{"description": "Contains rules that check the kernel configuration that was used to build it.", "warnings": [], "requires": [], "conflicts": [], "values": ["var_kernel_config_module_sig_hash", "var_kernel_config_module_sig_key", "var_kernel_config_panic_timeout"], "groups": ["gcc_plugin"], "rules": ["kernel_config_acpi_custom_method", "kernel_config_arm64_sw_ttbr0_pan", "kernel_config_binfmt_misc", "kernel_config_bug", "kernel_config_bug_on_data_corruption", "kernel_config_compat_brk", "kernel_config_compat_vdso", "kernel_config_debug_credentials", "kernel_config_debug_fs", "kernel_config_debug_list", "kernel_config_debug_notifiers", "kernel_config_debug_sg", "kernel_config_debug_wx", "kernel_config_default_mmap_min_addr", "kernel_config_devkmem", "kernel_config_fortify_source", "kernel_config_hardened_usercopy", "kernel_config_hardened_usercopy_fallback", "kernel_config_hibernation", "kernel_config_ia32_emulation", "kernel_config_ipv6", "kernel_config_kexec", "kernel_config_legacy_ptys", "kernel_config_legacy_vsyscall_emulate", "kernel_config_legacy_vsyscall_none", "kernel_config_legacy_vsyscall_xonly", "kernel_config_modify_ldt_syscall", "kernel_config_module_sig", "kernel_config_module_sig_all", "kernel_config_module_sig_force", "kernel_config_module_sig_hash", "kernel_config_module_sig_key", "kernel_config_module_sig_sha512", "kernel_config_page_poisoning", "kernel_config_page_poisoning_no_sanity", "kernel_config_page_poisoning_zero", "kernel_config_page_table_isolation", "kernel_config_panic_on_oops", "kernel_config_panic_timeout", "kernel_config_proc_kcore", "kernel_config_randomize_base", "kernel_config_randomize_memory", "kernel_config_refcount_full", "kernel_config_retpoline", "kernel_config_sched_stack_end_check", "kernel_config_seccomp", "kernel_config_seccomp_filter", "kernel_config_security", "kernel_config_security_dmesg_restrict", "kernel_config_security_writable_hooks", "kernel_config_security_yama", "kernel_config_slab_freelist_hardened", "kernel_config_slab_freelist_random", "kernel_config_slab_merge_default", "kernel_config_slub_debug", "kernel_config_stackprotector", "kernel_config_stackprotector_strong", "kernel_config_strict_kernel_rwx", "kernel_config_strict_module_rwx", "kernel_config_syn_cookies", "kernel_config_unmap_kernel_at_el0", "kernel_config_vmap_stack", "kernel_config_x86_vsyscall_emulation"], "platform": "system_with_kernel", "platforms": ["system_with_kernel"], "inherited_platforms": [], "cpe_platform_names": ["system_with_kernel"], "title": "Kernel Configuration", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/kernel_build_config/group.yml"}