Check X86_MCE, X86_MCE_INTEL, X86_MCE_AMD (recommended by Clip OS)

author Alexander Popov <alex.popov@linux.com>

Sun, 9 Oct 2022 12:32:55 +0000 (15:32 +0300)

committer Alexander Popov <alex.popov@linux.com>

Sun, 9 Oct 2022 12:32:55 +0000 (15:32 +0300)
author Alexander Popov <alex.popov@linux.com>
Sun, 9 Oct 2022 12:32:55 +0000 (15:32 +0300)
committer Alexander Popov <alex.popov@linux.com>
Sun, 9 Oct 2022 12:32:55 +0000 (15:32 +0300)
diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py

index 340975865825c3b10399600c79b1bce4ba610776..a13f0f84ecc4d48d3d8ba25695812af5478c6f15 100644 (file)
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -365,6 +365,9 @@ def add_kconfig_checks(l, arch):
      if arch in ('X86_64', 'ARM64'):
          l += [KconfigCheck('self_protection', 'defconfig', 'VMAP_STACK', 'y')]
      if arch in ('X86_64', 'X86_32'):
+        l += [KconfigCheck('self_protection', 'defconfig', 'X86_MCE', 'y')]
+        l += [KconfigCheck('self_protection', 'defconfig', 'X86_MCE_INTEL', 'y')]
+        l += [KconfigCheck('self_protection', 'defconfig', 'X86_MCE_AMD', 'y')]
          l += [KconfigCheck('self_protection', 'defconfig', 'MICROCODE', 'y')] # is needed for mitigating CPU bugs
          l += [KconfigCheck('self_protection', 'defconfig', 'RETPOLINE', 'y')]
          l += [OR(KconfigCheck('self_protection', 'defconfig', 'X86_SMAP', 'y'),
author	Alexander Popov <alex.popov@linux.com>
	Sun, 9 Oct 2022 12:32:55 +0000 (15:32 +0300)
committer	Alexander Popov <alex.popov@linux.com>
	Sun, 9 Oct 2022 12:32:55 +0000 (15:32 +0300)