projects / kconfig-hardened-check.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 99358d0)
hardened_usercopy=1 is now officially recommended by KSPP
authorAlexander Popov <alex.popov@linux.com>
Tue, 17 Oct 2023 05:35:00 +0000 (08:35 +0300)
committerAlexander Popov <alex.popov@linux.com>
Tue, 17 Oct 2023 05:35:00 +0000 (08:35 +0300)
kernel_hardening_checker/checks.py patch | blob | history

diff --git a/kernel_hardening_checker/checks.py b/kernel_hardening_checker/checks.py
index a05b07f6cd68fd29ea5b7fc3630d755a396ebee9..2d9f8c99ccef311a4c4eed551cbf198ac070c572 100644 (file)
--- a/kernel_hardening_checker/checks.py
+++ b/kernel_hardening_checker/checks.py
@@ -475,7 +475,6 @@ def add_cmdline_checks(l, arch):
              AND(CmdlineCheck('self_protection', 'kspp', 'page_poison', '1'),
                  KconfigCheck('self_protection', 'kspp', 'PAGE_POISONING_ZERO', 'y'),
                  CmdlineCheck('self_protection', 'kspp', 'slub_debug', 'P')))]
-    # The cmdline checks compatible with the kconfig recommendations of the KSPP project...
     l += [OR(CmdlineCheck('self_protection', 'kspp', 'hardened_usercopy', '1'),
              AND(KconfigCheck('self_protection', 'kspp', 'HARDENED_USERCOPY', 'y'),
                  CmdlineCheck('self_protection', 'kspp', 'hardened_usercopy', 'is not set')))]
kconfig-hardened-check