CONFIG_DEBUG_CREDENTIALS | y | kspp | self_protection || FAIL: "is not set"
CONFIG_DEBUG_NOTIFIERS | y | kspp | self_protection || FAIL: "is not set"
CONFIG_MODULE_SIG_FORCE | y | kspp | self_protection || FAIL: "is not set"
- CONFIG_HARDENED_USERCOPY_FALLBACK | is not set | kspp | self_protection || FAIL: not found
+ CONFIG_HARDENED_USERCOPY_FALLBACK | is not set | kspp | self_protection || OK: not found
CONFIG_GCC_PLUGIN_STACKLEAK | y | my | self_protection || FAIL: not found
CONFIG_SLUB_DEBUG_ON | y | my | self_protection || FAIL: "is not set"
CONFIG_SECURITY_DMESG_RESTRICT | y | my | self_protection || FAIL: "is not set"
CONFIG_STATIC_USERMODEHELPER | y | my | self_protection || FAIL: "is not set"
- CONFIG_PAGE_POISONING_NO_SANITY | is not set | my | self_protection || FAIL: not found
- CONFIG_PAGE_POISONING_ZERO | is not set | my | self_protection || FAIL: not found
+ CONFIG_PAGE_POISONING_NO_SANITY | is not set | my | self_protection || OK: not found
+ CONFIG_PAGE_POISONING_ZERO | is not set | my | self_protection || OK: not found
CONFIG_SECURITY | y | ubuntu18 | security_policy || OK
CONFIG_SECURITY_YAMA | y | ubuntu18 | security_policy || OK
CONFIG_SECURITY_SELINUX_DISABLE | is not set | ubuntu18 | security_policy || OK
CONFIG_ARCH_MMAP_RND_BITS | 32 | my |userspace_protection|| FAIL: "28"
CONFIG_LKDTM | m | my | feature_test || FAIL: "is not set"
-[-] config check is NOT PASSED: 55 errors
+[-] config check is NOT PASSED: 52 errors
```
__Go and fix them all!__
print(' ===========================================================================================================')
for o in opt_list:
if o[1] == '':
- error_count += 1
- o[1] = 'FAIL: not found'
+ if o[0].state == 'is not set':
+ o[1] = 'OK: not found'
+ else:
+ error_count += 1
+ o[1] = 'FAIL: not found'
print(' CONFIG_{:<32}|{:^13}|{:^10}|{:^20}||{:^20}'.format(o[0].name, o[0].state, o[0].decision, o[0].reason, o[1]))
print()
projects / kconfig-hardened-check.git / commitdiff