From 9f90a30a2d737aee6fd62a6da4555d056bfa8545 Mon Sep 17 00:00:00 2001
From: Alexander Popov <alex.popov@linux.com>
Date: Fri, 2 Sep 2022 14:30:38 +0300
Subject: [PATCH] Check the nosmap and nosmep cmdline parameters

---
 kconfig_hardened_check/__init__.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index 41d6520..e62fad6 100644
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -719,6 +719,10 @@ def add_cmdline_checks(l, arch):
     # 'self_protection', 'clipos'
     l += [CmdlineCheck('self_protection', 'clipos', 'page_alloc.shuffle', '1')]
 
+    # 'self_protection', 'my'
+    l += [CmdlineCheck('self_protection', 'my', 'nosmep', 'is not set')]
+    l += [CmdlineCheck('self_protection', 'my', 'nosmap', 'is not set')]
+
     # 'cut_attack_surface', 'kspp'
     if arch == 'X86_64':
         l += [OR(CmdlineCheck('cut_attack_surface', 'kspp', 'vsyscall', 'none'),
-- 
2.31.1