Check CONFIG_HW_RANDOM_TPM (recommended by Clip OS)

author Alexander Popov <alex.popov@linux.com>

Sun, 9 Oct 2022 12:49:13 +0000 (15:49 +0300)

committer Alexander Popov <alex.popov@linux.com>

Sun, 9 Oct 2022 12:49:13 +0000 (15:49 +0300)
author Alexander Popov <alex.popov@linux.com>
Sun, 9 Oct 2022 12:49:13 +0000 (15:49 +0300)
committer Alexander Popov <alex.popov@linux.com>
Sun, 9 Oct 2022 12:49:13 +0000 (15:49 +0300)
diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py

index a13f0f84ecc4d48d3d8ba25695812af5478c6f15..9ae247482b82ce23de85772487faaa33606e55bc 100644 (file)
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -484,6 +484,7 @@ def add_kconfig_checks(l, arch):
      l += [KconfigCheck('self_protection', 'clipos', 'SLAB_MERGE_DEFAULT', 'is not set')]
      l += [KconfigCheck('self_protection', 'clipos', 'RANDOM_TRUST_BOOTLOADER', 'is not set')]
      l += [KconfigCheck('self_protection', 'clipos', 'RANDOM_TRUST_CPU', 'is not set')]
+    l += [KconfigCheck('self_protection', 'clipos', 'CONFIG_HW_RANDOM_TPM', 'y')]
      l += [AND(KconfigCheck('self_protection', 'clipos', 'RANDSTRUCT_PERFORMANCE', 'is not set'),
                KconfigCheck('self_protection', 'clipos', 'GCC_PLUGIN_RANDSTRUCT_PERFORMANCE', 'is not set'),
                randstruct_is_set)]
author	Alexander Popov <alex.popov@linux.com>
	Sun, 9 Oct 2022 12:49:13 +0000 (15:49 +0300)
committer	Alexander Popov <alex.popov@linux.com>
	Sun, 9 Oct 2022 12:49:13 +0000 (15:49 +0300)