X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=kconfig-hardened-check.py;h=10c2997ad0802556b165df7925506340171f363c;hb=94a1a16b8115079117385630c7c91580b092715a;hp=7ec7a4b58c641e3f92c22c9c439ae8eb372f74e8;hpb=3dc3f6e9e67e5206575acb5009f472cff780328d;p=kconfig-hardened-check.git

diff --git a/kconfig-hardened-check.py b/kconfig-hardened-check.py
index 7ec7a4b..10c2997 100755
--- a/kconfig-hardened-check.py
+++ b/kconfig-hardened-check.py
@@ -32,14 +32,19 @@
 #           kpti=on
 #           ssbd=force-on
 #
-# N.B. Hardening sysctl's:
-#    net.core.bpf_jit_harden
+# N.B. Hardening sysctls:
+#    net.core.bpf_jit_harden=2
 #    kptr_restrict=2
+#    vm.unprivileged_userfaultfd=0
+#    kernel.perf_event_paranoid=3
+#    kernel.yama.ptrace_scope=1
+#    kernel.unprivileged_bpf_disabled=1
 
 import sys
 from argparse import ArgumentParser
 from collections import OrderedDict
 import re
+import json
 
 debug_mode = False  # set it to True to print the unknown options from the config
 json_mode = False   # if True, print results in JSON format
@@ -381,7 +386,7 @@ def print_checklist(checklist, with_results):
             if with_results:
                 opt.append(o.result)
             opts.append(opt)
-        print(opts)
+        print(json.dumps(opts))
         return
 
     # header