From 8f7db40401de9fee9fa0e5e55822336f563d91d8 Mon Sep 17 00:00:00 2001 From: Alexander Popov Date: Sun, 25 Jun 2023 11:51:02 +0300 Subject: [PATCH] Add the info about /proc/cmdline to the usage help I tested CONFIG_CMDLINE and CONFIG_BOOT_CONFIG mechanisms. They allow passing additional boot parameters for the Linux kernel. I see that all boot parameters are collected in /proc/cmdline. So /proc/cmdline is the only information source that we should check to analyze the Linux kernel boot parameters. --- kconfig_hardened_check/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py index d8e11f7..f280774 100644 --- a/kconfig_hardened_check/__init__.py +++ b/kconfig_hardened_check/__init__.py @@ -213,7 +213,7 @@ def main(): parser.add_argument('-c', '--config', help='check the security hardening options in the kernel Kconfig file (also supports *.gz files)') parser.add_argument('-l', '--cmdline', - help='check the security hardening options in the kernel cmdline file') + help='check the security hardening options in the kernel cmdline file (contents of /proc/cmdline)') parser.add_argument('-p', '--print', choices=supported_archs, help='print the security hardening recommendations for the selected microarchitecture') parser.add_argument('-g', '--generate', choices=supported_archs, -- 2.31.1