projects
/
kconfig-hardened-check.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
69b66ef
)
Add ARM64_PTR_AUTH_KERNEL extracted from ARM64_PTR_AUTH
author
Alexander Popov
<alex.popov@linux.com>
Sun, 5 Dec 2021 11:57:08 +0000
(14:57 +0300)
committer
Alexander Popov
<alex.popov@linux.com>
Sun, 5 Dec 2021 11:57:08 +0000
(14:57 +0300)
kconfig_hardened_check/__init__.py
patch
|
blob
|
history
diff --git
a/kconfig_hardened_check/__init__.py
b/kconfig_hardened_check/__init__.py
index e1f9082cd684cdb3080fd2a7c376ed745b5bd9b4..3a55b44dd1786672ee82fd79fb262a378b357b6c 100644
(file)
--- a/
kconfig_hardened_check/__init__.py
+++ b/
kconfig_hardened_check/__init__.py
@@
-335,7
+335,7
@@
def construct_checklist(l, arch):
AND(OptCheck('self_protection', 'defconfig', 'RANDOMIZE_BASE', 'y'),
VerCheck((5, 9))))] # HARDEN_EL2_VECTORS was included in RANDOMIZE_BASE in v5.9
l += [OptCheck('self_protection', 'defconfig', 'RODATA_FULL_DEFAULT_ENABLED', 'y')]
AND(OptCheck('self_protection', 'defconfig', 'RANDOMIZE_BASE', 'y'),
VerCheck((5, 9))))] # HARDEN_EL2_VECTORS was included in RANDOMIZE_BASE in v5.9
l += [OptCheck('self_protection', 'defconfig', 'RODATA_FULL_DEFAULT_ENABLED', 'y')]
- l += [OptCheck('self_protection', 'defconfig', 'ARM64_PTR_AUTH', 'y')]
+ l += [OptCheck('self_protection', 'defconfig', 'ARM64_PTR_AUTH
_KERNEL
', 'y')]
l += [OptCheck('self_protection', 'defconfig', 'ARM64_BTI_KERNEL', 'y')]
l += [OR(OptCheck('self_protection', 'defconfig', 'HARDEN_BRANCH_PREDICTOR', 'y'),
VerCheck((5, 10)))] # HARDEN_BRANCH_PREDICTOR is enabled by default since v5.10
l += [OptCheck('self_protection', 'defconfig', 'ARM64_BTI_KERNEL', 'y')]
l += [OR(OptCheck('self_protection', 'defconfig', 'HARDEN_BRANCH_PREDICTOR', 'y'),
VerCheck((5, 10)))] # HARDEN_BRANCH_PREDICTOR is enabled by default since v5.10