reactos/syzkaller
1
0
Fork 0
mirror of https://github.com/reactos/syzkaller.git synced 2024-11-27 21:30:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

docs/linux: update recommended configs

Browse Source 
Mention few more tricky kernel configs that cause problems.
This commit is contained in:
Dmitry Vyukov 2018-11-23 13:44:03 +01:00 committed by GitHub
parent 0ab8db6467
commit 8eb18c0bbc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/linux/kernel_configs.md
View File

@ -28,14 +28,28 @@ CONFIG_KALLSYMS=y
CONFIG_KALLSYMS_ALL=y
```
For `namespace` sandbox:
For better sandboxing:
```
CONFIG_NAMESPACES=y
CONFIG_USER_NS=y
CONFIG_UTS_NS=y
CONFIG_IPC_NS=y
CONFIG_PID_NS=y
CONFIG_NET_NS=y
CONFIG_CGROUP_PIDS=y
CONFIG_MEMCG=y
```
For `namespace` sandbox:
```
CONFIG_USER_NS=y
```
For running in VMs `make kvmconfig` is generally required.
Debian images produced by [tools/create-image.sh](/tools/create-image.sh) also require:
```
CONFIG_CONFIGFS_FS=y
CONFIG_SECURITYFS=y
```
It is recommended to disable the following config (and required if your kernel doesn't have commits [arm64: setup: introduce kaslr_offset()](https://github.com/torvalds/linux/commit/7ede8665f27cde7da69e8b2fbeaa1ed0664879c5)