From: Alexander Popov <alex.popov@linux.com>
Date: Sun, 11 Aug 2024 11:14:15 +0000 (+0300)
Subject: Add the comments about `vm.mmap_rnd_bits` and `vm.mmap_rnd_compat_bits` sysctls
X-Git-Tag: v0.6.10~25
X-Git-Url: https://jxself.org/git/?a=commitdiff_plain;h=0f27645c4b09420cbb1ab45f1b53981545f20fcc;p=kconfig-hardened-check.git

Add the comments about `vm.mmap_rnd_bits` and `vm.mmap_rnd_compat_bits` sysctls

Refers to #146
---

diff --git a/kernel_hardening_checker/checks.py b/kernel_hardening_checker/checks.py
index b4a86cf..378a7d7 100755
--- a/kernel_hardening_checker/checks.py
+++ b/kernel_hardening_checker/checks.py
@@ -684,7 +684,8 @@ def normalize_cmdline_options(option: str, value: str) -> str:
 #    what about bpf_jit_enable?
 #    vm.mmap_min_addr has a good value
 #    nosmt sysfs control file
-#    vm.mmap_rnd_bits=max (?)
+#    vm.mmap_rnd_bits=max
+#    vm.mmap_rnd_compat_bits=max
 #    abi.vsyscall32 (any value except 2)
 #    net.ipv4.tcp_syncookies=1 (?)