X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=kconfig_hardened_check%2F__init__.py;h=4da068f77f7118689c4ba82d969a0c7d01714990;hb=3c896896129b48ed36a3afd49f558618de45a5af;hp=9bc78289064121cc424b3bd0342c6904f111c705;hpb=aec7c459ac932ee0cda039580351be545edb7de1;p=kconfig-hardened-check.git

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index 9bc7828..4da068f 100644
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -309,6 +309,7 @@ def construct_checklist(checklist, arch):
         checklist.append(OptCheck('UNMAP_KERNEL_AT_EL0',         'y', 'defconfig', 'self_protection'))
         checklist.append(OptCheck('HARDEN_EL2_VECTORS',          'y', 'defconfig', 'self_protection'))
         checklist.append(OptCheck('RODATA_FULL_DEFAULT_ENABLED', 'y', 'defconfig', 'self_protection'))
+        checklist.append(OptCheck('ARM64_PTR_AUTH',              'y', 'defconfig', 'self_protection'))
     if arch in ('X86_64', 'ARM64'):
         checklist.append(OptCheck('VMAP_STACK',                  'y', 'defconfig', 'self_protection'))
     if arch in ('X86_64', 'ARM64', 'X86_32'):
@@ -495,8 +496,6 @@ def construct_checklist(checklist, arch):
     checklist.append(OptCheck('INPUT_EVBUG',          'is not set', 'my', 'cut_attack_surface')) # Can be used as a keylogger
 
     checklist.append(OptCheck('INTEGRITY',       'y', 'defconfig', 'userspace_hardening'))
-    if arch == 'ARM64':
-        checklist.append(OptCheck('ARM64_PTR_AUTH',       'y', 'defconfig', 'userspace_hardening'))
     if arch in ('ARM', 'X86_32'):
         checklist.append(OptCheck('VMSPLIT_3G',           'y', 'defconfig', 'userspace_hardening'))
     if arch in ('X86_64', 'ARM64'):