Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#54788 - [linux] Enable KALSR by default
Attached to Project:
Arch Linux
Opened by AnAkkk (AnAkkk) - Thursday, 13 July 2017, 08:56 GMT
Last edited by Jan Alexander Steffens (heftig) - Thursday, 13 July 2017, 19:56 GMT
Opened by AnAkkk (AnAkkk) - Thursday, 13 July 2017, 08:56 GMT
Last edited by Jan Alexander Steffens (heftig) - Thursday, 13 July 2017, 19:56 GMT
|
DetailsKALSR has been enabled by default with the release of Linux 4.12, but it is still disabled in Arch config files. It was already enabled by default in many other distributions and it would be good to enable it for better security.
See [1] for the commit that enables it and [2] for the blog post from Kees Cook about security changes in linux 4.12. 1) https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6807c84652b0b7e2e198e50a9ad47ef41b236e59 2) https://outflux.net/blog/archives/2017/07/10/security-things-in-linux-v4-12/ |
This task depends upon
Closed by Jan Alexander Steffens (heftig)
Thursday, 13 July 2017, 19:56 GMT
Reason for closing: Implemented
Additional comments about closing: 4.12.1-2
Thursday, 13 July 2017, 19:56 GMT
Reason for closing: Implemented
Additional comments about closing: 4.12.1-2
Comment by loqs (loqs) -
Thursday, 13 July 2017, 17:22 GMT
Does thestinger think it is worthwhile to enable it with both dmesg_restrict and kptr_restrict off? https://lwn.net/Articles/569635/