Add the info about /proc/cmdline to the usage help

I tested CONFIG_CMDLINE and CONFIG_BOOT_CONFIG mechanisms.
They allow passing additional boot parameters for the Linux kernel.

I see that all boot parameters are collected in /proc/cmdline.

So /proc/cmdline is the only information source that we should check to
analyze the Linux kernel boot parameters.

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index d8e11f7ec806d1d8ce37159a73ff287c77862c61..f28077421be91639687f3142631d0fb6a576e0de 100644 (file)
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -213,7 +213,7 @@ def main():
     parser.add_argument('-c', '--config',
                         help='check the security hardening options in the kernel Kconfig file (also supports *.gz files)')
     parser.add_argument('-l', '--cmdline',
-                        help='check the security hardening options in the kernel cmdline file')
+                        help='check the security hardening options in the kernel cmdline file (contents of /proc/cmdline)')
     parser.add_argument('-p', '--print', choices=supported_archs,
                         help='print the security hardening recommendations for the selected microarchitecture')
     parser.add_argument('-g', '--generate', choices=supported_archs,