X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=kconfig_hardened_check%2Fchecks.py;h=8e52fd8fc27e98cbaa0af8c4c92ecd35b0408a9f;hb=4d5de9965b33f1eff1e15cb794fe0cfa734325fb;hp=5b917bfbfd41d5cc0f8dc781df6f512c0de51ea6;hpb=328a89c7703915bc9c8eb6e66eebb6944caf94bb;p=kconfig-hardened-check.git diff --git a/kconfig_hardened_check/checks.py b/kconfig_hardened_check/checks.py index 5b917bf..8e52fd8 100644 --- a/kconfig_hardened_check/checks.py +++ b/kconfig_hardened_check/checks.py @@ -1,12 +1,22 @@ #!/usr/bin/python3 +""" +This tool helps me to check Linux kernel options against +my security hardening preferences for X86_64, ARM64, X86_32, and ARM. +Let the computers do their job! + +Author: Alexander Popov + +This module contains knowledge for checks. +""" + # N.B. Hardening sysctls: # kernel.kptr_restrict=2 (or 1?) # kernel.dmesg_restrict=1 (also see the kconfig option) # kernel.perf_event_paranoid=2 (or 3 with a custom patch, see https://lwn.net/Articles/696216/) # kernel.kexec_load_disabled=1 # kernel.yama.ptrace_scope=3 -# user.max_user_namespaces=0 +# user.max_user_namespaces=0 (for Debian, also see kernel.unprivileged_userns_clone) # what about bpf_jit_enable? # kernel.unprivileged_bpf_disabled=1 # net.core.bpf_jit_harden=2 @@ -21,8 +31,12 @@ # fs.protected_regular=2 # fs.suid_dumpable=0 # kernel.modules_disabled=1 -# kernel.randomize_va_space = 2 +# kernel.randomize_va_space=2 # nosmt sysfs control file +# dev.tty.legacy_tiocsti=0 +# vm.mmap_rnd_bits=max (?) +# kernel.sysrq=0 +# abi.vsyscall32 (any value except 2) # # Think of these boot params: # module.sig_enforce=1 @@ -33,8 +47,8 @@ # amd_iommu=on # efi=disable_early_pci_dma -# pylint: disable=missing-module-docstring,missing-class-docstring,missing-function-docstring -# pylint: disable=line-too-long,invalid-name,too-many-branches,too-many-statements +# pylint: disable=missing-function-docstring,line-too-long,invalid-name +# pylint: disable=too-many-branches,too-many-statements from .engine import KconfigCheck, CmdlineCheck, VersionCheck, OR, AND @@ -124,6 +138,7 @@ def add_kconfig_checks(l, arch): l += [KconfigCheck('self_protection', 'defconfig', 'CPU_SW_DOMAIN_PAN', 'y')] l += [KconfigCheck('self_protection', 'defconfig', 'HARDEN_BRANCH_PREDICTOR', 'y')] l += [KconfigCheck('self_protection', 'defconfig', 'HARDEN_BRANCH_HISTORY', 'y')] + l += [KconfigCheck('self_protection', 'defconfig', 'DEBUG_ALIGN_RODATA', 'y')] # 'self_protection', 'kspp' l += [KconfigCheck('self_protection', 'kspp', 'BUG_ON_DATA_CORRUPTION', 'y')] @@ -151,9 +166,9 @@ def add_kconfig_checks(l, arch): hardened_usercopy_is_set = KconfigCheck('self_protection', 'kspp', 'HARDENED_USERCOPY', 'y') l += [hardened_usercopy_is_set] l += [AND(KconfigCheck('self_protection', 'kspp', 'HARDENED_USERCOPY_FALLBACK', 'is not set'), - hardened_usercopy_is_set)] + hardened_usercopy_is_set)] # usercopy whitelist violations should be prohibited l += [AND(KconfigCheck('self_protection', 'kspp', 'HARDENED_USERCOPY_PAGESPAN', 'is not set'), - hardened_usercopy_is_set)] + hardened_usercopy_is_set)] # this debugging for HARDENED_USERCOPY is not needed for security l += [AND(KconfigCheck('self_protection', 'kspp', 'GCC_PLUGIN_LATENT_ENTROPY', 'y'), gcc_plugins_support_is_set)] l += [OR(KconfigCheck('self_protection', 'kspp', 'MODULE_SIG', 'y'), @@ -241,9 +256,9 @@ def add_kconfig_checks(l, arch): # 'security_policy' if arch in ('X86_64', 'ARM64', 'X86_32'): - l += [KconfigCheck('security_policy', 'defconfig', 'SECURITY', 'y')] # and choose your favourite LSM + l += [KconfigCheck('security_policy', 'defconfig', 'SECURITY', 'y')] if arch == 'ARM': - l += [KconfigCheck('security_policy', 'kspp', 'SECURITY', 'y')] # and choose your favourite LSM + l += [KconfigCheck('security_policy', 'kspp', 'SECURITY', 'y')] l += [KconfigCheck('security_policy', 'kspp', 'SECURITY_YAMA', 'y')] l += [KconfigCheck('security_policy', 'kspp', 'SECURITY_LANDLOCK', 'y')] l += [KconfigCheck('security_policy', 'kspp', 'SECURITY_SELINUX_DISABLE', 'is not set')] @@ -253,6 +268,10 @@ def add_kconfig_checks(l, arch): l += [KconfigCheck('security_policy', 'kspp', 'SECURITY_LOCKDOWN_LSM_EARLY', 'y')] l += [KconfigCheck('security_policy', 'kspp', 'LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY', 'y')] l += [KconfigCheck('security_policy', 'kspp', 'SECURITY_WRITABLE_HOOKS', 'is not set')] # refers to SECURITY_SELINUX_DISABLE + l += [OR(KconfigCheck('security_policy', 'my', 'SECURITY_SELINUX', 'y'), + KconfigCheck('security_policy', 'my', 'SECURITY_APPARMOR', 'y'), + KconfigCheck('security_policy', 'my', 'SECURITY_SMACK', 'y'), + KconfigCheck('security_policy', 'my', 'SECURITY_TOMOYO', 'y'))] # one of major LSMs implementing MAC # 'cut_attack_surface', 'defconfig' l += [KconfigCheck('cut_attack_surface', 'defconfig', 'SECCOMP', 'y')] @@ -270,7 +289,6 @@ def add_kconfig_checks(l, arch): l += [KconfigCheck('cut_attack_surface', 'kspp', 'ACPI_CUSTOM_METHOD', 'is not set')] # refers to LOCKDOWN l += [KconfigCheck('cut_attack_surface', 'kspp', 'COMPAT_BRK', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'kspp', 'DEVKMEM', 'is not set')] # refers to LOCKDOWN - l += [KconfigCheck('cut_attack_surface', 'kspp', 'COMPAT_VDSO', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'kspp', 'BINFMT_MISC', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'kspp', 'INET_DIAG', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'kspp', 'KEXEC', 'is not set')] # refers to LOCKDOWN @@ -290,8 +308,10 @@ def add_kconfig_checks(l, arch): devmem_not_set)] # refers to LOCKDOWN l += [AND(KconfigCheck('cut_attack_surface', 'kspp', 'LDISC_AUTOLOAD', 'is not set'), KconfigCheck('cut_attack_surface', 'kspp', 'LDISC_AUTOLOAD', 'is present'))] - if arch == 'X86_64': - l += [KconfigCheck('cut_attack_surface', 'kspp', 'LEGACY_VSYSCALL_NONE', 'y')] # 'vsyscall=none' + if arch in ('X86_64', 'X86_32'): + l += [KconfigCheck('cut_attack_surface', 'kspp', 'COMPAT_VDSO', 'is not set')] + # CONFIG_COMPAT_VDSO disabled ASLR of vDSO only on X86_64 and X86_32; + # on ARM64 this option has different meaning if arch == 'ARM': l += [OR(KconfigCheck('cut_attack_surface', 'kspp', 'STRICT_DEVMEM', 'y'), devmem_not_set)] # refers to LOCKDOWN @@ -350,7 +370,6 @@ def add_kconfig_checks(l, arch): l += [KconfigCheck('cut_attack_surface', 'clipos', 'STAGING', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'clipos', 'KSM', 'is not set')] # to prevent FLUSH+RELOAD attack l += [KconfigCheck('cut_attack_surface', 'clipos', 'KALLSYMS', 'is not set')] - l += [KconfigCheck('cut_attack_surface', 'clipos', 'X86_VSYSCALL_EMULATION', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'clipos', 'MAGIC_SYSRQ', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'clipos', 'KEXEC_FILE', 'is not set')] # refers to LOCKDOWN (permissive) l += [KconfigCheck('cut_attack_surface', 'clipos', 'USER_NS', 'is not set')] # user.max_user_namespaces=0 @@ -360,6 +379,11 @@ def add_kconfig_checks(l, arch): l += [KconfigCheck('cut_attack_surface', 'clipos', 'EFI_CUSTOM_SSDT_OVERLAYS', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'clipos', 'COREDUMP', 'is not set')] # cut userspace attack surface # l += [KconfigCheck('cut_attack_surface', 'clipos', 'IKCONFIG', 'is not set')] # no, IKCONFIG is needed for this check :) + if arch == 'X86_64': + l += [OR(KconfigCheck('cut_attack_surface', 'clipos', 'X86_VSYSCALL_EMULATION', 'is not set'), + KconfigCheck('cut_attack_surface', 'kspp', 'LEGACY_VSYSCALL_NONE', 'y'))] + # disabling X86_VSYSCALL_EMULATION turns vsyscall off completely, + # and LEGACY_VSYSCALL_NONE can be changed at boot time via the cmdline parameter # 'cut_attack_surface', 'lockdown' l += [KconfigCheck('cut_attack_surface', 'lockdown', 'EFI_TEST', 'is not set')] # refers to LOCKDOWN @@ -368,6 +392,7 @@ def add_kconfig_checks(l, arch): l += [bpf_syscall_not_set] # refers to LOCKDOWN # 'cut_attack_surface', 'my' + l += [KconfigCheck('cut_attack_surface', 'my', 'LEGACY_TIOCSTI', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'my', 'MMIOTRACE', 'is not set')] # refers to LOCKDOWN (permissive) l += [KconfigCheck('cut_attack_surface', 'my', 'LIVEPATCH', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'my', 'IP_DCCP', 'is not set')] @@ -377,23 +402,17 @@ def add_kconfig_checks(l, arch): l += [KconfigCheck('cut_attack_surface', 'my', 'INPUT_EVBUG', 'is not set')] # Can be used as a keylogger l += [KconfigCheck('cut_attack_surface', 'my', 'KGDB', 'is not set')] l += [KconfigCheck('cut_attack_surface', 'my', 'AIO', 'is not set')] + l += [KconfigCheck('cut_attack_surface', 'my', 'CORESIGHT', 'is not set')] l += [OR(KconfigCheck('cut_attack_surface', 'my', 'TRIM_UNUSED_KSYMS', 'y'), modules_not_set)] # 'harden_userspace' - if arch in ('X86_64', 'ARM64', 'X86_32'): - l += [KconfigCheck('harden_userspace', 'defconfig', 'INTEGRITY', 'y')] - if arch == 'ARM': - l += [KconfigCheck('harden_userspace', 'my', 'INTEGRITY', 'y')] if arch == 'ARM64': l += [KconfigCheck('harden_userspace', 'defconfig', 'ARM64_PTR_AUTH', 'y')] l += [KconfigCheck('harden_userspace', 'defconfig', 'ARM64_BTI', 'y')] if arch in ('ARM', 'X86_32'): l += [KconfigCheck('harden_userspace', 'defconfig', 'VMSPLIT_3G', 'y')] - if arch in ('X86_64', 'ARM64'): - l += [KconfigCheck('harden_userspace', 'clipos', 'ARCH_MMAP_RND_BITS', '32')] - if arch in ('X86_32', 'ARM'): - l += [KconfigCheck('harden_userspace', 'my', 'ARCH_MMAP_RND_BITS', '16')] + l += [KconfigCheck('harden_userspace', 'my', 'ARCH_MMAP_RND_BITS', 'MAX')] # 'MAX' value is refined using ARCH_MMAP_RND_BITS_MAX def add_cmdline_checks(l, arch): @@ -429,31 +448,40 @@ def add_cmdline_checks(l, arch): l += [CmdlineCheck('self_protection', 'defconfig', 'arm64.nopauth', 'is not set')] l += [CmdlineCheck('self_protection', 'defconfig', 'arm64.nomte', 'is not set')] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'spectre_v2', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'spectre_v2', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'spectre_v2', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'spectre_v2_user', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'spectre_v2_user', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'spectre_v2_user', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'spec_store_bypass_disable', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'spec_store_bypass_disable', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'spec_store_bypass_disable', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'l1tf', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'l1tf', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'l1tf', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'mds', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'mds', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'mds', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'tsx_async_abort', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'tsx_async_abort', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'tsx_async_abort', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'srbds', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'srbds', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'srbds', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'mmio_stale_data', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'mmio_stale_data', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'mmio_stale_data', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'retbleed', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'retbleed', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'retbleed', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'kpti', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'kpti', 'is not set'))] - l += [OR(CmdlineCheck('self_protection', 'defconfig', 'kvm.nx_huge_pages', 'is not off'), - CmdlineCheck('self_protection', 'defconfig', 'kvm.nx_huge_pages', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'kpti', 'is not set')))] if arch == 'ARM64': l += [OR(CmdlineCheck('self_protection', 'defconfig', 'ssbd', 'kernel'), CmdlineCheck('self_protection', 'my', 'ssbd', 'force-on'), - CmdlineCheck('self_protection', 'defconfig', 'ssbd', 'is not set'))] + AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'), + CmdlineCheck('self_protection', 'defconfig', 'ssbd', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'defconfig', 'rodata', 'full'), AND(KconfigCheck('self_protection', 'defconfig', 'RODATA_FULL_DEFAULT_ENABLED', 'y'), CmdlineCheck('self_protection', 'defconfig', 'rodata', 'is not set')))] @@ -464,6 +492,12 @@ def add_cmdline_checks(l, arch): # 'self_protection', 'kspp' l += [CmdlineCheck('self_protection', 'kspp', 'nosmt', 'is present')] l += [CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt')] # 'nosmt' by kspp + 'auto' by defconfig + l += [CmdlineCheck('self_protection', 'kspp', 'slab_merge', 'is not set')] # consequence of 'slab_nomerge' by kspp + l += [CmdlineCheck('self_protection', 'kspp', 'slub_merge', 'is not set')] # consequence of 'slab_nomerge' by kspp + l += [OR(CmdlineCheck('self_protection', 'kspp', 'slab_nomerge', 'is present'), + AND(KconfigCheck('self_protection', 'clipos', 'SLAB_MERGE_DEFAULT', 'is not set'), + CmdlineCheck('self_protection', 'kspp', 'slab_merge', 'is not set'), + CmdlineCheck('self_protection', 'kspp', 'slub_merge', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'kspp', 'init_on_alloc', '1'), AND(KconfigCheck('self_protection', 'kspp', 'INIT_ON_ALLOC_DEFAULT_ON', 'y'), CmdlineCheck('self_protection', 'kspp', 'init_on_alloc', 'is not set')))] @@ -473,10 +507,6 @@ def add_cmdline_checks(l, arch): AND(CmdlineCheck('self_protection', 'kspp', 'page_poison', '1'), KconfigCheck('self_protection', 'kspp', 'PAGE_POISONING_ZERO', 'y'), CmdlineCheck('self_protection', 'kspp', 'slub_debug', 'P')))] - l += [OR(CmdlineCheck('self_protection', 'kspp', 'slab_nomerge', 'is present'), - AND(KconfigCheck('self_protection', 'clipos', 'SLAB_MERGE_DEFAULT', 'is not set'), - CmdlineCheck('self_protection', 'kspp', 'slab_merge', 'is not set'), - CmdlineCheck('self_protection', 'clipos', 'slub_merge', 'is not set')))] l += [OR(CmdlineCheck('self_protection', 'kspp', 'iommu.strict', '1'), AND(KconfigCheck('self_protection', 'kspp', 'IOMMU_DEFAULT_DMA_STRICT', 'y'), CmdlineCheck('self_protection', 'kspp', 'iommu.strict', 'is not set')))] @@ -513,8 +543,21 @@ def add_cmdline_checks(l, arch): # 'cut_attack_surface', 'kspp' if arch == 'X86_64': l += [OR(CmdlineCheck('cut_attack_surface', 'kspp', 'vsyscall', 'none'), + KconfigCheck('cut_attack_surface', 'clipos', 'X86_VSYSCALL_EMULATION', 'is not set'), AND(KconfigCheck('cut_attack_surface', 'kspp', 'LEGACY_VSYSCALL_NONE', 'y'), CmdlineCheck('cut_attack_surface', 'kspp', 'vsyscall', 'is not set')))] + l += [OR(CmdlineCheck('cut_attack_surface', 'my', 'vdso32', '1'), + CmdlineCheck('cut_attack_surface', 'my', 'vdso32', '0'), + AND(KconfigCheck('cut_attack_surface', 'kspp', 'COMPAT_VDSO', 'is not set'), + CmdlineCheck('cut_attack_surface', 'my', 'vdso32', 'is not set')))] # the vdso32 parameter must not be 2 + if arch == 'X86_32': + l += [OR(CmdlineCheck('cut_attack_surface', 'my', 'vdso32', '1'), + CmdlineCheck('cut_attack_surface', 'my', 'vdso', '1'), + CmdlineCheck('cut_attack_surface', 'my', 'vdso32', '0'), + CmdlineCheck('cut_attack_surface', 'my', 'vdso', '0'), + AND(KconfigCheck('cut_attack_surface', 'kspp', 'COMPAT_VDSO', 'is not set'), + CmdlineCheck('cut_attack_surface', 'my', 'vdso32', 'is not set'), + CmdlineCheck('cut_attack_surface', 'my', 'vdso', 'is not set')))] # the vdso and vdso32 parameters must not be 2 # 'cut_attack_surface', 'grsec' # The cmdline checks compatible with the kconfig options disabled by grsecurity... @@ -524,48 +567,31 @@ def add_cmdline_checks(l, arch): # 'cut_attack_surface', 'my' l += [CmdlineCheck('cut_attack_surface', 'my', 'sysrq_always_enabled', 'is not set')] + # 'harden_userspace' + l += [CmdlineCheck('harden_userspace', 'defconfig', 'norandmaps', 'is not set')] + + +no_kstrtobool_options = [ + 'debugfs', # See debugfs_kernel() in fs/debugfs/inode.c + 'mitigations', # See mitigations_parse_cmdline() in kernel/cpu.c + 'pti', # See pti_check_boottime_disable() in arch/x86/mm/pti.c + 'spectre_v2', # See spectre_v2_parse_cmdline() in arch/x86/kernel/cpu/bugs.c + 'spectre_v2_user', # See spectre_v2_parse_user_cmdline() in arch/x86/kernel/cpu/bugs.c + 'spec_store_bypass_disable', # See ssb_parse_cmdline() in arch/x86/kernel/cpu/bugs.c + 'l1tf', # See l1tf_cmdline() in arch/x86/kernel/cpu/bugs.c + 'mds', # See mds_cmdline() in arch/x86/kernel/cpu/bugs.c + 'tsx_async_abort', # See tsx_async_abort_parse_cmdline() in arch/x86/kernel/cpu/bugs.c + 'srbds', # See srbds_parse_cmdline() in arch/x86/kernel/cpu/bugs.c + 'mmio_stale_data', # See mmio_stale_data_parse_cmdline() in arch/x86/kernel/cpu/bugs.c + 'retbleed', # See retbleed_parse_cmdline() in arch/x86/kernel/cpu/bugs.c + 'tsx' # See tsx_init() in arch/x86/kernel/cpu/tsx.c +] + def normalize_cmdline_options(option, value): # Don't normalize the cmdline option values if # the Linux kernel doesn't use kstrtobool() for them - if option == 'debugfs': - # See debugfs_kernel() in fs/debugfs/inode.c - return value - if option == 'mitigations': - # See mitigations_parse_cmdline() in kernel/cpu.c - return value - if option == 'pti': - # See pti_check_boottime_disable() in arch/x86/mm/pti.c - return value - if option == 'spectre_v2': - # See spectre_v2_parse_cmdline() in arch/x86/kernel/cpu/bugs.c - return value - if option == 'spectre_v2_user': - # See spectre_v2_parse_user_cmdline() in arch/x86/kernel/cpu/bugs.c - return value - if option == 'spec_store_bypass_disable': - # See ssb_parse_cmdline() in arch/x86/kernel/cpu/bugs.c - return value - if option == 'l1tf': - # See l1tf_cmdline() in arch/x86/kernel/cpu/bugs.c - return value - if option == 'mds': - # See mds_cmdline() in arch/x86/kernel/cpu/bugs.c - return value - if option == 'tsx_async_abort': - # See tsx_async_abort_parse_cmdline() in arch/x86/kernel/cpu/bugs.c - return value - if option == 'srbds': - # See srbds_parse_cmdline() in arch/x86/kernel/cpu/bugs.c - return value - if option == 'mmio_stale_data': - # See mmio_stale_data_parse_cmdline() in arch/x86/kernel/cpu/bugs.c - return value - if option == 'retbleed': - # See retbleed_parse_cmdline() in arch/x86/kernel/cpu/bugs.c - return value - if option == 'tsx': - # See tsx_init() in arch/x86/kernel/cpu/tsx.c + if option in no_kstrtobool_options: return value # Implement a limited part of the kstrtobool() logic