X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=kconfig_hardened_check%2F__init__.py;h=3e6e6096d036ae889f6afc05db8174e1b8a113e7;hb=45bb1e8f0e193715e0b0072929f063b765b78287;hp=8ba238c4a43e66783d45b54518877a869236a9b2;hpb=4e739dbfbda89c8f0d30f81da453400cf1688c6a;p=kconfig-hardened-check.git

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index 8ba238c..3e6e609 100644
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -306,7 +306,8 @@ def construct_checklist(l, arch):
         l += [OptCheck('self_protection', 'defconfig', 'ARM64_PAN', 'y')]
         l += [OptCheck('self_protection', 'defconfig', 'UNMAP_KERNEL_AT_EL0', 'y')]
         l += [OR(OptCheck('self_protection', 'defconfig', 'HARDEN_EL2_VECTORS', 'y'),
-                 VerCheck((5,9)))] # HARDEN_EL2_VECTORS was removed in v5.9
+                 AND(OptCheck('self_protection', 'defconfig', 'RANDOMIZE_BASE', 'y'),
+                     VerCheck((5, 9))))] # HARDEN_EL2_VECTORS was included in RANDOMIZE_BASE in v5.9
         l += [OptCheck('self_protection', 'defconfig', 'RODATA_FULL_DEFAULT_ENABLED', 'y')]
         l += [OptCheck('self_protection', 'defconfig', 'ARM64_PTR_AUTH', 'y')]
     if arch in ('X86_64', 'ARM64'):