From 528b57c61f4b7e1d7ce9a3c5922383b8dae093ff Mon Sep 17 00:00:00 2001 From: Alexander Popov Date: Tue, 17 Oct 2023 08:35:00 +0300 Subject: [PATCH] hardened_usercopy=1 is now officially recommended by KSPP --- kernel_hardening_checker/checks.py | 1 - 1 file changed, 1 deletion(-) diff --git a/kernel_hardening_checker/checks.py b/kernel_hardening_checker/checks.py index a05b07f..2d9f8c9 100644 --- a/kernel_hardening_checker/checks.py +++ b/kernel_hardening_checker/checks.py @@ -475,7 +475,6 @@ def add_cmdline_checks(l, arch): AND(CmdlineCheck('self_protection', 'kspp', 'page_poison', '1'), KconfigCheck('self_protection', 'kspp', 'PAGE_POISONING_ZERO', 'y'), CmdlineCheck('self_protection', 'kspp', 'slub_debug', 'P')))] - # The cmdline checks compatible with the kconfig recommendations of the KSPP project... l += [OR(CmdlineCheck('self_protection', 'kspp', 'hardened_usercopy', '1'), AND(KconfigCheck('self_protection', 'kspp', 'HARDENED_USERCOPY', 'y'), CmdlineCheck('self_protection', 'kspp', 'hardened_usercopy', 'is not set')))] -- 2.31.1