From: Alexander Popov <alex.popov@linux.com>
Date: Sat, 10 Dec 2022 18:24:42 +0000 (+0300)
Subject: Drop the comment about mitigations of CPU vulnerabilities
X-Git-Tag: v0.6.1~27
X-Git-Url: https://jxself.org/git/?a=commitdiff_plain;h=9178899d93602e9fe32a504170c11804acdf2148;p=kconfig-hardened-check.git

Drop the comment about mitigations of CPU vulnerabilities

The corresponding checks have been developed.
---

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index 673cb52..fbbc3aa 100644
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -10,31 +10,9 @@
 # Please don't cry if my Python code looks like C.
 #
 #
-# N.B Hardening command line parameters:
+# N.B Missing hardening command line parameters:
 #    iommu=force (does it help against DMA attacks?)
 #
-# The list of disabled mitigations of CPU vulnerabilities:
-#   mitigations=off
-#   pti=off
-#   spectre_v2=off
-#   spectre_v2_user=off
-#   spec_store_bypass_disable=off
-#   l1tf=off
-#   mds=off
-#   tsx_async_abort=off
-#   srbds=off
-#   mmio_stale_data=off
-#   retbleed=off
-#     nopti
-#     nokaslr
-#     nospectre_v1
-#     nospectre_v2
-#     nospectre_bhb
-#     nospec_store_bypass_disable
-#       kpti=0
-#       ssbd=force-off
-#       nosmt (enabled)
-#
 #    Hardware tag-based KASAN with arm64 Memory Tagging Extension (MTE):
 #           kasan=on
 #           kasan.stacktrace=off