From: Alexander Popov <alex.popov@linux.com>
Date: Fri, 21 Dec 2018 15:45:44 +0000 (+0300)
Subject: Add kernel command line options enabling mitigations of side-channel attacks
X-Git-Tag: v0.5.2~62
X-Git-Url: https://jxself.org/git/?a=commitdiff_plain;h=a5085a0dacaa2c725df7aaa3a77005687cabe1ff;p=kconfig-hardened-check.git

Add kernel command line options enabling mitigations of side-channel attacks
---

diff --git a/kconfig-hardened-check.py b/kconfig-hardened-check.py
index fd7c50c..2c045d5 100755
--- a/kconfig-hardened-check.py
+++ b/kconfig-hardened-check.py
@@ -17,6 +17,12 @@
 #    kernel.kptr_restrict=1
 #    lockdown=1
 #
+#    spectre_v2=on
+#    pti=on
+#    spec_store_bypass_disable=on
+#    l1tf=full,force
+#
+#
 # N.B. Hardening sysctl's:
 #    net.core.bpf_jit_harden
 #