Update CVE patchers

2025-05-02 06:26:20 -04:00 · 2020-01-26 22:24:35 -05:00 · 2020-01-26 22:24:35 -05:00 · 332807d427
commit 332807d427
parent d87457630a
94 changed files with 476 additions and 146 deletions
--- a/Scripts/Common/Functions.sh
+++ b/Scripts/Common/Functions.sh
@ -405,7 +405,7 @@ export -f hardenUserdata;

 hardenBootArgs() {
 	cd "$DOS_BUILD_BASE$1";
-	sed -i 's/BOARD_KERNEL_CMDLINE := /BOARD_KERNEL_CMDLINE := page_poison=1 slab_nomerge slub_debug=FZP page_alloc.shuffle=1 /' BoardConfig*.mk */BoardConfig*.mk &>/dev/null || true;
+	sed -i 's/BOARD_KERNEL_CMDLINE := /BOARD_KERNEL_CMDLINE := kpti=on pti=on init_on_alloc=1 init_on_free=1 page_alloc.shuffle=1 page_poison=1 slab_nomerge slub_debug=FZP lockdown=confidentiality /' BoardConfig*.mk */BoardConfig*.mk &>/dev/null || true;
 	echo "Hardened kernel command line arguments for $1";
 	cd "$DOS_BUILD_BASE";
 }