diff options
| author | Xi Ruoyao <xry111@xry111.site> | 2023-03-08 20:03:55 +0800 |
|---|---|---|
| committer | Xi Ruoyao <xry111@xry111.site> | 2023-03-08 20:03:55 +0800 |
| commit | 716077268052a05c243cb6473a6b556c23158bea (patch) | |
| tree | 33cf92d3e073d4647d00c4f32addd952bd6a301c /chapter10/kernel.xml | |
| parent | 95105f36a3a16a582a45cd29085c557d8d3955f0 (diff) | |
| parent | 835e40ce16b6043f6349cc37ff83ee701d961ee5 (diff) | |
Merge remote-tracking branch 'origin/trunk' into xry111/arm64
Diffstat (limited to 'chapter10/kernel.xml')
| -rw-r--r-- | chapter10/kernel.xml | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/chapter10/kernel.xml b/chapter10/kernel.xml index 27bd6e2f9..1cc02a139 100644 --- a/chapter10/kernel.xml +++ b/chapter10/kernel.xml @@ -111,6 +111,7 @@ General setup ---> [ ] Compile the kernel with warnings as errors [CONFIG_WERROR] < > Enable kernel headers through /sys/kernel/kheaders.tar.xz [CONFIG_IKHEADERS] + [ ] Configure standard kernel features (expert users) [CONFIG_EXPERT] General architecture-dependent options ---> [*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR] [*] Strong Stack Protector [CONFIG_STACKPROTECTOR_STRONG] @@ -140,8 +141,7 @@ General setup ---> [*] Control Group support [CONFIG_CGROUPS] ---> [*] Memory controller [CONFIG_MEMCG] [ ] Enable deprecated sysfs features to support old userspace tools [CONFIG_SYSFS_DEPRECATED] - [*] Configure standard kernel features (expert users) [CONFIG_EXPERT] ---> - [*] open by fhandle syscalls [CONFIG_FHANDLE] + [ ] Configure standard kernel features (expert users) [CONFIG_EXPERT] General architecture-dependent options ---> [*] Enable seccomp to safely compute untrusted bytecode [CONFIG_SECCOMP] [*] Stack Protector buffer overflow detection [CONFIG_STACKPROTECTOR] @@ -227,6 +227,19 @@ File systems ---> </varlistentry> <varlistentry> + <term> + <parameter> + Configure standard kernel features (expert users) + </parameter> + </term> + <listitem> + <para>This will make some options show up in the configuration + interface but changing those options may be dangerous. Do not use + this unless you know what you are doing.</para> + </listitem> + </varlistentry> + + <varlistentry> <term><parameter>Strong Stack Protector</parameter></term> <listitem> <para>Enable SSP for the kernel. We've enabled it for the entire |