l += [KconfigCheck('self_protection', 'defconfig', 'DEBUG_ALIGN_RODATA', 'y')]
# 'self_protection', 'kspp'
- l += [KconfigCheck('self_protection', 'kspp', 'LIST_HARDENED', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'RANDOM_KMALLOC_CACHES', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'SLAB_MERGE_DEFAULT', 'is not set')]
l += [KconfigCheck('self_protection', 'kspp', 'BUG_ON_DATA_CORRUPTION', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'SLAB_FREELIST_RANDOM', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'SHUFFLE_PAGE_ALLOCATOR', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'FORTIFY_SOURCE', 'y')]
- l += [KconfigCheck('self_protection', 'kspp', 'DEBUG_LIST', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'DEBUG_VIRTUAL', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'DEBUG_SG', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'INIT_ON_ALLOC_DEFAULT_ON', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'SECURITY_LOCKDOWN_LSM', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'SECURITY_LOCKDOWN_LSM_EARLY', 'y')]
l += [KconfigCheck('self_protection', 'kspp', 'LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY', 'y')]
+ l += [OR(KconfigCheck('self_protection', 'kspp', 'LIST_HARDENED', 'y'),
+ KconfigCheck('self_protection', 'kspp', 'DEBUG_LIST', 'y'))]
cfi_clang_is_set = KconfigCheck('self_protection', 'kspp', 'CFI_CLANG', 'y')
cfi_clang_permissive_not_set = KconfigCheck('self_protection', 'kspp', 'CFI_PERMISSIVE', 'is not set')
l += [OR(KconfigCheck('self_protection', 'kspp', 'DEBUG_CREDENTIALS', 'y'),
projects / kconfig-hardened-check.git / commitdiff