X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=kernel_hardening_checker%2Fchecks.py;h=d02eb4b8e0b94d5564051f893396e569b7c8743d;hb=4e3f9782fec90b034e69709e3d8dcda872891d8a;hp=98659299022b2ffbbbde151762db257ca2929f0b;hpb=0d751b9101e8eb16f08ae3ee4e9a91f360ea5779;p=kconfig-hardened-check.git

diff --git a/kernel_hardening_checker/checks.py b/kernel_hardening_checker/checks.py
index 9865929..d02eb4b 100644
--- a/kernel_hardening_checker/checks.py
+++ b/kernel_hardening_checker/checks.py
@@ -502,6 +502,11 @@ def add_cmdline_checks(l, arch):
     if arch in ('X86_64', 'X86_32'):
         l += [CmdlineCheck('self_protection', 'clipos', 'iommu', 'force')]
 
+    # 'self_protection', 'my'
+    l += [OR(CmdlineCheck('self_protection', 'my', 'kfence.sample_interval', 'is not off'),
+             AND(KconfigCheck('self_protection', 'my', 'KFENCE_SAMPLE_INTERVAL', 'is not off'),
+                 CmdlineCheck('self_protection', 'my', 'kfence.sample_interval', 'is not set')))]
+
     # 'cut_attack_surface', 'defconfig'
     if arch in ('X86_64', 'X86_32'):
         l += [OR(CmdlineCheck('cut_attack_surface', 'defconfig', 'tsx', 'off'),