Git-Mirrors/graphene-os-server-infrastructure
1
0
Fork 0
mirror of https://github.com/GrapheneOS/infrastructure.git synced 2024-12-22 05:35:00 -05:00
Code Issues Packages Projects Releases Wiki Activity
579 Commits 1 Branch 0 Tags 1.9 MiB
e40fb1bd4e
Commit Graph

11 Commits

Author SHA1 Message Date
Daniel Micay
629a27c3b6 disable autogroup since cgroups are used instead 2024-10-31 08:02:57 -04:00
Daniel Micay
d583da0a65 disable sending console output to unused ttyS0 2024-02-01 16:39:33 -05:00
Daniel Micay
2fe25c5218 grub: remove extra space 2024-01-31 21:28:14 -05:00
Daniel Micay
d44a316624 disable 32-bit support via kernel line 
This is now supported in mainline and will be available in Linux 6.7. It
will be a while before we have it in production due to using the latest
LTS branch, but it might as well be set up in advance.

We currently have SystemCallArchitectures=native in the systemd
configuration to disallow 32-bit system calls via seccomp-bpf.
 2024-01-03 11:10:07 -05:00
Daniel Micay
3dfbd4e777 add init_on_free=1 for non-hardened kernels 2023-01-23 21:34:33 -05:00
Daniel Micay
67de376313 add slab_nomerge for non-hardened kernels 2023-01-15 14:34:44 -05:00
Daniel Micay
7b3111deb6 update grub configuration 2022-11-16 22:49:10 -05:00
Daniel Micay
74933df9cc set preempt=none for PREEMPT_DYNAMIC kernels 2022-08-07 19:26:29 -04:00
Daniel Micay
d7323bacba set lockdown to confidentiality mode 2022-08-01 01:47:22 -04:00
Daniel Micay
4a732879f3 update grub configuration 2022-03-16 22:56:06 -04:00
Daniel Micay
98ca37290a grub configuration for legacy boot 2021-09-08 03:30:41 -04:00