From e5f804ede6ea7f66f674c2825396c15c216c718d Mon Sep 17 00:00:00 2001
From: Alexander Popov <alex.popov@linux.com>
Date: Sat, 9 Dec 2023 08:47:55 +0300
Subject: [PATCH] Add the MODULE_FORCE_LOAD check

Thanks to @vobst for the idea
---
 kernel_hardening_checker/checks.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/kernel_hardening_checker/checks.py b/kernel_hardening_checker/checks.py
index 5daf889..9dacb51 100644
--- a/kernel_hardening_checker/checks.py
+++ b/kernel_hardening_checker/checks.py
@@ -378,6 +378,7 @@ def add_kconfig_checks(l, arch):
     l += [KconfigCheck('cut_attack_surface', 'my', 'XFS_SUPPORT_V4', 'is not set')]
     l += [OR(KconfigCheck('cut_attack_surface', 'my', 'TRIM_UNUSED_KSYMS', 'y'),
              modules_not_set)]
+    l += [KconfigCheck('cut_attack_surface', 'my', 'MODULE_FORCE_LOAD', 'is not set')]
 
     # 'harden_userspace'
     if arch == 'ARM64':
-- 
2.31.1