From 3f8f1f4c5376529724c235a584646a3ee72beb17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cyryl=20P=C5=82otnicki?= Date: Sat, 22 May 2021 22:31:54 +0100 Subject: [PATCH] tor browser --- nixos/boxes/foureighty/custom-kernel.nix | 27 ++++++++++++++++++------ nixos/gui/default.nix | 1 + 2 files changed, 22 insertions(+), 6 deletions(-) diff --git a/nixos/boxes/foureighty/custom-kernel.nix b/nixos/boxes/foureighty/custom-kernel.nix index 6fcf382f..4d1acab0 100644 --- a/nixos/boxes/foureighty/custom-kernel.nix +++ b/nixos/boxes/foureighty/custom-kernel.nix @@ -13,19 +13,23 @@ HARDLOCKUP_DETECTOR y BUG y + DEBUG_RODATA y + DEBUG_SET_MODULE_RONX y SECURITY_SELINUX_DISABLE n + SECURITY_WRITABLE_HOOKS n STRICT_KERNEL_RWX y - DEBUG_CREDENTIALS y - DEBUG_NOTIFIERS y - DEBUG_SG y - DEBUG_STACKOVERFLOW y + STRICT_DEVMEM y + DEBUG_CREDENTIALS y + DEBUG_NOTIFIERS y + DEBUG_PI_LIST y + DEBUG_PLIST y + DEBUG_SG y SCHED_STACK_END_CHECK y SHUFFLE_PAGE_ALLOCATOR y - - SLUB_DEBUG y + SLUB_DEBUG y PAGE_POISONING y PAGE_POISONING_NO_SANITY y @@ -47,6 +51,17 @@ ACPI_CUSTOM_METHOD n PROC_KCORE n INET_DIAG n + + INET_DIAG_DESTROY option no + INET_RAW_DIAG option no + INET_TCP_DIAG option no + INET_UDP_DIAG option no + INET_MPTCP_DIAG option no + + + CC_STACKPROTECTOR_STRONG y + + KFENCE y ''; } ]; } diff --git a/nixos/gui/default.nix b/nixos/gui/default.nix index fc4b9d1c..1436b9f5 100644 --- a/nixos/gui/default.nix +++ b/nixos/gui/default.nix @@ -42,6 +42,7 @@ slack spotify ssb-patchwork + unstable.torbrowser unstable.discord unstable.electrum unstable.freecad