This file was made with root privileges, so it has a full list of sysctls.

The GitHub Actions virtual machine has such a sysctl:
  fs.binfmt_misc.llvm-14-runtime/binfmt = enabled

This example shows that sysctl names may contain the / symbol.

Refers to #65

Refers to #65

Much better code, no functional changes

Refers to #65

`man 1 sh` says about '-e':
```
The shell does not exit if the command that fails is part of the command list
immediately following a while or until keyword, part of the test following
the if or elif reserved words, part of any command executed in a && or || list
except the command following the final && or ||, any command in a pipeline
but the last, or if the command's return value is being inverted with !.

That's why testing error handling in the functional tests didn't check
the exit status at all :(

Let's fix that.
Example before the fix:
! coverage run -a --branch bin/kconfig-hardened-check -l /proc/cmdline
Example after the fix:
coverage run -a --branch bin/kconfig-hardened-check -l /proc/cmdline && exit 1

Don't emit ERROR here. Even GitHub Actions machines have repeated options
in /proc/cmdline.

Also see the comment in cmdline parsing for x86:
https://elixir.bootlin.com/linux/v5.16.7/source/arch/x86/boot/cmdline.c#L21
```
In accordance with standard Linux practice, if this option is repeated,
this returns the last instance on the command line.
```

And fix the wording in the error message by the way.

Refers to #65

Refers to #65

The XFS V4 format is deprecated:
https://elixir.bootlin.com/linux/v6.3.11/source/fs/xfs/Kconfig#L25

Quote:
The V4 filesystem format lacks certain features that are supported
by the V5 format, such as metadata checksumming, strengthened
metadata verification, and the ability to store timestamps past the
year 2038. Because of this, the V4 format is deprecated. All users
should upgrade by backing up their files, reformatting, and restoring
from the backup... To close off an attack surface, say N.

The Kconfig fragment should describe the microarchitecture to avoid mistakes.

I tested CONFIG_CMDLINE and CONFIG_BOOT_CONFIG mechanisms.
They allow passing additional boot parameters for the Linux kernel.

I see that all boot parameters are collected in /proc/cmdline.

So /proc/cmdline is the only information source that we should check to
analyze the Linux kernel boot parameters.

Use 'license_files' instead.