diff mbox series

kernel: disable CONFIG_ACPI_CUSTOM_METHOD on x86_64 and i586

Message ID 5d051d38-0cf0-d6f0-994f-c0eb5dcbe5fe@ipfire.org
State Accepted
Commit d7174d7c3ae2eb21fef0e832955c6ba9024a7c0e
Headers
Series kernel: disable CONFIG_ACPI_CUSTOM_METHOD on x86_64 and i586 |

Commit Message

Peter Müller June 7, 2020, 4:40 p.m. UTC 
  This is dangerous as it allows replacing the running kernel without
rebooting. Kernel Self Protection Project people recommend to keep it
disabled.

Fixes: #12372

Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
---
 config/kernel/kernel.config.i586-ipfire   | 1 -
 config/kernel/kernel.config.x86_64-ipfire | 1 -
 2 files changed, 2 deletions(-)
diff mbox series

Patch

diff --git a/config/kernel/kernel.config.i586-ipfire b/config/kernel/kernel.config.i586-ipfire
index 0b6e0ca08..b978a4e1f 100644
--- a/config/kernel/kernel.config.i586-ipfire
+++ b/config/kernel/kernel.config.i586-ipfire
@@ -685,7 +685,6 @@  CONFIG_ACPI_CONTAINER=y
 CONFIG_ACPI_HOTPLUG_IOAPIC=y
 CONFIG_ACPI_SBS=m
 CONFIG_ACPI_HED=y
-CONFIG_ACPI_CUSTOM_METHOD=m
 # CONFIG_ACPI_BGRT is not set
 # CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set
 CONFIG_HAVE_ACPI_APEI=y
diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kernel.config.x86_64-ipfire
index 27b073ec7..09ac0eff1 100644
--- a/config/kernel/kernel.config.x86_64-ipfire
+++ b/config/kernel/kernel.config.x86_64-ipfire
@@ -707,7 +707,6 @@  CONFIG_ACPI_CONTAINER=y
 CONFIG_ACPI_HOTPLUG_IOAPIC=y
 CONFIG_ACPI_SBS=m
 CONFIG_ACPI_HED=y
-CONFIG_ACPI_CUSTOM_METHOD=m
 # CONFIG_ACPI_BGRT is not set
 # CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set
 CONFIG_ACPI_NFIT=m