Drop the 'kvm.nx_huge_pages' check

author Alexander Popov <alex.popov@linux.com>

Mon, 6 Mar 2023 14:35:29 +0000 (17:35 +0300)

committer Alexander Popov <alex.popov@linux.com>

Mon, 6 Mar 2023 14:35:29 +0000 (17:35 +0300)
author Alexander Popov <alex.popov@linux.com>
Mon, 6 Mar 2023 14:35:29 +0000 (17:35 +0300)
committer Alexander Popov <alex.popov@linux.com>
Mon, 6 Mar 2023 14:35:29 +0000 (17:35 +0300)
diff --git a/kconfig_hardened_check/checks.py b/kconfig_hardened_check/checks.py

index c20f096baa0dc74a28b2750e631e620d00f0c637..1bb1de205498bf11d25935a870fa623586ef3582 100644 (file)
--- a/kconfig_hardened_check/checks.py
+++ b/kconfig_hardened_check/checks.py
@@ -468,9 +468,6 @@ def add_cmdline_checks(l, arch):
      l += [OR(CmdlineCheck('self_protection', 'defconfig', 'kpti', 'is not off'),
               AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'),
                   CmdlineCheck('self_protection', 'defconfig', 'kpti', 'is not set')))]
-    l += [OR(CmdlineCheck('self_protection', 'defconfig', 'kvm.nx_huge_pages', 'is not off'),
-             AND(CmdlineCheck('self_protection', 'kspp', 'mitigations', 'auto,nosmt'),
-                 CmdlineCheck('self_protection', 'defconfig', 'kvm.nx_huge_pages', 'is not set')))]
      if arch == 'ARM64':
          l += [OR(CmdlineCheck('self_protection', 'defconfig', 'ssbd', 'kernel'),
                   CmdlineCheck('self_protection', 'my', 'ssbd', 'force-on'),
author	Alexander Popov <alex.popov@linux.com>
	Mon, 6 Mar 2023 14:35:29 +0000 (17:35 +0300)
committer	Alexander Popov <alex.popov@linux.com>
	Mon, 6 Mar 2023 14:35:29 +0000 (17:35 +0300)