summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorjc_gargma <jc_gargma@iserlohn-fortress.net>2019-09-16 20:04:00 -0700
committerjc_gargma <jc_gargma@iserlohn-fortress.net>2019-09-16 20:04:00 -0700
commit6a63e990d87f549e676e4a5288aa724ed5819b13 (patch)
tree9ca35806bbcf0e16663c57c28e0f442745ed8841
parentpkgrel (diff)
downloadlinux-ck-6a63e990d87f549e676e4a5288aa724ed5819b13.tar.xz
Updated to 5.2.15
-rw-r--r--0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-CLONE_NEWUSER.patch (renamed from 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch)70
-rw-r--r--0002-ZEN-Add-CONFIG-for-unprivileged_userns_clone.patch57
-rw-r--r--0003-Btrfs-fix-unwritten-extent-buffers-and-hangs-on-future-writeback-attempts.patch145
-rw-r--r--PKGBUILD35
-rw-r--r--ck_remove-excess-extraversion.patch16
-rw-r--r--config.x86_642
6 files changed, 67 insertions, 258 deletions
diff --git a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch b/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-CLONE_NEWUSER.patch
index e7432e3..276bac8 100644
--- a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
+++ b/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-CLONE_NEWUSER.patch
@@ -1,23 +1,48 @@
-From e71668257d1353a7bd428ec90f0871b038db813b Mon Sep 17 00:00:00 2001
-From: Serge Hallyn <serge.hallyn@canonical.com>
-Date: Fri, 31 May 2013 19:12:12 +0100
-Subject: [PATCH 1/3] add sysctl to disallow unprivileged CLONE_NEWUSER by
- default
+From 4548790064d9d658127c85c8e318f0f397c63889 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
+Date: Mon, 16 Sep 2019 04:53:20 +0200
+Subject: ZEN: Add sysctl and CONFIG to disallow unprivileged CLONE_NEWUSER
-Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
-[bwh: Remove unneeded binary sysctl bits]
-Signed-off-by: Daniel Micay <danielmicay@gmail.com>
+Our default behavior continues to match the vanilla kernel.
---
+ init/Kconfig | 16 ++++++++++++++++
kernel/fork.c | 15 +++++++++++++++
kernel/sysctl.c | 12 ++++++++++++
- kernel/user_namespace.c | 3 +++
- 3 files changed, 30 insertions(+)
+ kernel/user_namespace.c | 7 +++++++
+ 4 files changed, 50 insertions(+)
+diff --git a/init/Kconfig b/init/Kconfig
+index bd7d650d4a99..658f9c052151 100644
+--- a/init/Kconfig
++++ b/init/Kconfig
+@@ -1091,6 +1091,22 @@ config USER_NS
+
+ If unsure, say N.
+
++config USER_NS_UNPRIVILEGED
++ bool "Allow unprivileged users to create namespaces"
++ default y
++ depends on USER_NS
++ help
++ When disabled, unprivileged users will not be able to create
++ new namespaces. Allowing users to create their own namespaces
++ has been part of several recent local privilege escalation
++ exploits, so if you need user namespaces but are
++ paranoid^Wsecurity-conscious you want to disable this.
++
++ This setting can be overridden at runtime via the
++ kernel.unprivileged_userns_clone sysctl.
++
++ If unsure, say Y.
++
+ config PID_NS
+ bool "PID Namespaces"
+ default y
diff --git a/kernel/fork.c b/kernel/fork.c
-index b69248e6f0e0..3b1cd11dc6dc 100644
+index 541fd805fb88..ffd57c812153 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
-@@ -104,6 +104,11 @@
+@@ -106,6 +106,11 @@
#define CREATE_TRACE_POINTS
#include <trace/events/task.h>
@@ -29,7 +54,7 @@ index b69248e6f0e0..3b1cd11dc6dc 100644
/*
* Minimum number of threads to boot the kernel
-@@ -1695,6 +1700,10 @@ static __latent_entropy struct task_struct *copy_process(
+@@ -1788,6 +1793,10 @@ static __latent_entropy struct task_struct *copy_process(
if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS))
return ERR_PTR(-EINVAL);
@@ -40,7 +65,7 @@ index b69248e6f0e0..3b1cd11dc6dc 100644
/*
* Thread groups must share signals as well, and detached threads
* can only be started up within the thread group.
-@@ -2528,6 +2537,12 @@ int ksys_unshare(unsigned long unshare_flags)
+@@ -2819,6 +2828,12 @@ int ksys_unshare(unsigned long unshare_flags)
if (unshare_flags & CLONE_NEWNS)
unshare_flags |= CLONE_FS;
@@ -54,10 +79,10 @@ index b69248e6f0e0..3b1cd11dc6dc 100644
if (err)
goto bad_unshare_out;
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
-index ba4d9e85feb8..e88b93a850df 100644
+index 078950d9605b..baead3605bbe 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
-@@ -106,6 +106,9 @@ extern int core_uses_pid;
+@@ -110,6 +110,9 @@ extern int core_uses_pid;
extern char core_pattern[];
extern unsigned int core_pipe_limit;
#endif
@@ -67,7 +92,7 @@ index ba4d9e85feb8..e88b93a850df 100644
extern int pid_max;
extern int pid_max_min, pid_max_max;
extern int percpu_pagelist_fraction;
-@@ -515,6 +518,15 @@ static struct ctl_table kern_table[] = {
+@@ -545,6 +548,15 @@ static struct ctl_table kern_table[] = {
.proc_handler = proc_dointvec,
},
#endif
@@ -84,19 +109,22 @@ index ba4d9e85feb8..e88b93a850df 100644
{
.procname = "tainted",
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 923414a246e9..6b9dbc257e34 100644
+index 8eadadc478f9..c36ecd19562c 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c
-@@ -26,6 +26,9 @@
+@@ -21,6 +21,13 @@
#include <linux/bsearch.h>
#include <linux/sort.h>
+/* sysctl */
++#ifdef CONFIG_USER_NS_UNPRIVILEGED
++int unprivileged_userns_clone = 1;
++#else
+int unprivileged_userns_clone;
++#endif
+
static struct kmem_cache *user_ns_cachep __read_mostly;
static DEFINE_MUTEX(userns_state_mutex);
--
-2.21.0
-
+cgit v1.2.1-1-g437b
diff --git a/0002-ZEN-Add-CONFIG-for-unprivileged_userns_clone.patch b/0002-ZEN-Add-CONFIG-for-unprivileged_userns_clone.patch
deleted file mode 100644
index dfa89cc..0000000
--- a/0002-ZEN-Add-CONFIG-for-unprivileged_userns_clone.patch
+++ /dev/null
@@ -1,57 +0,0 @@
-From b30ec6648774140adcbfc9b0e813ecfd0785f79d Mon Sep 17 00:00:00 2001
-From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
-Date: Thu, 7 Dec 2017 13:50:48 +0100
-Subject: [PATCH 2/3] ZEN: Add CONFIG for unprivileged_userns_clone
-
-This way our default behavior continues to match the vanilla kernel.
----
- init/Kconfig | 16 ++++++++++++++++
- kernel/user_namespace.c | 4 ++++
- 2 files changed, 20 insertions(+)
-
-diff --git a/init/Kconfig b/init/Kconfig
-index 4592bf7997c0..f3df02990aff 100644
---- a/init/Kconfig
-+++ b/init/Kconfig
-@@ -1004,6 +1004,22 @@ config USER_NS
-
- If unsure, say N.
-
-+config USER_NS_UNPRIVILEGED
-+ bool "Allow unprivileged users to create namespaces"
-+ default y
-+ depends on USER_NS
-+ help
-+ When disabled, unprivileged users will not be able to create
-+ new namespaces. Allowing users to create their own namespaces
-+ has been part of several recent local privilege escalation
-+ exploits, so if you need user namespaces but are
-+ paranoid^Wsecurity-conscious you want to disable this.
-+
-+ This setting can be overridden at runtime via the
-+ kernel.unprivileged_userns_clone sysctl.
-+
-+ If unsure, say Y.
-+
- config PID_NS
- bool "PID Namespaces"
- default y
-diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 6b9dbc257e34..107b17f0d528 100644
---- a/kernel/user_namespace.c
-+++ b/kernel/user_namespace.c
-@@ -27,7 +27,11 @@
- #include <linux/sort.h>
-
- /* sysctl */
-+#ifdef CONFIG_USER_NS_UNPRIVILEGED
-+int unprivileged_userns_clone = 1;
-+#else
- int unprivileged_userns_clone;
-+#endif
-
- static struct kmem_cache *user_ns_cachep __read_mostly;
- static DEFINE_MUTEX(userns_state_mutex);
---
-2.22.0
-
diff --git a/0003-Btrfs-fix-unwritten-extent-buffers-and-hangs-on-future-writeback-attempts.patch b/0003-Btrfs-fix-unwritten-extent-buffers-and-hangs-on-future-writeback-attempts.patch
deleted file mode 100644
index b6d19c3..0000000
--- a/0003-Btrfs-fix-unwritten-extent-buffers-and-hangs-on-future-writeback-attempts.patch
+++ /dev/null
@@ -1,145 +0,0 @@
-From 45fc8773f47b7cbe56caab0e14abf26d1e044e63 Mon Sep 17 00:00:00 2001
-From: Filipe Manana <fdmanana@suse.com>
-Date: Wed, 11 Sep 2019 17:42:00 +0100
-Subject: Btrfs: fix unwritten extent buffers and hangs on future writeback
- attempts
-
-The lock_extent_buffer_io() returns 1 to the caller to tell it everything
-went fine and the callers needs to start writeback for the extent buffer
-(submit a bio, etc), 0 to tell the caller everything went fine but it does
-not need to start writeback for the extent buffer, and a negative value if
-some error happened.
-
-When it's about to return 1 it tries to lock all pages, and if a try lock
-on a page fails, and we didn't flush any existing bio in our "epd", it
-calls flush_write_bio(epd) and overwrites the return value of 1 to 0 or
-an error. The page might have been locked elsewhere, not with the goal
-of starting writeback of the extent buffer, and even by some code other
-than btrfs, like page migration for example, so it does not mean the
-writeback of the extent buffer was already started by some other task,
-so returning a 0 tells the caller (btree_write_cache_pages()) to not
-start writeback for the extent buffer. Note that epd might currently have
-either no bio, so flush_write_bio() returns 0 (success) or it might have
-a bio for another extent buffer with a lower index (logical address).
-
-Since we return 0 with the EXTENT_BUFFER_WRITEBACK bit set on the
-extent buffer and writeback is never started for the extent buffer,
-future attempts to writeback the extent buffer will hang forever waiting
-on that bit to be cleared, since it can only be cleared after writeback
-completes. Such hang is reported with a trace like the following:
-
- [49887.347053] INFO: task btrfs-transacti:1752 blocked for more than 122 seconds.
- [49887.347059] Not tainted 5.2.13-gentoo #2
- [49887.347060] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
- [49887.347062] btrfs-transacti D 0 1752 2 0x80004000
- [49887.347064] Call Trace:
- [49887.347069] ? __schedule+0x265/0x830
- [49887.347071] ? bit_wait+0x50/0x50
- [49887.347072] ? bit_wait+0x50/0x50
- [49887.347074] schedule+0x24/0x90
- [49887.347075] io_schedule+0x3c/0x60
- [49887.347077] bit_wait_io+0x8/0x50
- [49887.347079] __wait_on_bit+0x6c/0x80
- [49887.347081] ? __lock_release.isra.29+0x155/0x2d0
- [49887.347083] out_of_line_wait_on_bit+0x7b/0x80
- [49887.347084] ? var_wake_function+0x20/0x20
- [49887.347087] lock_extent_buffer_for_io+0x28c/0x390
- [49887.347089] btree_write_cache_pages+0x18e/0x340
- [49887.347091] do_writepages+0x29/0xb0
- [49887.347093] ? kmem_cache_free+0x132/0x160
- [49887.347095] ? convert_extent_bit+0x544/0x680
- [49887.347097] filemap_fdatawrite_range+0x70/0x90
- [49887.347099] btrfs_write_marked_extents+0x53/0x120
- [49887.347100] btrfs_write_and_wait_transaction.isra.4+0x38/0xa0
- [49887.347102] btrfs_commit_transaction+0x6bb/0x990
- [49887.347103] ? start_transaction+0x33e/0x500
- [49887.347105] transaction_kthread+0x139/0x15c
-
-So fix this by not overwriting the return value (ret) with the result
-from flush_write_bio(). We also need to clear the EXTENT_BUFFER_WRITEBACK
-bit in case flush_write_bio() returns an error, otherwise it will hang
-any future attempts to writeback the extent buffer, and undo all work
-done before (set back EXTENT_BUFFER_DIRTY, etc).
-
-This is a regression introduced in the 5.2 kernel.
-
-Fixes: 2e3c25136adfb ("btrfs: extent_io: add proper error handling to lock_extent_buffer_for_io()")
-Fixes: f4340622e0226 ("btrfs: extent_io: Move the BUG_ON() in flush_write_bio() one level up")
-Reported-by: Zdenek Sojka <zsojka@seznam.cz>
-Link: https://lore.kernel.org/linux-btrfs/GpO.2yos.3WGDOLpx6t%7D.1TUDYM@seznam.cz/T/#u
-Reported-by: Stefan Priebe - Profihost AG <s.priebe@profihost.ag>
-Link: https://lore.kernel.org/linux-btrfs/5c4688ac-10a7-fb07-70e8-c5d31a3fbb38@profihost.ag/T/#t
-Reported-by: Drazen Kacar <drazen.kacar@oradian.com>
-Link: https://lore.kernel.org/linux-btrfs/DB8PR03MB562876ECE2319B3E579590F799C80@DB8PR03MB5628.eurprd03.prod.outlook.com/
-Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=204377
-Signed-off-by: Filipe Manana <fdmanana@suse.com>
----
- fs/btrfs/extent_io.c | 35 ++++++++++++++++++++++++++---------
- 1 file changed, 26 insertions(+), 9 deletions(-)
-
-diff --git a/fs/btrfs/extent_io.c b/fs/btrfs/extent_io.c
-index db337e53aab3..93900ff87df7 100644
---- a/fs/btrfs/extent_io.c
-+++ b/fs/btrfs/extent_io.c
-@@ -3591,6 +3591,13 @@ void wait_on_extent_buffer_writeback(struct extent_buffer *eb)
- TASK_UNINTERRUPTIBLE);
- }
-
-+static void end_extent_buffer_writeback(struct extent_buffer *eb)
-+{
-+ clear_bit(EXTENT_BUFFER_WRITEBACK, &eb->bflags);
-+ smp_mb__after_atomic();
-+ wake_up_bit(&eb->bflags, EXTENT_BUFFER_WRITEBACK);
-+}
-+
- /*
- * Lock eb pages and flush the bio if we can't the locks
- *
-@@ -3662,8 +3669,11 @@ static noinline_for_stack int lock_extent_buffer_for_io(struct extent_buffer *eb
-
- if (!trylock_page(p)) {
- if (!flush) {
-- ret = flush_write_bio(epd);
-- if (ret < 0) {
-+ int err;
-+
-+ err = flush_write_bio(epd);
-+ if (err < 0) {
-+ ret = err;
- failed_page_nr = i;
- goto err_unlock;
- }
-@@ -3678,16 +3688,23 @@ err_unlock:
- /* Unlock already locked pages */
- for (i = 0; i < failed_page_nr; i++)
- unlock_page(eb->pages[i]);
-+ /*
-+ * Clear EXTENT_BUFFER_WRITEBACK and wake up anyone waiting on it.
-+ * Also set back EXTENT_BUFFER_DIRTY so future attempts to this eb can
-+ * be made and undo everything done before.
-+ */
-+ btrfs_tree_lock(eb);
-+ spin_lock(&eb->refs_lock);
-+ set_bit(EXTENT_BUFFER_DIRTY, &eb->bflags);
-+ end_extent_buffer_writeback(eb);
-+ spin_unlock(&eb->refs_lock);
-+ percpu_counter_add_batch(&fs_info->dirty_metadata_bytes, eb->len,
-+ fs_info->dirty_metadata_batch);
-+ btrfs_clear_header_flag(eb, BTRFS_HEADER_FLAG_WRITTEN);
-+ btrfs_tree_unlock(eb);
- return ret;
- }
-
--static void end_extent_buffer_writeback(struct extent_buffer *eb)
--{
-- clear_bit(EXTENT_BUFFER_WRITEBACK, &eb->bflags);
-- smp_mb__after_atomic();
-- wake_up_bit(&eb->bflags, EXTENT_BUFFER_WRITEBACK);
--}
--
- static void set_btree_ioerr(struct page *page)
- {
- struct extent_buffer *eb = (struct extent_buffer *)page->private;
---
-cgit v1.2.1-1-g437b
-
diff --git a/PKGBUILD b/PKGBUILD
index a0fa2fb..d03b81f 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -18,7 +18,7 @@
pkgbase=linux-ck
_majver=5.2
-_minver=14
+_minver=15
if [ "$_minver" == "0" ]; then
pkgver=${_majver}
else
@@ -28,7 +28,7 @@ _ckpatchversion=ck1
_ckpatch="patch-${_majver}-${_ckpatchversion}"
_gccpatchver='20190822'
_srcname=linux-${pkgver}
-pkgrel=2
+pkgrel=1
url='https://kernel.org'
#url='http://ck.kolivas.org/patches/'
arch=('x86_64')
@@ -40,10 +40,7 @@ conflicts=('linux-libre')
options=('!strip')
source=(
https://www.kernel.org/pub/linux/kernel/v5.x/linux-$pkgver.tar.{xz,sign}
- 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
- 0002-ZEN-Add-CONFIG-for-unprivileged_userns_clone.patch
- 0003-Btrfs-fix-unwritten-extent-buffers-and-hangs-on-future-writeback-attempts.patch
- ck_remove-excess-extraversion.patch
+ 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-CLONE_NEWUSER.patch
linux-ck-patch-${_majver}-${_ckpatchversion}.xz::http://ck.kolivas.org/patches/5.0/${_majver}/${_majver}-${_ckpatchversion}/${_ckpatch}.xz
graysky_bdver2-hotfix.patch
kernel_gcc_patch-${_gccpatchver}.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/${_gccpatchver}.tar.gz
@@ -54,18 +51,15 @@ source=(
90-linux.hook # pacman hook for initramfs regeneration
linux.preset # standard config files for mkinitcpio ramdisk
)
-sha256sums=('c64d36477fee6a864a734ec417407768e60040a13f144c33208fa9622fd0ce8c'
+sha256sums=('eb561009da8106b463b1e1a16ab0f75cdef564784f49177148f5f92c32380c4a'
'SKIP'
- '91fafa76bf9cb32159ac7f22191b3589278b91e65bc4505cf2fc6013b8037bf3'
- '63e4378e69e2f23ed87af32a4951477a6d82d4ac0de2295db46502c8120da9d9'
- '940719452e133a7350dd5efea974190af07eb365a6a60d117b76efca4ca53e7a'
- '152c551bd03e92d6458b0d9f352c97eb058014ab019fa213167a6f8178bd6d71'
+ 'e862ecd2cb0b20e1859ec3e47616457a9a3acb111cd5a86094f9ed1dbd7f42ac'
'f1abc13a8d859fbf6350040e45d7f04ad551a6d39f113ba96fbbd820118c0e36'
'c5405139aa0a90a6f68f6a13e066a2bd0600c970f9f525cd3aa114b044a7f73b'
'8c11086809864b5cef7d079f930bd40da8d0869c091965fa62e95de9a0fe13b5'
'e7ebf050c22bcec0028c0b3c79fd6d3913b0370ecc6a23dfe78ce475630cf503'
'0f81d6e4158b7beeb0eb514f1b9401f7e23699cb0f7b0d513e25dae1815daaeb'
- '8f2974e3c204c6a7c0a64e1048ec56cb8aebb65d6383453008dfe8e3049e177e'
+ 'eb5aa60f85a2fbf62cff64215bc819913e160e48b39d0a03f72542db5d4d33ad'
'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21'
'75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919'
'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65')
@@ -85,16 +79,14 @@ prepare() {
# patch -Np1 < ../patch-${_majver}-${_pkgver}
# fi
+
# Hotfixes
msg2 "Applying hotfixes"
- patch -p1 -i ../0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
- patch -p1 -i ../0002-ZEN-Add-CONFIG-for-unprivileged_userns_clone.patch
- patch -p1 -i ../0003-Btrfs-fix-unwritten-extent-buffers-and-hangs-on-future-writeback-attempts.patch
+ patch -p1 -i ../0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-CLONE_NEWUSER.patch
- # ck hotfixes
- msg2 "Applying ck patch hotfixes"
- patch -p1 -i ../ck_remove-excess-extraversion.patch "$srcdir/linux-ck-patch-5.2-ck1"
+ # fix naming schema in EXTRAVERSION of ck patch set
+ sed -i -re "s/^(.EXTRAVERSION).*$/\1 = /" "../linux-ck-patch-${_majver}-${_ckpatchversion}"
# ck patch
msg2 "Applying ck patch"
@@ -133,6 +125,13 @@ prepare() {
cp ../config.x86_64 .config
fi
+ # https://bbs.archlinux.org/viewtopic.php?pid=1824594#p1824594
+ sed -i -e 's/# CONFIG_PSI_DEFAULT_DISABLED is not set/CONFIG_PSI_DEFAULT_DISABLED=y/' ./.config
+
+ # https://bbs.archlinux.org/viewtopic.php?pid=1863567#p1863567
+ sed -i -e 's/CONFIG_LATENCYTOP=y/# CONFIG_LATENCYTOP is not set/' \
+ -i -e 's/CONFIG_SCHED_DEBUG=y/# CONFIG_SCHED_DEBUG is not set/' ./.config
+
make olddefconfig
make menuconfig
diff --git a/ck_remove-excess-extraversion.patch b/ck_remove-excess-extraversion.patch
deleted file mode 100644
index a923f71..0000000
--- a/ck_remove-excess-extraversion.patch
+++ /dev/null
@@ -1,16 +0,0 @@
---- a/linux-ck-patch-5.2-ck1
-+++ b/linux-ck-patch-5.2-ck1
-@@ -833,13 +833,0 @@
----- a/Makefile
--+++ b/Makefile
--@@ -15,6 +15,10 @@ NAME = Bobtail Squid
-- PHONY := _all
-- _all:
--
--+CKVERSION = -ck1
--+CKNAME = MuQSS Powered
--+EXTRAVERSION := $(EXTRAVERSION)$(CKVERSION)
--+
-- # We are using a recursive build, so we need to do a little thinking
-- # to get the ordering right.
-- #
diff --git a/config.x86_64 b/config.x86_64
index abec627..0f36f7d 100644
--- a/config.x86_64
+++ b/config.x86_64
@@ -114,7 +114,7 @@ CONFIG_TASK_DELAY_ACCT=y
CONFIG_TASK_XACCT=y
CONFIG_TASK_IO_ACCOUNTING=y
CONFIG_PSI=y
-CONFIG_PSI_DEFAULT_DISABLED=y
+# CONFIG_PSI_DEFAULT_DISABLED is not set
# end of CPU/Task time and stats accounting
CONFIG_CPU_ISOLATION=y