Add some new sysctls (to remember them)

author Alexander Popov <alex.popov@linux.com>

Thu, 22 Aug 2019 10:34:49 +0000 (13:34 +0300)

committer Alexander Popov <alex.popov@linux.com>

Thu, 22 Aug 2019 10:34:49 +0000 (13:34 +0300)
author Alexander Popov <alex.popov@linux.com>
Thu, 22 Aug 2019 10:34:49 +0000 (13:34 +0300)
committer Alexander Popov <alex.popov@linux.com>
Thu, 22 Aug 2019 10:34:49 +0000 (13:34 +0300)
diff --git a/kconfig-hardened-check.py b/kconfig-hardened-check.py

index a7a7d9cf05df6b867ed03c1c5052590a3e8460dd..10c2997ad0802556b165df7925506340171f363c 100755 (executable)
--- a/kconfig-hardened-check.py
+++ b/kconfig-hardened-check.py
@@ -32,9 +32,13 @@
  #           kpti=on
  #           ssbd=force-on
  #
-# N.B. Hardening sysctl's:
-#    net.core.bpf_jit_harden
+# N.B. Hardening sysctls:
+#    net.core.bpf_jit_harden=2
  #    kptr_restrict=2
+#    vm.unprivileged_userfaultfd=0
+#    kernel.perf_event_paranoid=3
+#    kernel.yama.ptrace_scope=1
+#    kernel.unprivileged_bpf_disabled=1
  
  import sys
  from argparse import ArgumentParser
author	Alexander Popov <alex.popov@linux.com>
	Thu, 22 Aug 2019 10:34:49 +0000 (13:34 +0300)
committer	Alexander Popov <alex.popov@linux.com>
	Thu, 22 Aug 2019 10:34:49 +0000 (13:34 +0300)