summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
4e739db)
In fact HARDEN_EL2_VECTORS was included in RANDOMIZE_BASE in v5.9.
Use new nested ComplexOptChecks for this rule.
Refers to #48.
l += [OptCheck('self_protection', 'defconfig', 'ARM64_PAN', 'y')]
l += [OptCheck('self_protection', 'defconfig', 'UNMAP_KERNEL_AT_EL0', 'y')]
l += [OR(OptCheck('self_protection', 'defconfig', 'HARDEN_EL2_VECTORS', 'y'),
l += [OptCheck('self_protection', 'defconfig', 'ARM64_PAN', 'y')]
l += [OptCheck('self_protection', 'defconfig', 'UNMAP_KERNEL_AT_EL0', 'y')]
l += [OR(OptCheck('self_protection', 'defconfig', 'HARDEN_EL2_VECTORS', 'y'),
- VerCheck((5,9)))] # HARDEN_EL2_VECTORS was removed in v5.9
+ AND(OptCheck('self_protection', 'defconfig', 'RANDOMIZE_BASE', 'y'),
+ VerCheck((5, 9))))] # HARDEN_EL2_VECTORS was included in RANDOMIZE_BASE in v5.9
l += [OptCheck('self_protection', 'defconfig', 'RODATA_FULL_DEFAULT_ENABLED', 'y')]
l += [OptCheck('self_protection', 'defconfig', 'ARM64_PTR_AUTH', 'y')]
if arch in ('X86_64', 'ARM64'):
l += [OptCheck('self_protection', 'defconfig', 'RODATA_FULL_DEFAULT_ENABLED', 'y')]
l += [OptCheck('self_protection', 'defconfig', 'ARM64_PTR_AUTH', 'y')]
if arch in ('X86_64', 'ARM64'):