use ubuntu specific kernel config

[dolanjs]

Since we are applying the ubuntu overlay we should also test and use their customized kernel config as the base for applying the grsec patch.

• Specify the airgap host OS
• Download and extract the current ubuntu specific kernel config
• Transfer the config to the airgap
• Verify the signature of the config file
• place the config file as .config in the directory where menuconfig is ran prior to patching the kernel with grsec.

[conorsch]

We already get an Ubuntu-specific kernel config as long as we build under the distro we're compiling for. See #70 for tracking getting Trusty back as the default; resolving #48 will also allow us to trivially override with site-specific kernel configs for different build cases.

[conorsch]

To sidestep complications in #70, we should ship a trusty config in the role, so it's selectable via the grsecurity_build_strategy var.

[conorsch]

Have changes queued up to close this, by committing the latest trusty-based kernel config used for building kernels for SecureDrop. Will hardcode the association with the SD-specific playbook.