Check the pti cmdline parameter

author Alexander Popov <alex.popov@linux.com>

Sat, 28 May 2022 17:42:35 +0000 (20:42 +0300)

committer Alexander Popov <alex.popov@linux.com>

Sat, 28 May 2022 18:53:05 +0000 (21:53 +0300)
author Alexander Popov <alex.popov@linux.com>
Sat, 28 May 2022 17:42:35 +0000 (20:42 +0300)
committer Alexander Popov <alex.popov@linux.com>
Sat, 28 May 2022 18:53:05 +0000 (21:53 +0300)
diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py

index fa06f8ecf169e388e931301bd47ad3c0fbab9dde..a2fe794ae623efb1d3f3602a49ff7d8897eac6bb 100644 (file)
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -26,7 +26,6 @@
  #           mitigations=auto,nosmt (nosmt is slow)
  #       X86:
  #           spectre_v2=on
-#           pti=on
  #           spec_store_bypass_disable=on
  #           l1tf=full,force
  #           l1d_flush=on (a part of the l1tf option)
@@ -661,6 +660,8 @@ def add_cmdline_checks(l, arch):
      # Calling the CmdlineCheck class constructor:
      #     CmdlineCheck(reason, decision, name, expected)
  
+    if arch in ('X86_64', 'X86_32'):
+        l += [CmdlineCheck('self_protection', 'kspp', 'pti', 'on')]
      # TODO: add other
author	Alexander Popov <alex.popov@linux.com>
	Sat, 28 May 2022 17:42:35 +0000 (20:42 +0300)
committer	Alexander Popov <alex.popov@linux.com>
	Sat, 28 May 2022 18:53:05 +0000 (21:53 +0300)