From dd40ca5ca2460051eeb61f9f36bc12e4d9b0c375 Mon Sep 17 00:00:00 2001
From: Alexander Popov <alex.popov@linux.com>
Date: Thu, 22 Aug 2019 13:43:46 +0300
Subject: [PATCH] Add INIT_STACK_ALL as an alternative to
 GCC_PLUGIN_STRUCTLEAK_BYREF_ALL

---
 kconfig-hardened-check.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kconfig-hardened-check.py b/kconfig-hardened-check.py
index f431dd0..d76a5fa 100755
--- a/kconfig-hardened-check.py
+++ b/kconfig-hardened-check.py
@@ -212,8 +212,6 @@ def construct_checklist(checklist, arch):
     checklist.append(OptCheck('GCC_PLUGINS',                      'y', 'kspp', 'self_protection'))
     randstruct_is_set = OptCheck('GCC_PLUGIN_RANDSTRUCT',         'y', 'kspp', 'self_protection')
     checklist.append(randstruct_is_set)
-    checklist.append(OptCheck('GCC_PLUGIN_STRUCTLEAK',            'y', 'kspp', 'self_protection'))
-    checklist.append(OptCheck('GCC_PLUGIN_STRUCTLEAK_BYREF_ALL',  'y', 'kspp', 'self_protection'))
     checklist.append(OptCheck('GCC_PLUGIN_LATENT_ENTROPY',        'y', 'kspp', 'self_protection'))
     checklist.append(OptCheck('DEBUG_LIST',                       'y', 'kspp', 'self_protection'))
     checklist.append(OptCheck('DEBUG_SG',                         'y', 'kspp', 'self_protection'))
@@ -272,6 +270,8 @@ def construct_checklist(checklist, arch):
         checklist.append(AND(OptCheck('INTEL_IOMMU_DEFAULT_ON',   'y', 'clipos', 'self_protection'), \
                              iommu_support_is_set))
 
+    checklist.append(OR(OptCheck('INIT_STACK_ALL',                  'y', 'my', 'self_protection'), \
+                        OptCheck('GCC_PLUGIN_STRUCTLEAK_BYREF_ALL', 'y', 'kspp', 'self_protection')))
     if debug_mode or arch == 'X86_64':
         checklist.append(AND(OptCheck('AMD_IOMMU',                'y', 'my', 'self_protection'), \
                              iommu_support_is_set))
-- 
2.31.1