From: Alexander Popov <alex.popov@linux.com>
Date: Thu, 17 Nov 2022 14:19:21 +0000 (+0300)
Subject: Add the spectre_v2_user check
X-Git-Tag: v0.6.1~48
X-Git-Url: https://jxself.org/git/?a=commitdiff_plain;h=56928f27dfcefe8688a2ab563e48b4f2e3564d0d;p=kconfig-hardened-check.git

Add the spectre_v2_user check
---

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index 837a362..0467a14 100644
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -736,6 +736,8 @@ def add_cmdline_checks(l, arch):
              CmdlineCheck('self_protection', 'defconfig', 'mitigations', 'is not set'))]
     l += [OR(CmdlineCheck('self_protection', 'defconfig', 'spectre_v2', 'is not off'),
              CmdlineCheck('self_protection', 'defconfig', 'spectre_v2', 'is not set'))]
+    l += [OR(CmdlineCheck('self_protection', 'defconfig', 'spectre_v2_user', 'is not off'),
+             CmdlineCheck('self_protection', 'defconfig', 'spectre_v2_user', 'is not set'))]
     l += [OR(CmdlineCheck('self_protection', 'defconfig', 'spec_store_bypass_disable', 'is not off'),
              CmdlineCheck('self_protection', 'defconfig', 'spec_store_bypass_disable', 'is not set'))]
     if arch == 'ARM64':
@@ -952,6 +954,9 @@ def normalize_cmdline_options(option, value):
     if option == 'spectre_v2':
         # See spectre_v2_parse_cmdline() in arch/x86/kernel/cpu/bugs.c
         return value
+    if option == 'spectre_v2_user':
+        # See spectre_v2_parse_user_cmdline() in arch/x86/kernel/cpu/bugs.c
+        return value
     if option == 'spec_store_bypass_disable':
         # See ssb_parse_cmdline() in arch/x86/kernel/cpu/bugs.c
         return value