* [PATCH] kernel: disable CONFIG_ACPI_CUSTOM_METHOD on x86_64 and i586
@ 2020-06-07 16:40 Peter Müller
0 siblings, 0 replies; only message in thread
From: Peter Müller @ 2020-06-07 16:40 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1342 bytes --]
This is dangerous as it allows replacing the running kernel without
rebooting. Kernel Self Protection Project people recommend to keep it
disabled.
Fixes: #12372
Signed-off-by: Peter Müller <peter.mueller(a)ipfire.org>
---
config/kernel/kernel.config.i586-ipfire | 1 -
config/kernel/kernel.config.x86_64-ipfire | 1 -
2 files changed, 2 deletions(-)
diff --git a/config/kernel/kernel.config.i586-ipfire b/config/kernel/kernel.config.i586-ipfire
index 0b6e0ca08..b978a4e1f 100644
--- a/config/kernel/kernel.config.i586-ipfire
+++ b/config/kernel/kernel.config.i586-ipfire
@@ -685,7 +685,6 @@ CONFIG_ACPI_CONTAINER=y
CONFIG_ACPI_HOTPLUG_IOAPIC=y
CONFIG_ACPI_SBS=m
CONFIG_ACPI_HED=y
-CONFIG_ACPI_CUSTOM_METHOD=m
# CONFIG_ACPI_BGRT is not set
# CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set
CONFIG_HAVE_ACPI_APEI=y
diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire
index 27b073ec7..09ac0eff1 100644
--- a/config/kernel/kernel.config.x86_64-ipfire
+++ b/config/kernel/kernel.config.x86_64-ipfire
@@ -707,7 +707,6 @@ CONFIG_ACPI_CONTAINER=y
CONFIG_ACPI_HOTPLUG_IOAPIC=y
CONFIG_ACPI_SBS=m
CONFIG_ACPI_HED=y
-CONFIG_ACPI_CUSTOM_METHOD=m
# CONFIG_ACPI_BGRT is not set
# CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set
CONFIG_ACPI_NFIT=m
--
2.26.2
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2020-06-07 16:40 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-07 16:40 [PATCH] kernel: disable CONFIG_ACPI_CUSTOM_METHOD on x86_64 and i586 Peter Müller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox