From 5d0f97db4c355235a412830737fdfd2a710acf79 Mon Sep 17 00:00:00 2001
From: Alexander Popov <alex.popov@linux.com>
Date: Sun, 7 Jul 2024 16:49:47 +0300
Subject: [PATCH] Add the CONFIG_N_GSM check

See https://www.openwall.com/lists/oss-security/2024/04/17/1.

Refers to #122.
---
 kernel_hardening_checker/checks.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/kernel_hardening_checker/checks.py b/kernel_hardening_checker/checks.py
index faf2aa2..b8cc895 100755
--- a/kernel_hardening_checker/checks.py
+++ b/kernel_hardening_checker/checks.py
@@ -386,6 +386,8 @@ def add_kconfig_checks(l: List[ChecklistObjType], arch: str) -> None:
     l += [KconfigCheck('cut_attack_surface', 'maintainer', 'BLK_DEV_FD_RAWCMD', 'is not set')] # recommended by Denis Efremov in /pull/62
     l += [KconfigCheck('cut_attack_surface', 'maintainer', 'NOUVEAU_LEGACY_CTX_SUPPORT', 'is not set')]
                                             # recommended by Dave Airlie in kernel commit b30a43ac7132cdda
+    l += [KconfigCheck('cut_attack_surface', 'maintainer', 'N_GSM', 'is not set')]
+                                            # recommended by Greg KH at https://www.openwall.com/lists/oss-security/2024/04/17/1
 
     # 'cut_attack_surface', 'clipos'
     l += [KconfigCheck('cut_attack_surface', 'clipos', 'STAGING', 'is not set')]
-- 
2.31.1