From 9178899d93602e9fe32a504170c11804acdf2148 Mon Sep 17 00:00:00 2001 From: Alexander Popov Date: Sat, 10 Dec 2022 21:24:42 +0300 Subject: [PATCH] Drop the comment about mitigations of CPU vulnerabilities The corresponding checks have been developed. --- kconfig_hardened_check/__init__.py | 24 +----------------------- 1 file changed, 1 insertion(+), 23 deletions(-) diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py index 673cb52..fbbc3aa 100644 --- a/kconfig_hardened_check/__init__.py +++ b/kconfig_hardened_check/__init__.py @@ -10,31 +10,9 @@ # Please don't cry if my Python code looks like C. # # -# N.B Hardening command line parameters: +# N.B Missing hardening command line parameters: # iommu=force (does it help against DMA attacks?) # -# The list of disabled mitigations of CPU vulnerabilities: -# mitigations=off -# pti=off -# spectre_v2=off -# spectre_v2_user=off -# spec_store_bypass_disable=off -# l1tf=off -# mds=off -# tsx_async_abort=off -# srbds=off -# mmio_stale_data=off -# retbleed=off -# nopti -# nokaslr -# nospectre_v1 -# nospectre_v2 -# nospectre_bhb -# nospec_store_bypass_disable -# kpti=0 -# ssbd=force-off -# nosmt (enabled) -# # Hardware tag-based KASAN with arm64 Memory Tagging Extension (MTE): # kasan=on # kasan.stacktrace=off -- 2.31.1