Check hardened_usercopy in the cmdline

author Alexander Popov <alex.popov@linux.com>

Sat, 13 Aug 2022 19:58:05 +0000 (22:58 +0300)

committer Alexander Popov <alex.popov@linux.com>

Sat, 13 Aug 2022 19:58:05 +0000 (22:58 +0300)
author Alexander Popov <alex.popov@linux.com>
Sat, 13 Aug 2022 19:58:05 +0000 (22:58 +0300)
committer Alexander Popov <alex.popov@linux.com>
Sat, 13 Aug 2022 19:58:05 +0000 (22:58 +0300)
diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py

index cb8d54bf96cd166552f9411745f4b61151fb70d7..c8d0334e0e965804d498dae02e7d64815e83f644 100644 (file)
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -673,6 +673,9 @@ def add_cmdline_checks(l, arch):
      l += [OR(CmdlineCheck('self_protection', 'kspp', 'iommu.passthrough', '0'),
               AND(KconfigCheck('self_protection', 'kspp', 'IOMMU_DEFAULT_PASSTHROUGH', 'is not set'),
                   CmdlineCheck('self_protection', 'kspp', 'iommu.passthrough', 'is not set')))]
+    l += [OR(CmdlineCheck('self_protection', 'kspp', 'hardened_usercopy', '1'),
+             AND(KconfigCheck('self_protection', 'kspp', 'HARDENED_USERCOPY', 'y'),
+                 CmdlineCheck('self_protection', 'kspp', 'hardened_usercopy', 'is not set')))]
      l += [OR(CmdlineCheck('self_protection', 'kspp', 'slab_common.usercopy_fallback', '0'),
               AND(KconfigCheck('self_protection', 'kspp', 'HARDENED_USERCOPY_FALLBACK', 'is not set'),
                   CmdlineCheck('self_protection', 'kspp', 'slab_common.usercopy_fallback', 'is not set')))]
author	Alexander Popov <alex.popov@linux.com>
	Sat, 13 Aug 2022 19:58:05 +0000 (22:58 +0300)
committer	Alexander Popov <alex.popov@linux.com>
	Sat, 13 Aug 2022 19:58:05 +0000 (22:58 +0300)