inventory-kernel-boot-params

Adds reporting data (inventory) for kernel parameters set during system boot.
Repository Report issue

Maintainer

Nick Anderson

Module stats

Total Downloads: 547
Updated: Dec 4, 2021

Installation version

Version
0.1.2
0.1.0
0.1.1
0.1.2
Released on Dec 4, 2021

Tags

Installation

                    
cfbs add inventory-kernel-boot-params
Description
Dependencies
Discussion

Many aspects of the Linux Kernel can be controlled via boot parameters. Knowing what kernel parameters your hosts have been booted with can help you to evaluate if there are any settings which may degrade security.

For example, are any of your hosts booted with noibrs, noibpb, nopti, nospectre_v2, nospectre_v1, l1tf=off, nospec_store_bypass_disable no_stf_barrier, mds=off, tsx=on, tsx_async_abort=off, or mitigations=off? If so, your systems are probably fast, but they are also less secure.

Inventory

Kernel Boot Params
Derived from /proc/cmdline

https://raw.github.com/nickanderson/cfengine-inventory-kernel-boot-params/master/host-info-page-inventory-kernel-boot-parms.png

Dependencies

This module has no dependencies

Find related thread in GitHub discussions or Start a new discussion