projects
/
kconfig-hardened-check.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Check the kernel.dmesg_restrict sysctl
[kconfig-hardened-check.git]
/
kconfig_hardened_check
/
checks.py
diff --git
a/kconfig_hardened_check/checks.py
b/kconfig_hardened_check/checks.py
index fc63f3a7df593bf2ec1c4235cca04a110fe3dbba..e30746c9fc0c3af0f4a60ef75a8f8d73b486e7d1 100644
(file)
--- a/
kconfig_hardened_check/checks.py
+++ b/
kconfig_hardened_check/checks.py
@@
-609,4
+609,4
@@
def add_sysctl_checks(l, arch):
l += [SysctlCheck('self_protection', 'kspp', 'net.core.bpf_jit_harden', '2')]
- l += [SysctlCheck('
self_protection
', 'kspp', 'kernel.dmesg_restrict', '1')]
+ l += [SysctlCheck('
cut_attack_surface
', 'kspp', 'kernel.dmesg_restrict', '1')]