Add the check for dis_ucode_ldr

author Alexander Popov <alex.popov@linux.com>

Sat, 2 Dec 2023 17:46:14 +0000 (20:46 +0300)

committer Alexander Popov <alex.popov@linux.com>

Sat, 2 Dec 2023 17:46:14 +0000 (20:46 +0300)
author Alexander Popov <alex.popov@linux.com>
Sat, 2 Dec 2023 17:46:14 +0000 (20:46 +0300)
committer Alexander Popov <alex.popov@linux.com>
Sat, 2 Dec 2023 17:46:14 +0000 (20:46 +0300)
diff --git a/kernel_hardening_checker/checks.py b/kernel_hardening_checker/checks.py

index 9fc92e5632b2dcb04e0bd8666a11c4093714f899..5daf88911c000bfb815c2f1b61937dbfb0262d28 100644 (file)
--- a/kernel_hardening_checker/checks.py
+++ b/kernel_hardening_checker/checks.py
@@ -420,6 +420,7 @@ def add_cmdline_checks(l, arch):
      l += [CmdlineCheck('self_protection', 'defconfig', 'nospectre_v2', 'is not set')]
      l += [CmdlineCheck('self_protection', 'defconfig', 'nospectre_bhb', 'is not set')]
      l += [CmdlineCheck('self_protection', 'defconfig', 'nospec_store_bypass_disable', 'is not set')]
+    l += [CmdlineCheck('self_protection', 'defconfig', 'dis_ucode_ldr', 'is not set')]
      l += [CmdlineCheck('self_protection', 'defconfig', 'arm64.nobti', 'is not set')]
      l += [CmdlineCheck('self_protection', 'defconfig', 'arm64.nopauth', 'is not set')]
      l += [CmdlineCheck('self_protection', 'defconfig', 'arm64.nomte', 'is not set')]
author	Alexander Popov <alex.popov@linux.com>
	Sat, 2 Dec 2023 17:46:14 +0000 (20:46 +0300)
committer	Alexander Popov <alex.popov@linux.com>
	Sat, 2 Dec 2023 17:46:14 +0000 (20:46 +0300)