CMEDIA is not set # CONFIG_HID_CYPRESS is not set # CONFIG_HID_DRAGONRISE is not set @@ -2096,6 +2232,7 @@ CONFIG_HID_GENERIC=y # CONFIG_HID_KEYTOUCH is not set # CONFIG_HID_KYE is not set # CONFIG_HID_WALTOP is not set +# CONFIG_HID_VIEWSONIC is not set # CONFIG_HID_GYRATION is not set # CONFIG_HID_ICADE is not set # CONFIG_HID_ITE is not set @@ -2106,6 +2243,7 @@ CONFIG_HID_GENERIC=y # CONFIG_HID_LENOVO is not set # CONFIG_HID_LOGITECH is not set # CONFIG_HID_MAGICMOUSE is not set +# CONFIG_HID_MALTRON is not set # CONFIG_HID_MAYFLASH is not set # CONFIG_HID_REDRAGON is not set # CONFIG_HID_MICROSOFT is not set @@ -2136,19 +2274,23 @@ CONFIG_HID_GENERIC=y # CONFIG_HID_ZYDACRON is not set # CONFIG_HID_SENSOR_HUB is not set # CONFIG_HID_ALPS is not set +# end of Special HID drivers # # I2C HID support # # CONFIG_I2C_HID is not set +# end of I2C HID support # # Intel ISH HID support # # CONFIG_INTEL_ISH_HID is not set +# end of Intel ISH HID support +# end of HID support + CONFIG_USB_OHCI_LITTLE_ENDIAN=y # CONFIG_USB_SUPPORT is not set -# CONFIG_UWB is not set # CONFIG_MMC is not set # CONFIG_MEMSTICK is not set # CONFIG_NEW_LEDS is not set @@ -2179,6 +2321,7 @@ CONFIG_RTC_INTF_DEV=y # I2C RTC drivers # # CONFIG_RTC_DRV_ABB5ZES3 is not set +# CONFIG_RTC_DRV_ABEOZ9 is not set # CONFIG_RTC_DRV_ABX80X is not set # CONFIG_RTC_DRV_DS1307 is not set # CONFIG_RTC_DRV_DS1374 is not set @@ -2201,7 +2344,9 @@ CONFIG_RTC_INTF_DEV=y # CONFIG_RTC_DRV_RX8581 is not set # CONFIG_RTC_DRV_RX8025 is not set # CONFIG_RTC_DRV_EM3027 is not set +# CONFIG_RTC_DRV_RV3028 is not set # CONFIG_RTC_DRV_RV8803 is not set +# CONFIG_RTC_DRV_SD3078 is not set # # SPI RTC drivers @@ -2248,6 +2393,8 @@ CONFIG_RTC_DRV_CMOS=y # DMABUF options # # CONFIG_SYNC_FILE is not set +# end of DMABUF options + # CONFIG_AUXDISPLAY is not set # CONFIG_UIO is not set CONFIG_VIRT_DRIVERS=y @@ -2265,6 +2412,7 @@ CONFIG_VIRTIO_MMIO=y # Microsoft Hyper-V guest support # # CONFIG_HYPERV is not set +# end of Microsoft Hyper-V guest support # # Xen driver support @@ -2281,7 +2429,6 @@ CONFIG_XEN_GNTDEV=y CONFIG_XEN_GRANT_DEV_ALLOC=y # CONFIG_XEN_GRANT_DMA_ALLOC is not set CONFIG_SWIOTLB_XEN=y -CONFIG_XEN_TMEM=y # CONFIG_XEN_PCIDEV_BACKEND is not set # CONFIG_XEN_PVCALLS_FRONTEND is not set # CONFIG_XEN_PVCALLS_BACKEND is not set @@ -2292,9 +2439,13 @@ CONFIG_XEN_AUTO_XLATE=y CONFIG_XEN_ACPI=y # CONFIG_XEN_SYMS is not set CONFIG_XEN_HAVE_VPMU=y +# end of Xen driver support + +# CONFIG_GREYBUS is not set # CONFIG_STAGING is not set # CONFIG_X86_PLATFORM_DEVICES is not set CONFIG_PMC_ATOM=y +# CONFIG_MFD_CROS_EC is not set # CONFIG_CHROME_PLATFORMS is not set # CONFIG_MELLANOX_PLATFORM is not set CONFIG_CLKDEV_LOOKUP=y @@ -2305,10 +2456,13 @@ CONFIG_COMMON_CLK=y # Common Clock Framework # # CONFIG_COMMON_CLK_MAX9485 is not set +# CONFIG_COMMON_CLK_SI5341 is not set # CONFIG_COMMON_CLK_SI5351 is not set # CONFIG_COMMON_CLK_SI544 is not set # CONFIG_COMMON_CLK_CDCE706 is not set # CONFIG_COMMON_CLK_CS2000_CP is not set +# end of Common Clock Framework + # CONFIG_HWSPINLOCK is not set # @@ -2317,6 +2471,8 @@ CONFIG_COMMON_CLK=y CONFIG_CLKEVT_I8253=y CONFIG_I8253_LOCK=y CONFIG_CLKBLD_I8253=y +# end of Clock Source drivers + CONFIG_MAILBOX=y CONFIG_PCC=y # CONFIG_ALTERA_MBOX is not set @@ -2326,6 +2482,7 @@ CONFIG_PCC=y # Remoteproc drivers # # CONFIG_REMOTEPROC is not set +# end of Remoteproc drivers # # Rpmsg drivers @@ -2334,6 +2491,8 @@ CONFIG_RPMSG=y # CONFIG_RPMSG_CHAR is not set # CONFIG_RPMSG_QCOM_GLINK_RPM is not set CONFIG_RPMSG_VIRTIO=y +# end of Rpmsg drivers + # CONFIG_SOUNDWIRE is not set # @@ -2343,28 +2502,42 @@ CONFIG_RPMSG_VIRTIO=y # # Amlogic SoC drivers # +# end of Amlogic SoC drivers + +# +# Aspeed SoC drivers +# +# end of Aspeed SoC drivers # # Broadcom SoC drivers # +# end of Broadcom SoC drivers # # NXP/Freescale QorIQ SoC drivers # +# end of NXP/Freescale QorIQ SoC drivers # # i.MX SoC drivers # +# end of i.MX SoC drivers # # Qualcomm SoC drivers # +# end of Qualcomm SoC drivers + # CONFIG_SOC_TI is not set # # Xilinx SoC drivers # # CONFIG_XILINX_VCU is not set +# end of Xilinx SoC drivers +# end of SOC (System On Chip) specific Drivers + # CONFIG_PM_DEVFREQ is not set # CONFIG_EXTCON is not set # CONFIG_MEMORY is not set @@ -2376,10 +2549,10 @@ CONFIG_RPMSG_VIRTIO=y # # IRQ chip support # -CONFIG_ARM_GIC_MAX_NR=1 +# end of IRQ chip support + # CONFIG_IPACK_BUS is not set # CONFIG_RESET_CONTROLLER is not set -# CONFIG_FMC is not set # # PHY Subsystem @@ -2388,12 +2561,16 @@ CONFIG_ARM_GIC_MAX_NR=1 # CONFIG_BCM_KONA_USB2_PHY is not set # CONFIG_PHY_PXA_28NM_HSIC is not set # CONFIG_PHY_PXA_28NM_USB2 is not set +# end of PHY Subsystem + # CONFIG_POWERCAP is not set # CONFIG_MCB is not set # # Performance monitor support # +# end of Performance monitor support + # CONFIG_RAS is not set # CONFIG_THUNDERBOLT is not set @@ -2401,24 +2578,33 @@ CONFIG_ARM_GIC_MAX_NR=1 # Android # # CONFIG_ANDROID is not set +# end of Android + # CONFIG_LIBNVDIMM is not set # CONFIG_DAX is not set CONFIG_NVMEM=y +CONFIG_NVMEM_SYSFS=y # # HW tracing support # # CONFIG_STM is not set # CONFIG_INTEL_TH is not set +# end of HW tracing support + # CONFIG_FPGA is not set # CONFIG_UNISYS_VISORBUS is not set # CONFIG_SIOX is not set # CONFIG_SLIMBUS is not set +# CONFIG_INTERCONNECT is not set +# CONFIG_COUNTER is not set +# end of Device Drivers # # File systems # CONFIG_DCACHE_WORD_ACCESS=y +# CONFIG_VALIDATE_FS_PARSER is not set CONFIG_FS_IOMAP=y # CONFIG_EXT2_FS is not set # CONFIG_EXT3_FS is not set @@ -2426,7 +2612,6 @@ CONFIG_EXT4_FS=y CONFIG_EXT4_USE_FOR_EXT2=y CONFIG_EXT4_FS_POSIX_ACL=y CONFIG_EXT4_FS_SECURITY=y -# CONFIG_EXT4_ENCRYPTION is not set # CONFIG_EXT4_DEBUG is not set CONFIG_JBD2=y # CONFIG_JBD2_DEBUG is not set @@ -2445,6 +2630,7 @@ CONFIG_EXPORTFS=y CONFIG_FILE_LOCKING=y # CONFIG_MANDATORY_FILE_LOCKING is not set # CONFIG_FS_ENCRYPTION is not set +# CONFIG_FS_VERITY is not set CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY_USER=y @@ -2459,6 +2645,7 @@ CONFIG_AUTOFS_FS=y # Caches # # CONFIG_FSCACHE is not set +# end of Caches # # CD-ROM/DVD Filesystems @@ -2467,6 +2654,7 @@ CONFIG_ISO9660_FS=y CONFIG_JOLIET=y # CONFIG_ZISOFS is not set # CONFIG_UDF_FS is not set +# end of CD-ROM/DVD Filesystems # # DOS/FAT/NT Filesystems @@ -2474,6 +2662,7 @@ CONFIG_JOLIET=y # CONFIG_MSDOS_FS is not set # CONFIG_VFAT_FS is not set # CONFIG_NTFS_FS is not set +# end of DOS/FAT/NT Filesystems # # Pseudo filesystems @@ -2483,6 +2672,7 @@ CONFIG_PROC_KCORE=y CONFIG_PROC_SYSCTL=y CONFIG_PROC_PAGE_MONITOR=y CONFIG_PROC_CHILDREN=y +CONFIG_PROC_PID_ARCH_STATUS=y CONFIG_KERNFS=y CONFIG_SYSFS=y CONFIG_TMPFS=y @@ -2490,7 +2680,10 @@ CONFIG_TMPFS_POSIX_ACL=y CONFIG_TMPFS_XATTR=y # CONFIG_HUGETLBFS is not set CONFIG_MEMFD_CREATE=y +CONFIG_ARCH_HAS_GIGANTIC_PAGE=y # CONFIG_CONFIGFS_FS is not set +# end of Pseudo filesystems + # CONFIG_MISC_FILESYSTEMS is not set # CONFIG_NETWORK_FILESYSTEMS is not set CONFIG_NLS=y @@ -2544,6 +2737,8 @@ CONFIG_NLS_DEFAULT="utf8" # CONFIG_NLS_MAC_ROMANIAN is not set # CONFIG_NLS_MAC_TURKISH is not set # CONFIG_NLS_UTF8 is not set +# CONFIG_UNICODE is not set +# end of File systems # # Security options @@ -2559,7 +2754,22 @@ CONFIG_HARDENED_USERCOPY_FALLBACK=y CONFIG_FORTIFY_SOURCE=y # CONFIG_STATIC_USERMODEHELPER is not set CONFIG_DEFAULT_SECURITY_DAC=y -CONFIG_DEFAULT_SECURITY="" +CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity" + +# +# Kernel hardening options +# + +# +# Memory initialization +# +CONFIG_INIT_STACK_NONE=y +# CONFIG_INIT_ON_ALLOC_DEFAULT_ON is not set +# CONFIG_INIT_ON_FREE_DEFAULT_ON is not set +# end of Memory initialization +# end of Kernel hardening options +# end of Security options + CONFIG_CRYPTO=y # @@ -2579,9 +2789,6 @@ CONFIG_CRYPTO_RNG_DEFAULT=y CONFIG_CRYPTO_AKCIPHER2=y CONFIG_CRYPTO_KPP2=y CONFIG_CRYPTO_ACOMP2=y -# CONFIG_CRYPTO_RSA is not set -# CONFIG_CRYPTO_DH is not set -# CONFIG_CRYPTO_ECDH is not set CONFIG_CRYPTO_MANAGER=y CONFIG_CRYPTO_MANAGER2=y # CONFIG_CRYPTO_USER is not set @@ -2590,11 +2797,17 @@ CONFIG_CRYPTO_GF128MUL=y CONFIG_CRYPTO_NULL=y CONFIG_CRYPTO_NULL2=y # CONFIG_CRYPTO_PCRYPT is not set -CONFIG_CRYPTO_WORKQUEUE=y # CONFIG_CRYPTO_CRYPTD is not set -# CONFIG_CRYPTO_MCRYPTD is not set # CONFIG_CRYPTO_AUTHENC is not set +# +# Public-key cryptography +# +# CONFIG_CRYPTO_RSA is not set +# CONFIG_CRYPTO_DH is not set +# CONFIG_CRYPTO_ECDH is not set +# CONFIG_CRYPTO_ECRDSA is not set + # # Authenticated Encryption with Associated Data # @@ -2602,16 +2815,7 @@ CONFIG_CRYPTO_WORKQUEUE=y CONFIG_CRYPTO_GCM=y # CONFIG_CRYPTO_CHACHA20POLY1305 is not set # CONFIG_CRYPTO_AEGIS128 is not set -# CONFIG_CRYPTO_AEGIS128L is not set -# CONFIG_CRYPTO_AEGIS256 is not set # CONFIG_CRYPTO_AEGIS128_AESNI_SSE2 is not set -# CONFIG_CRYPTO_AEGIS128L_AESNI_SSE2 is not set -# CONFIG_CRYPTO_AEGIS256_AESNI_SSE2 is not set -# CONFIG_CRYPTO_MORUS640 is not set -# CONFIG_CRYPTO_MORUS640_SSE2 is not set -# CONFIG_CRYPTO_MORUS1280 is not set -# CONFIG_CRYPTO_MORUS1280_SSE2 is not set -# CONFIG_CRYPTO_MORUS1280_AVX2 is not set CONFIG_CRYPTO_SEQIV=y # CONFIG_CRYPTO_ECHAINIV is not set @@ -2624,9 +2828,14 @@ CONFIG_CRYPTO_CTR=y # CONFIG_CRYPTO_CTS is not set # CONFIG_CRYPTO_ECB is not set # CONFIG_CRYPTO_LRW is not set +# CONFIG_CRYPTO_OFB is not set # CONFIG_CRYPTO_PCBC is not set # CONFIG_CRYPTO_XTS is not set # CONFIG_CRYPTO_KEYWRAP is not set +# CONFIG_CRYPTO_NHPOLY1305_SSE2 is not set +# CONFIG_CRYPTO_NHPOLY1305_AVX2 is not set +# CONFIG_CRYPTO_ADIANTUM is not set +# CONFIG_CRYPTO_ESSIV is not set # # Hash modes @@ -2643,6 +2852,7 @@ CONFIG_CRYPTO_CRC32C=y # CONFIG_CRYPTO_CRC32C_INTEL is not set # CONFIG_CRYPTO_CRC32 is not set # CONFIG_CRYPTO_CRC32_PCLMUL is not set +# CONFIG_CRYPTO_XXHASH is not set CONFIG_CRYPTO_CRCT10DIF=y # CONFIG_CRYPTO_CRCT10DIF_PCLMUL is not set CONFIG_CRYPTO_GHASH=y @@ -2659,13 +2869,12 @@ CONFIG_CRYPTO_GHASH=y # CONFIG_CRYPTO_SHA1_SSSE3 is not set # CONFIG_CRYPTO_SHA256_SSSE3 is not set # CONFIG_CRYPTO_SHA512_SSSE3 is not set -# CONFIG_CRYPTO_SHA1_MB is not set -# CONFIG_CRYPTO_SHA256_MB is not set -# CONFIG_CRYPTO_SHA512_MB is not set +CONFIG_CRYPTO_LIB_SHA256=y CONFIG_CRYPTO_SHA256=y # CONFIG_CRYPTO_SHA512 is not set # CONFIG_CRYPTO_SHA3 is not set # CONFIG_CRYPTO_SM3 is not set +# CONFIG_CRYPTO_STREEBOG is not set # CONFIG_CRYPTO_TGR192 is not set # CONFIG_CRYPTO_WP512 is not set # CONFIG_CRYPTO_GHASH_CLMUL_NI_INTEL is not set @@ -2673,9 +2882,9 @@ CONFIG_CRYPTO_SHA256=y # # Ciphers # +CONFIG_CRYPTO_LIB_AES=y CONFIG_CRYPTO_AES=y # CONFIG_CRYPTO_AES_TI is not set -# CONFIG_CRYPTO_AES_X86_64 is not set # CONFIG_CRYPTO_AES_NI_INTEL is not set # CONFIG_CRYPTO_ANUBIS is not set # CONFIG_CRYPTO_ARC4 is not set @@ -2738,16 +2947,19 @@ CONFIG_CRYPTO_USER_API_HASH=y # # Certificates for signature checking # +# end of Certificates for signature checking # # Library routines # +# CONFIG_PACKING is not set CONFIG_BITREVERSE=y -CONFIG_RATIONAL=y CONFIG_GENERIC_STRNCPY_FROM_USER=y CONFIG_GENERIC_STRNLEN_USER=y CONFIG_GENERIC_NET_UTILS=y CONFIG_GENERIC_FIND_FIRST_BIT=y +# CONFIG_CORDIC is not set +CONFIG_RATIONAL=y CONFIG_GENERIC_PCI_IOMAP=y CONFIG_GENERIC_IOMAP=y CONFIG_ARCH_USE_CMPXCHG_LOCKREF=y @@ -2785,23 +2997,27 @@ CONFIG_HAS_DMA=y CONFIG_NEED_SG_DMA_LENGTH=y CONFIG_NEED_DMA_MAP_STATE=y CONFIG_ARCH_DMA_ADDR_T_64BIT=y -CONFIG_DMA_DIRECT_OPS=y CONFIG_SWIOTLB=y +# CONFIG_DMA_API_DEBUG is not set CONFIG_SGL_ALLOC=y CONFIG_CPU_RMAP=y CONFIG_DQL=y CONFIG_GLOB=y # CONFIG_GLOB_SELFTEST is not set CONFIG_NLATTR=y -# CONFIG_CORDIC is not set -# CONFIG_DDR is not set # CONFIG_IRQ_POLL is not set +CONFIG_HAVE_GENERIC_VDSO=y +CONFIG_GENERIC_GETTIMEOFDAY=y +CONFIG_FONT_SUPPORT=y +CONFIG_FONT_8x16=y +CONFIG_FONT_AUTOSELECT=y CONFIG_SG_POOL=y -CONFIG_ARCH_HAS_SG_CHAIN=y CONFIG_ARCH_HAS_PMEM_API=y CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE=y +CONFIG_ARCH_STACKWALK=y CONFIG_SBITMAP=y # CONFIG_STRING_SELFTEST is not set +# end of Library routines # # Kernel hacking @@ -2811,10 +3027,12 @@ CONFIG_SBITMAP=y # printk and dmesg options # # CONFIG_PRINTK_TIME is not set +# CONFIG_PRINTK_CALLER is not set CONFIG_CONSOLE_LOGLEVEL_DEFAULT=7 CONFIG_CONSOLE_LOGLEVEL_QUIET=4 CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 # CONFIG_BOOT_PRINTK_DELAY is not set +# end of printk and dmesg options # # Compile-time checks and compiler options @@ -2824,22 +3042,25 @@ CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 CONFIG_FRAME_WARN=2048 CONFIG_STRIP_ASM_SYMS=y # CONFIG_READABLE_ASM is not set -# CONFIG_UNUSED_SYMBOLS is not set -# CONFIG_PAGE_OWNER is not set # CONFIG_DEBUG_FS is not set -# CONFIG_HEADERS_CHECK is not set +# CONFIG_HEADERS_INSTALL is not set +CONFIG_OPTIMIZE_INLINING=y # CONFIG_DEBUG_SECTION_MISMATCH is not set CONFIG_SECTION_MISMATCH_WARN_ONLY=y CONFIG_STACK_VALIDATION=y # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set +# end of Compile-time checks and compiler options + # CONFIG_MAGIC_SYSRQ is not set CONFIG_DEBUG_KERNEL=y +# CONFIG_DEBUG_MISC is not set # # Memory Debugging # # CONFIG_PAGE_EXTENSION is not set # CONFIG_DEBUG_PAGEALLOC is not set +# CONFIG_PAGE_OWNER is not set # CONFIG_PAGE_POISONING is not set # CONFIG_DEBUG_RODATA_TEST is not set # CONFIG_DEBUG_OBJECTS is not set @@ -2853,10 +3074,12 @@ CONFIG_ARCH_HAS_DEBUG_VIRTUAL=y # CONFIG_DEBUG_VIRTUAL is not set CONFIG_DEBUG_MEMORY_INIT=y # CONFIG_DEBUG_PER_CPU_MAPS is not set -CONFIG_HAVE_DEBUG_STACKOVERFLOW=y -# CONFIG_DEBUG_STACKOVERFLOW is not set CONFIG_HAVE_ARCH_KASAN=y +CONFIG_CC_HAS_KASAN_GENERIC=y # CONFIG_KASAN is not set +CONFIG_KASAN_STACK=1 +# end of Memory Debugging + CONFIG_ARCH_HAS_KCOV=y CONFIG_CC_HAS_SANCOV_TRACE_PC=y # CONFIG_KCOV is not set @@ -2870,6 +3093,8 @@ CONFIG_HARDLOCKUP_CHECK_TIMESTAMP=y # CONFIG_HARDLOCKUP_DETECTOR is not set # CONFIG_DETECT_HUNG_TASK is not set # CONFIG_WQ_WATCHDOG is not set +# end of Debug Lockups and Hangs + # CONFIG_PANIC_ON_OOPS is not set CONFIG_PANIC_ON_OOPS_VALUE=0 CONFIG_PANIC_TIMEOUT=0 @@ -2894,12 +3119,14 @@ CONFIG_LOCK_DEBUGGING_SUPPORT=y # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set # CONFIG_LOCK_TORTURE_TEST is not set # CONFIG_WW_MUTEX_SELFTEST is not set +# end of Lock Debugging (spinlocks, mutexes, etc...) + # CONFIG_STACKTRACE is not set # CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set # CONFIG_DEBUG_KOBJECT is not set CONFIG_DEBUG_BUGVERBOSE=y CONFIG_DEBUG_LIST=y -# CONFIG_DEBUG_PI_LIST is not set +# CONFIG_DEBUG_PLIST is not set # CONFIG_DEBUG_SG is not set # CONFIG_DEBUG_NOTIFIERS is not set # CONFIG_DEBUG_CREDENTIALS is not set @@ -2912,6 +3139,8 @@ CONFIG_DEBUG_LIST=y CONFIG_RCU_CPU_STALL_TIMEOUT=21 # CONFIG_RCU_TRACE is not set # CONFIG_RCU_EQS_DEBUG is not set +# end of RCU Debugging + # CONFIG_DEBUG_WQ_FORCE_RR_CPU is not set # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set # CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set @@ -2930,7 +3159,6 @@ CONFIG_HAVE_C_RECORDMCOUNT=y CONFIG_TRACING_SUPPORT=y # CONFIG_FTRACE is not set # CONFIG_PROVIDE_OHCI1394_DMA_INIT is not set -# CONFIG_DMA_API_DEBUG is not set # CONFIG_RUNTIME_TESTING_MENU is not set # CONFIG_MEMTEST is not set # CONFIG_BUG_ON_DATA_CORRUPTION is not set @@ -2939,6 +3167,7 @@ CONFIG_HAVE_ARCH_KGDB=y # CONFIG_KGDB is not set CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y # CONFIG_UBSAN is not set +CONFIG_UBSAN_ALIGNMENT=y CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y CONFIG_STRICT_DEVMEM=y # CONFIG_IO_STRICT_DEVMEM is not set @@ -2952,23 +3181,19 @@ CONFIG_EARLY_PRINTK=y CONFIG_DOUBLEFAULT=y # CONFIG_DEBUG_TLBFLUSH is not set CONFIG_HAVE_MMIOTRACE_SUPPORT=y -CONFIG_IO_DELAY_TYPE_0X80=0 -CONFIG_IO_DELAY_TYPE_0XED=1 -CONFIG_IO_DELAY_TYPE_UDELAY=2 -CONFIG_IO_DELAY_TYPE_NONE=3 +# CONFIG_X86_DECODER_SELFTEST is not set CONFIG_IO_DELAY_0X80=y # CONFIG_IO_DELAY_0XED is not set # CONFIG_IO_DELAY_UDELAY is not set # CONFIG_IO_DELAY_NONE is not set -CONFIG_DEFAULT_IO_DELAY_TYPE=0 # CONFIG_CPA_DEBUG is not set -# CONFIG_OPTIMIZE_INLINING is not set # CONFIG_DEBUG_ENTRY is not set # CONFIG_DEBUG_NMI_SELFTEST is not set # CONFIG_X86_DEBUG_FPU is not set # CONFIG_PUNIT_ATOM_DEBUG is not set CONFIG_UNWINDER_ORC=y # CONFIG_UNWINDER_FRAME_POINTER is not set +# end of Kernel hacking # # Gentoo Linux @@ -2982,3 +3207,5 @@ CONFIG_GENTOO_LINUX_PORTAGE=y # CONFIG_GENTOO_LINUX_INIT_SCRIPT=y CONFIG_GENTOO_LINUX_INIT_SYSTEMD=y +# end of Support for init systems, system and service managers +# end of Gentoo Linux diff --git a/mailgw/mailgw.cfg b/mailgw/mailgw.cfg index 19c49d1..a26ca4d 100644 --- a/mailgw/mailgw.cfg +++ b/mailgw/mailgw.cfg @@ -16,5 +16,6 @@ KERNEL_CONFIG = appliances/$(APPLIANCE)/kernel.config ENABLE_SSHD = YES TIMEZONE=Europe/Berlin LOCALE=de_DE.utf8 -REPO_NAMES = unitas -REPO_URI_unitas = https://dev.unitas-network.de/r/Gentoo/Unitas.git +REPO_NAMES = unitas-misc unitas-mail +REPO_URI_unitas-misc = https://dev.unitas-network.de/r/Gentoo/unitas-misc.git +REPO_URI_unitas-mail = https://dev.unitas-network.de/r/Gentoo/unitas-mail.git diff --git a/mailgw/make.conf b/mailgw/make.conf index 0ff26f0..109c1bb 100644 --- a/mailgw/make.conf +++ b/mailgw/make.conf @@ -3,6 +3,6 @@ CXXFLAGS="-O2 -pipe" USE="hardened justify pie ssp urandom xattr -fortran -pch -pic -prelink -profile -tcc" MAKEOPTS="-j5" ACCEPT_LICENSE="*" -PYTHON_TARGETS="python3_6" -PYTHON_SINGLE_TARGET="python3_6" +PYTHON_TARGETS="python3_7" +PYTHON_SINGLE_TARGET="python3_7" VIDEO_CARDS="vmware" diff --git a/mailgw/package.keywords b/mailgw/package.keywords index 3d4d215..fd607c5 100644 --- a/mailgw/package.keywords +++ b/mailgw/package.keywords @@ -1,8 +1,9 @@ # Grundsystem -app-emulation/open-vm-tools ~amd64 ~x86 -sys-auth/pam_ssh_agent_auth ~amd64 ~x86 +app-emulation/open-vm-tools +sys-auth/pam_ssh_agent_auth # rspamd +mail-filter/pyzor mail-filter/rspamd # ClamAV Zusatz-Signaturen @@ -12,12 +13,3 @@ app-antivirus/clamav-unofficial-sigs gnustep-base/gnustep-make gnustep-libs/sope gnustep-apps/sogo - -### LetsEncrypt -##app-crypt/acme -##app-crypt/certbot -##app-crypt/certbot-apache -##dev-python/zope-component -##dev-python/parsedatetime -##dev-python/pyrfc3339 -##dev-python/python-augeas diff --git a/mailgw/package.unmask b/mailgw/package.unmask new file mode 100644 index 0000000..023b64f --- /dev/null +++ b/mailgw/package.unmask @@ -0,0 +1 @@ +mail-filter/pyzor diff --git a/mailgw/package.use b/mailgw/package.use index 28cb59e..db7e190 100644 --- a/mailgw/package.use +++ b/mailgw/package.use @@ -22,6 +22,9 @@ net-analyzer/zabbix agent # rspamd dev-db/redis jemalloc +dev-lang/perl ithreads +dev-lua/lpeg luajit +mail-filter/pyzor pyzord redis mail-filter/rspamd gd jemalloc pcre2 media-libs/gd jpeg diff --git a/mailgw/world b/mailgw/world index 51faccb..a434b3e 100644 --- a/mailgw/world +++ b/mailgw/world @@ -13,9 +13,9 @@ app-antivirus/clamav-unofficial-sigs app-crypt/certbot-apache dev-db/mariadb dev-db/redis -dev-python/pyzor gnustep-apps/sogo mail-filter/dcc +mail-filter/pyzor mail-filter/razor mail-filter/rspamd mail-mta/postfix