page_poisoning_is_set))
if debug_mode or arch == 'X86_32':
checklist.append(OptCheck('PAGE_TABLE_ISOLATION', 'y', 'my', 'self_protection'))
page_poisoning_is_set))
if debug_mode or arch == 'X86_32':
checklist.append(OptCheck('PAGE_TABLE_ISOLATION', 'y', 'my', 'self_protection'))
if debug_mode or arch == 'X86_64' or arch == 'ARM64' or arch == 'X86_32':
checklist.append(OptCheck('SECURITY', 'y', 'defconfig', 'security_policy'))
if debug_mode or arch == 'X86_64' or arch == 'ARM64' or arch == 'X86_32':
checklist.append(OptCheck('SECURITY', 'y', 'defconfig', 'security_policy'))
if debug_mode or arch == 'X86_32':
checklist.append(OptCheck('MODIFY_LDT_SYSCALL', 'is not set', 'my', 'cut_attack_surface'))
if debug_mode or arch == 'X86_32':
checklist.append(OptCheck('MODIFY_LDT_SYSCALL', 'is not set', 'my', 'cut_attack_surface'))
if debug_mode or arch == 'X86_64' or arch == 'ARM64':
checklist.append(OptCheck('ARCH_MMAP_RND_BITS', '32', 'my', 'userspace_protection'))
if debug_mode or arch == 'X86_32' or arch == 'ARM':
if debug_mode or arch == 'X86_64' or arch == 'ARM64':
checklist.append(OptCheck('ARCH_MMAP_RND_BITS', '32', 'my', 'userspace_protection'))
if debug_mode or arch == 'X86_32' or arch == 'ARM':
'option name', 'desired val', 'decision', 'reason', 'check result'))
print(' ' + '=' * 115)
for opt in checklist:
'option name', 'desired val', 'decision', 'reason', 'check result'))
print(' ' + '=' * 115)
for opt in checklist:
- if opt.result:
- print(' CONFIG_{:<32}|{:^13}|{:^10}|{:^20}||{:^28}'.format(
- opt.name, opt.expected, opt.decision, opt.reason, opt.result))
+ print(' CONFIG_{:<32}|{:^13}|{:^10}|{:^20}||{:^28}'.format(
+ opt.name, opt.expected, opt.decision, opt.reason, opt.result))
- error_count = len(list(filter(lambda opt: opt.result and opt.result.startswith('FAIL'), checklist)))
+ error_count = len(list(filter(lambda opt: opt.result.startswith('FAIL'), checklist)))
+ ok_count = len(list(filter(lambda opt: opt.result.startswith('OK'), checklist)))