From b06c8cd92a94b374ba56a031af6f8a3cc5faefa9 Mon Sep 17 00:00:00 2001
From: Alexander Popov <alex.popov@linux.com>
Date: Wed, 18 Mar 2020 18:03:20 +0300
Subject: [PATCH] Move VMSPLIT_3G to 'userspace_hardening'

CONFIG_VMSPLIT_3G=y is for maximal userspace memory area and maximal ASLR.

It works both for ARM and X86_32.
---
 kconfig-hardened-check.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/kconfig-hardened-check.py b/kconfig-hardened-check.py
index c5a5491..6963554 100755
--- a/kconfig-hardened-check.py
+++ b/kconfig-hardened-check.py
@@ -264,7 +264,6 @@ def construct_checklist(checklist, arch):
         checklist.append(OptCheck('RANDOMIZE_BASE',              'y', 'defconfig', 'self_protection'))
         checklist.append(OptCheck('THREAD_INFO_IN_TASK',         'y', 'defconfig', 'self_protection'))
     if arch == 'ARM':
-        checklist.append(OptCheck('VMSPLIT_3G',                  'y', 'defconfig', 'self_protection'))
         checklist.append(OptCheck('CPU_SW_DOMAIN_PAN',           'y', 'defconfig', 'self_protection'))
         checklist.append(OptCheck('STACKPROTECTOR_PER_TASK',     'y', 'defconfig', 'self_protection'))
     if arch == 'ARM64' or arch == 'ARM':
@@ -436,6 +435,8 @@ def construct_checklist(checklist, arch):
     checklist.append(OptCheck('INTEGRITY',       'y', 'defconfig', 'userspace_hardening'))
     if arch == 'ARM64':
         checklist.append(OptCheck('ARM64_PTR_AUTH',       'y', 'defconfig', 'userspace_hardening'))
+    if arch == 'ARM' or  arch == 'X86_32':
+        checklist.append(OptCheck('VMSPLIT_3G',           'y', 'defconfig', 'userspace_hardening'))
     if arch == 'X86_64' or arch == 'ARM64':
         checklist.append(OptCheck('ARCH_MMAP_RND_BITS',   '32', 'clipos', 'userspace_hardening'))
     if arch == 'X86_32' or arch == 'ARM':
-- 
2.31.1