From: Alexander Popov Date: Mon, 6 Jul 2020 22:55:21 +0000 (+0300) Subject: ARM64_PTR_AUTH is now supported for the kernel (from v5.7) X-Git-Tag: v0.5.7~20 X-Git-Url: https://jxself.org/git/?a=commitdiff_plain;h=3c896896129b48ed36a3afd49f558618de45a5af;p=kconfig-hardened-check.git ARM64_PTR_AUTH is now supported for the kernel (from v5.7) --- diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py index 9bc7828..4da068f 100644 --- a/kconfig_hardened_check/__init__.py +++ b/kconfig_hardened_check/__init__.py @@ -309,6 +309,7 @@ def construct_checklist(checklist, arch): checklist.append(OptCheck('UNMAP_KERNEL_AT_EL0', 'y', 'defconfig', 'self_protection')) checklist.append(OptCheck('HARDEN_EL2_VECTORS', 'y', 'defconfig', 'self_protection')) checklist.append(OptCheck('RODATA_FULL_DEFAULT_ENABLED', 'y', 'defconfig', 'self_protection')) + checklist.append(OptCheck('ARM64_PTR_AUTH', 'y', 'defconfig', 'self_protection')) if arch in ('X86_64', 'ARM64'): checklist.append(OptCheck('VMAP_STACK', 'y', 'defconfig', 'self_protection')) if arch in ('X86_64', 'ARM64', 'X86_32'): @@ -495,8 +496,6 @@ def construct_checklist(checklist, arch): checklist.append(OptCheck('INPUT_EVBUG', 'is not set', 'my', 'cut_attack_surface')) # Can be used as a keylogger checklist.append(OptCheck('INTEGRITY', 'y', 'defconfig', 'userspace_hardening')) - if arch == 'ARM64': - checklist.append(OptCheck('ARM64_PTR_AUTH', 'y', 'defconfig', 'userspace_hardening')) if arch in ('ARM', 'X86_32'): checklist.append(OptCheck('VMSPLIT_3G', 'y', 'defconfig', 'userspace_hardening')) if arch in ('X86_64', 'ARM64'):