Merge branch 'evbug'

Thanks @HacKurx

Merge branch 'evbug'
Thanks @HacKurx
aec7c459 · Alexander Popov · d5d5480f · cb1d79b0 · aec7c459 · aec7c459
Commit aec7c459 authored Apr 09, 2020 by Alexander Popov
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletions

README.md README.md +2 -1

__init__.py kconfig_hardened_check/__init__.py +1 -0

No files found.
--- a/README.md
+++ b/README.md
@@ -204,10 +204,11 @@ CONFIG_IP_SCTP                               | is not set  |    my    | cut_atta
 CONFIG_FTRACE                                | is not set  |    my    | cut_attack_surface |   FAIL: "y"
 CONFIG_BPF_JIT                               | is not set  |    my    | cut_attack_surface |   FAIL: "y"
 CONFIG_VIDEO_VIVID                           | is not set  |    my    | cut_attack_surface |   FAIL: "m"
+CONFIG_INPUT_EVBUG                           | is not set  |    my    | cut_attack_surface |   FAIL: "m"
 CONFIG_INTEGRITY                             |      y      |defconfig |userspace_hardening |   OK
 CONFIG_ARCH_MMAP_RND_BITS                    |     32      |  clipos  |userspace_hardening |   FAIL: "28"
-[+] config check is finished: 'OK' - 56 / 'FAIL' - 79
+[+] config check is finished: 'OK' - 56 / 'FAIL' - 80
 ```
 ## kconfig-hardened-check versioning

--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -492,6 +492,7 @@ def construct_checklist(checklist, arch):
    checklist.append(OptCheck('FTRACE',               'is not set', 'my', 'cut_attack_surface')) # refers to LOCKDOWN
    checklist.append(OptCheck('BPF_JIT',              'is not set', 'my', 'cut_attack_surface'))
    checklist.append(OptCheck('VIDEO_VIVID',          'is not set', 'my', 'cut_attack_surface'))
+    checklist.append(OptCheck('INPUT_EVBUG',          'is not set', 'my', 'cut_attack_surface')) # Can be used as a keylogger
    checklist.append(OptCheck('INTEGRITY',       'y', 'defconfig', 'userspace_hardening'))
    if arch == 'ARM64':