The Qubes 6.18 kernel has the following:
CONFIG_STACKPROTECTOR=y
CONFIG_STACKPROTECTOR_STRONG=y
CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y
CONFIG_INIT_ON_FREE_DEFAULT_ON=y
CONFIG_GCC_PLUGIN_STRUCTLEAK=y
CONFIG_GCC_PLUGIN_STRUCTLEAK_BYREF_ALL=y
CONFIG_IKCONFIG=y
CONFIG_IKCONFIG_PROC=y
We should enable these in all of our kernels actually I think.
The Qubes 6.18 kernel has the following:
We should enable these in all of our kernels actually I think.