Merging upstream version 6.10.3.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-08-07 13:18:06 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-08-07 13:18:06 +0000
commit: 638a9e433ecd61e64761352dbec1fa4f5874c941 (patch)
tree: fdbff74a238d7a5a7d1cef071b7230bc064b9f25 /arch/x86/configs/hardening.config
parent: Releasing progress-linux version 6.9.12-1~progress7.99u1. (diff)
download: linux-638a9e433ecd61e64761352dbec1fa4f5874c941.tar.xz
linux-638a9e433ecd61e64761352dbec1fa4f5874c941.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/arch/x86/configs/hardening.config b/arch/x86/configs/hardening.config
index 7b497f3b7b..de319852a1 100644
--- a/arch/x86/configs/hardening.config
+++ b/arch/x86/configs/hardening.config
@@ -10,5 +10,8 @@ CONFIG_INTEL_IOMMU_DEFAULT_ON=y
 CONFIG_INTEL_IOMMU_SVM=y
 CONFIG_AMD_IOMMU=y
 
+# Enforce CET Indirect Branch Tracking in the kernel.
+CONFIG_X86_KERNEL_IBT=y
+
 # Enable CET Shadow Stack for userspace.
 CONFIG_X86_USER_SHADOW_STACK=y
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-08-07 13:18:06 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-08-07 13:18:06 +0000
commit	638a9e433ecd61e64761352dbec1fa4f5874c941 (patch)
tree	fdbff74a238d7a5a7d1cef071b7230bc064b9f25 /arch/x86/configs/hardening.config
parent	Releasing progress-linux version 6.9.12-1~progress7.99u1. (diff)
download	linux-638a9e433ecd61e64761352dbec1fa4f5874c941.tar.xz linux-638a9e433ecd61e64761352dbec1fa4f5874c941.zip