From 24af76643f126c27632dcf6742b0934cf0619cf2 Mon Sep 17 00:00:00 2001
From: kraoc <tech@zogg.fr>
Date: Fri, 19 Apr 2024 15:59:15 +0200
Subject: [PATCH] =?UTF-8?q?Ajustements=20(RCU,=20s=C3=A9curit=C3=A9)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md             |  5 +++++
 options/disable.txt   |  5 ++---
 options/enable.txt    | 16 ++++++++++++++--
 options/secured.txt   |  3 +++
 options/unsecured.txt |  3 +++
 5 files changed, 27 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index b3185fa..36964d4 100644
--- a/README.md
+++ b/README.md
@@ -40,6 +40,11 @@ sudo bash kernel.sh 6.x 6.8.1
 
 ## CHANGELOG
 
+### 2024-04-19
+
+- Ajustements de la configuration RCU
+- Ajustement des options de sécurité
+
 ### 2024-04-09
 
 - Mise en place de dossiers spécifiques _(configs, options, patches)_
diff --git a/options/disable.txt b/options/disable.txt
index a71ced0..3e88fb8 100644
--- a/options/disable.txt
+++ b/options/disable.txt
@@ -175,7 +175,6 @@ CONFIG_PCIEAER_INJECT
 CONFIG_PERF_EVENTS_AMD_UNCORE
 CONFIG_PM_DEBUG
 CONFIG_PPS
-CONFIG_PROVE_RCU_LIST
 CONFIG_PROVIDE_OHCI1394_DMA_INIT
 CONFIG_PSE_CONTROLLER
 CONFIG_PUNIT_ATOM_DEBUG
@@ -185,10 +184,12 @@ CONFIG_QFMT_V2
 CONFIG_QUOTA_DEBUG
 CONFIG_RADIO_ADAPTERS
 CONFIG_RAPIDIO
+CONFIG_PROVE_RCU_LIST
 CONFIG_RCU_CPU_STALL_CPUTIME
 CONFIG_RCU_EQS_DEBUG
 CONFIG_RCU_STRICT_GRACE_PERIOD
 CONFIG_RCU_TRACE
+CONFIG_RCU_NOCB_CPU
 CONFIG_READ_ONLY_THP_FOR_FS
 CONFIG_REISERFS_FS
 CONFIG_RFKILL
@@ -293,8 +294,6 @@ CONFIG_BUG_ON_DATA_CORRUPTION
 CONFIG_CALL_THUNKS_DEBUG
 CONFIG_KPROBES
 CONFIG_SLUB_DEBUG
-CONFIG_RCU_NOCB_CPU
-CONFIG_RCU_BOOST
 CONFIG_PCSPKR_PLATFORM
 CONFIG_DEBUG_FS_ALLOW_ALL
 CONFIG_DEBUG_FS
diff --git a/options/enable.txt b/options/enable.txt
index 8c00503..cc97ca2 100644
--- a/options/enable.txt
+++ b/options/enable.txt
@@ -145,7 +145,6 @@ CONFIG_PROC_KCORE
 CONFIG_PSAMPLE
 CONFIG_PVH
 CONFIG_PVPANIC
-CONFIG_RCU_EXPERT
 CONFIG_RETHUNK
 CONFIG_SCHED_AUTOGROUP
 CONFIG_SHUFFLE_PAGE_ALLOCATOR
@@ -364,7 +363,6 @@ CONFIG_BPF_JIT_ALWAYS_ON
 CONFIG_NET_ACT_BPF
 CONFIG_HAVE_BPF_JIT
 CONFIG_BPF_EVENTS
-CONFIG_RCU_LAZY
 CONFIG_X86_VSYSCALL_EMULATION
 CONFIG_ZSWAP_EXCLUSIVE_LOADS_DEFAULT_ON
 CONFIG_ZSWAP_COMPRESSOR_DEFAULT_ZSTD
@@ -393,4 +391,18 @@ CONFIG_KSM
 CONFIG_SYSFS
 CONFIG_KALLSYMS
 CONFIG_KALLSYMS_ALL
+CONFIG_RCU_EXPERT
+CONFIG_RCU_BOOST
+CONFIG_PREEMPT_RCU
+CONFIG_RCU_LAZY
+CONFIG_X86_MPPARSE
+CONFIG_X86_INTEL_LPSS
+CONFIG_COMPAT_VDSO
+CONFIG_HIBERNATION
+CONFIG_PM_WAKELOCKS
+CONFIG_ACPI_PROCESSOR_AGGREGATOR
+CONFIG_ACPI_CONFIGFS
+CONFIG_ZSWAP_SHRINKER_DEFAULT_ON
+CONFIG_DEBUG_INFO_REDUCED
+CONFIG_DEBUG_INFO_COMPRESSED_ZLIB
 CONFIG_COMPILE_TEST
diff --git a/options/secured.txt b/options/secured.txt
index 4c606ac..e6288e5 100644
--- a/options/secured.txt
+++ b/options/secured.txt
@@ -4,3 +4,6 @@ CONFIG_CPU_IBRS_ENTRY
 CONFIG_SLS
 CONFIG_GDS_FORCE_MITIGATION
 CONFIG_INTEL_TDX_HOST
+CONFIG_X86_UMIP
+CONFIG_X86_SGX
+CONFIG_X86_USER_SHADOW_STACK
diff --git a/options/unsecured.txt b/options/unsecured.txt
index 4c606ac..e6288e5 100644
--- a/options/unsecured.txt
+++ b/options/unsecured.txt
@@ -4,3 +4,6 @@ CONFIG_CPU_IBRS_ENTRY
 CONFIG_SLS
 CONFIG_GDS_FORCE_MITIGATION
 CONFIG_INTEL_TDX_HOST
+CONFIG_X86_UMIP
+CONFIG_X86_SGX
+CONFIG_X86_USER_SHADOW_STACK