projects
/
kconfig-hardened-check.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
1e2a125
)
GrapheneOS is the continuation of CopperheadOS
34/head
author
madaidan
<50278627+madaidan@users.noreply.github.com>
Sun, 22 Mar 2020 19:34:23 +0000
(19:34 +0000)
committer
GitHub
<noreply@github.com>
Sun, 22 Mar 2020 19:34:23 +0000
(19:34 +0000)
kconfig-hardened-check.py
patch
|
blob
|
history
diff --git
a/kconfig-hardened-check.py
b/kconfig-hardened-check.py
index c5dcb06a1b67f9f8f1e292f14aaa8ca82aae9db0..923402bf6e62cc6714b71bf616445412337d5cd5 100755
(executable)
--- a/
kconfig-hardened-check.py
+++ b/
kconfig-hardened-check.py
@@
-426,7
+426,7
@@
def construct_checklist(checklist, arch):
checklist.append(AND(OptCheck('LDISC_AUTOLOAD', 'is not set', 'clipos', 'cut_attack_surface'), \
VerCheck((5, 1)))) # LDISC_AUTOLOAD can be disabled since v5.1
checklist.append(AND(OptCheck('LDISC_AUTOLOAD', 'is not set', 'clipos', 'cut_attack_surface'), \
VerCheck((5, 1)))) # LDISC_AUTOLOAD can be disabled since v5.1
- checklist.append(OptCheck('AIO', 'is not set', '
copperhead
', 'cut_attack_surface'))
+ checklist.append(OptCheck('AIO', 'is not set', '
grapheneos
', 'cut_attack_surface'))
checklist.append(OptCheck('MMIOTRACE', 'is not set', 'my', 'cut_attack_surface')) # refers to LOCKDOWN (permissive)
checklist.append(OptCheck('LIVEPATCH', 'is not set', 'my', 'cut_attack_surface'))
checklist.append(OptCheck('MMIOTRACE', 'is not set', 'my', 'cut_attack_surface')) # refers to LOCKDOWN (permissive)
checklist.append(OptCheck('LIVEPATCH', 'is not set', 'my', 'cut_attack_surface'))