- checklist.append(OptCheck('HIBERNATION', 'is not set', 'kspp', 'cut_attack_surface')) # refers to LOCK_DOWN_KERNEL
- if arch == 'X86_64':
- checklist.append(OptCheck('LEGACY_VSYSCALL_NONE', 'y', 'kspp', 'cut_attack_surface')) # 'vsyscall=none'
- checklist.append(OptCheck('IA32_EMULATION', 'is not set', 'kspp', 'cut_attack_surface'))
- checklist.append(OptCheck('X86_X32', 'is not set', 'kspp', 'cut_attack_surface'))
- checklist.append(OptCheck('MODIFY_LDT_SYSCALL', 'is not set', 'kspp', 'cut_attack_surface'))
- if arch == 'ARM':
- checklist.append(OptCheck('OABI_COMPAT', 'is not set', 'kspp', 'cut_attack_surface'))
+ checklist.append(OptCheck('HIBERNATION', 'is not set', 'kspp', 'cut_attack_surface')) # refers to LOCKDOWN
+ checklist.append(OptCheck('IA32_EMULATION', 'is not set', 'kspp', 'cut_attack_surface'))
+ checklist.append(OptCheck('X86_X32', 'is not set', 'kspp', 'cut_attack_surface'))
+ checklist.append(OptCheck('MODIFY_LDT_SYSCALL', 'is not set', 'kspp', 'cut_attack_surface'))
+ checklist.append(OptCheck('OABI_COMPAT', 'is not set', 'kspp', 'cut_attack_surface'))