kernel-lqx 5.11.4-lqx2.0
From upstream (github:damentz/liquorix-package):
* change configuration options (git log excerpts)
+ [kernel-lqx: NOT IMPLEMENTED] Disable Integrity Subsystem
- Restrict unprivileged access to kernel log
- Enable CONFIG_FORTIFY_SOURCE
- Enable CONFIG_SECURITY_{SMACK, TOMOYO, LOADPIN}
- Sync remaining top level security options from Arch
- Disable module versioning support
- Enable access filtering to /dev/mem
- Sync memory initialization settings from Arch
+ [kernel-lqx: NOT IMPLEMENTED]Disable CONFIG_HEADERS_INSTALL
- Disable CONFIG_TEST_LOCKUP
- Use standard port 0x80 for prt-IO delay
- Enable CONFIG_DEBUG_KERNEL for CONFIG_KALLSYMS_ALL=y only
- Build CONFIG_AUTOFS_FS statically
- Reuse ext4 driver for ext2/3
- Disable Android Binder IPC self test
- Set CONFIG_STACKPROTECTOR_STRONG=y
- Set CONFIG_BINFMT_MISC=y
- Set CONFIG_PERSISTENT_KEYRINGS=y
- Set CONFIG_ENCRYPTED_KEYS=m
- Enable secondary trusted keyring and system blacklist
+ [kernel-lqx: NOT IMPLEMENTED] Use Arch/Zen defaults for LSM
- Enable BPF_LSM and BPF_JIT_ALWAYS_ON
- Disable SECURITY_LOADPIN