HARDEN_BRANCH_PREDICTOR for ARM64 is enabled by default since v5.10

author Alexander Popov <alex.popov@linux.com>

Sat, 19 Jun 2021 10:04:30 +0000 (13:04 +0300)

committer Alexander Popov <alex.popov@linux.com>

Sat, 19 Jun 2021 10:26:22 +0000 (13:26 +0300)
author Alexander Popov <alex.popov@linux.com>
Sat, 19 Jun 2021 10:04:30 +0000 (13:04 +0300)
committer Alexander Popov <alex.popov@linux.com>
Sat, 19 Jun 2021 10:26:22 +0000 (13:26 +0300)
diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py

index a5bac1c2348f4e4056abd6dcae58a601eeaff46a..b8bfa1568b8f625d7a94e90e765556e996a0cb02 100644 (file)
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -322,7 +322,10 @@ def construct_checklist(l, arch):
      if arch == 'ARM':
          l += [OptCheck('self_protection', 'defconfig', 'CPU_SW_DOMAIN_PAN', 'y')]
          l += [OptCheck('self_protection', 'defconfig', 'STACKPROTECTOR_PER_TASK', 'y')]
-    if arch in ('ARM64', 'ARM'):
+    if arch == 'ARM64':
+        l += [OR(OptCheck('self_protection', 'defconfig', 'HARDEN_BRANCH_PREDICTOR', 'y'),
+             VerCheck((5, 10)))] # HARDEN_BRANCH_PREDICTOR is enabled by default since v5.10
+    if arch == 'ARM':
          l += [OptCheck('self_protection', 'defconfig', 'HARDEN_BRANCH_PREDICTOR', 'y')]
  
      # 'self_protection', 'kspp'
author	Alexander Popov <alex.popov@linux.com>
	Sat, 19 Jun 2021 10:04:30 +0000 (13:04 +0300)
committer	Alexander Popov <alex.popov@linux.com>
	Sat, 19 Jun 2021 10:26:22 +0000 (13:26 +0300)