Merge branch 'master' into scs_pac

author Julien Voisin <jvoisin@users.noreply.github.com>

Sun, 19 May 2024 19:17:19 +0000 (19:17 +0000)

committer GitHub <noreply@github.com>

Sun, 19 May 2024 19:17:19 +0000 (19:17 +0000)
author Julien Voisin <jvoisin@users.noreply.github.com>
Sun, 19 May 2024 19:17:19 +0000 (19:17 +0000)
committer GitHub <noreply@github.com>
Sun, 19 May 2024 19:17:19 +0000 (19:17 +0000)
diff --git a/kernel_hardening_checker/checks.py b/kernel_hardening_checker/checks.py

index f2e4c34fd6da0a81a046563329dd5e2736a09f46..672ea7e5df389cab8eedcc004e4587aa44d78cf7 100644 (file)
--- a/kernel_hardening_checker/checks.py
+++ b/kernel_hardening_checker/checks.py
@@ -242,6 +242,7 @@ def add_kconfig_checks(l: List[ChecklistObjType], arch: str) -> None:
      if arch == 'ARM64':
          l += [KconfigCheck('self_protection', 'kspp', 'ARM64_SW_TTBR0_PAN', 'y')]
          l += [KconfigCheck('self_protection', 'kspp', 'SHADOW_CALL_STACK', 'y')]
+        l += [KconfigCheck('self_protection', 'kspp', 'UNWIND_PATCH_PAC_INTO_SCS', 'y')]
          l += [KconfigCheck('self_protection', 'kspp', 'KASAN_HW_TAGS', 'y')] # see also: kasan=on, kasan.stacktrace=off, kasan.fault=panic
      if arch == 'X86_32':
          l += [KconfigCheck('self_protection', 'kspp', 'PAGE_TABLE_ISOLATION', 'y')]
author	Julien Voisin <jvoisin@users.noreply.github.com>
	Sun, 19 May 2024 19:17:19 +0000 (19:17 +0000)
committer	GitHub <noreply@github.com>
	Sun, 19 May 2024 19:17:19 +0000 (19:17 +0000)