Add support for x86_32, arm, and arm64 architectures #10
Commits on Jan 17, 2019
-
Update kspp-recommendations.config to look like an x86_64 config
Add a header that will make the checker script think that it is dealing with a x86_64 config file. Additionally, update the stackprotector related options to reflect the >= 4.18 names. Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
-
Make the script aware of target architecture
Add the ability to parse the processor architecture from the config file. The user can override the architecture with the -a. Additionally, if the user wants to use the -p option to print the recommendations without specifying a kernel config file, the -a option can be used to print the recommendations that correspond to the specificied architecture. Some recommendations are architecture specific so we need to warn the user if they're checking a kernel config for an architecture that doesn't have any architecture specific recommendations. Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
-
Differentiate between 32 and 64 bit x86. This sometimes requires a pre-parse of the kernel config in order to detect the sub-architecture before constructing the checklist. Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
-
Check for ARM and ARM64 hardening options. Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
-
Make KSPP recommendations config x86_64 specific
Rename the file so that it is clear that the recommendations are x86-64 specific. Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
-
Add a KSPP recommendations config for x86_32
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
-
Add a KSPP recommendations config for arm
The arm section of the KSPP Recommended_Settings wiki page contains the following lines: # If building an old out-of-tree Qualcomm kernel, this is similar to # CONFIG_STRICT_KERNEL_RWX. CONFIG_STRICT_MEMORY_RWX=y Since this option only applies to an old out-of-tree Qualcomm kernel, it is not included in the config file. Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
-
Add a KSPP recommendations config for arm64
Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.