From 7f533e5aa62b1ca3e98807564bf5499cbcb66d08 Mon Sep 17 00:00:00 2001
From: Alexander Popov <alex.popov@linux.com>
Date: Wed, 20 Apr 2022 17:42:49 +0300
Subject: [PATCH] Add the KSPP recommendation of SCHED_CORE

---
 kconfig_hardened_check/__init__.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index a3fdf07..65c47e6 100644
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -421,6 +421,7 @@ def add_kconfig_checks(l, arch):
         stackleak_is_set = KconfigCheck('self_protection', 'kspp', 'GCC_PLUGIN_STACKLEAK', 'y')
         l += [stackleak_is_set]
         l += [KconfigCheck('self_protection', 'kspp', 'RANDOMIZE_KSTACK_OFFSET_DEFAULT', 'y')]
+        l += [KconfigCheck('self_protection', 'kspp', 'SCHED_CORE', 'y')]
     if arch in ('X86_64', 'X86_32'):
         l += [KconfigCheck('self_protection', 'kspp', 'DEFAULT_MMAP_MIN_ADDR', '65536')]
     if arch in ('ARM64', 'ARM'):
-- 
2.31.1