From 2588752f2803d58118f8d7b05ae16983cf588dc9 Mon Sep 17 00:00:00 2001
From: Alexander Popov <alex.popov@linux.com>
Date: Mon, 29 May 2023 01:56:14 +0300
Subject: [PATCH] Add the X86_KERNEL_IBT check

Now it's enabled by default for X86_64.
---
 kconfig_hardened_check/checks.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/kconfig_hardened_check/checks.py b/kconfig_hardened_check/checks.py
index ab25afa..ba29e2d 100644
--- a/kconfig_hardened_check/checks.py
+++ b/kconfig_hardened_check/checks.py
@@ -116,6 +116,7 @@ def add_kconfig_checks(l, arch):
     if arch == 'X86_64':
         l += [KconfigCheck('self_protection', 'defconfig', 'PAGE_TABLE_ISOLATION', 'y')]
         l += [KconfigCheck('self_protection', 'defconfig', 'RANDOMIZE_MEMORY', 'y')]
+        l += [KconfigCheck('self_protection', 'defconfig', 'X86_KERNEL_IBT', 'y')]
         l += [AND(KconfigCheck('self_protection', 'defconfig', 'INTEL_IOMMU', 'y'),
                   iommu_support_is_set)]
         l += [AND(KconfigCheck('self_protection', 'defconfig', 'AMD_IOMMU', 'y'),
-- 
2.31.1