projects
/
kconfig-hardened-check.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
2bc87b8
)
HARDEN_BRANCH_PREDICTOR for ARM64 is enabled by default since v5.10
author
Alexander Popov
<alex.popov@linux.com>
Sat, 19 Jun 2021 10:04:30 +0000
(13:04 +0300)
committer
Alexander Popov
<alex.popov@linux.com>
Sat, 19 Jun 2021 10:26:22 +0000
(13:26 +0300)
kconfig_hardened_check/__init__.py
patch
|
blob
|
history
diff --git
a/kconfig_hardened_check/__init__.py
b/kconfig_hardened_check/__init__.py
index a5bac1c2348f4e4056abd6dcae58a601eeaff46a..b8bfa1568b8f625d7a94e90e765556e996a0cb02 100644
(file)
--- a/
kconfig_hardened_check/__init__.py
+++ b/
kconfig_hardened_check/__init__.py
@@
-322,7
+322,10
@@
def construct_checklist(l, arch):
if arch == 'ARM':
l += [OptCheck('self_protection', 'defconfig', 'CPU_SW_DOMAIN_PAN', 'y')]
l += [OptCheck('self_protection', 'defconfig', 'STACKPROTECTOR_PER_TASK', 'y')]
if arch == 'ARM':
l += [OptCheck('self_protection', 'defconfig', 'CPU_SW_DOMAIN_PAN', 'y')]
l += [OptCheck('self_protection', 'defconfig', 'STACKPROTECTOR_PER_TASK', 'y')]
- if arch in ('ARM64', 'ARM'):
+ if arch == 'ARM64':
+ l += [OR(OptCheck('self_protection', 'defconfig', 'HARDEN_BRANCH_PREDICTOR', 'y'),
+ VerCheck((5, 10)))] # HARDEN_BRANCH_PREDICTOR is enabled by default since v5.10
+ if arch == 'ARM':
l += [OptCheck('self_protection', 'defconfig', 'HARDEN_BRANCH_PREDICTOR', 'y')]
# 'self_protection', 'kspp'
l += [OptCheck('self_protection', 'defconfig', 'HARDEN_BRANCH_PREDICTOR', 'y')]
# 'self_protection', 'kspp'