Add the CONFIG_LIST_HARDENED check

author Alexander Popov <alex.popov@linux.com>

Sat, 16 Dec 2023 21:21:10 +0000 (00:21 +0300)

committer Alexander Popov <alex.popov@linux.com>

Sat, 16 Dec 2023 21:21:10 +0000 (00:21 +0300)
author Alexander Popov <alex.popov@linux.com>
Sat, 16 Dec 2023 21:21:10 +0000 (00:21 +0300)
committer Alexander Popov <alex.popov@linux.com>
Sat, 16 Dec 2023 21:21:10 +0000 (00:21 +0300)
diff --git a/kernel_hardening_checker/checks.py b/kernel_hardening_checker/checks.py

index 5943e531fa192a0e5dfb5c7e9ad3a11cc1de745d..48f256c73ce1eb52440b802e0b66aacca7a1b4ae 100644 (file)
--- a/kernel_hardening_checker/checks.py
+++ b/kernel_hardening_checker/checks.py
@@ -229,6 +229,9 @@ def add_kconfig_checks(l, arch):
      # 'self_protection', 'clipos'
      l += [KconfigCheck('self_protection', 'clipos', 'SLAB_MERGE_DEFAULT', 'is not set')]
  
+    # 'self_protection', 'my'
+    l += [KconfigCheck('self_protection', 'my', 'LIST_HARDENED', 'y')]
+
      # 'security_policy'
      if arch in ('X86_64', 'ARM64', 'X86_32'):
          l += [KconfigCheck('security_policy', 'defconfig', 'SECURITY', 'y')]
author	Alexander Popov <alex.popov@linux.com>
	Sat, 16 Dec 2023 21:21:10 +0000 (00:21 +0300)
committer	Alexander Popov <alex.popov@linux.com>
	Sat, 16 Dec 2023 21:21:10 +0000 (00:21 +0300)