From 68b7564e7ee9f7010b4cd1ae836cd93d770d00ef Mon Sep 17 00:00:00 2001
From: Jiahui Feng <jhf@google.com>
Date: Wed, 19 Feb 2020 14:41:42 -0800
Subject: [PATCH] fix alias for stack protector kernel config.

- fix YAML syntax
- alias -> aliases
- no need for CONFIG prefix
- add renamed config since 4.18
---
 test/e2e_node/system/specs/gke.yaml | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/test/e2e_node/system/specs/gke.yaml b/test/e2e_node/system/specs/gke.yaml
index 07dc115c80f..59692c3facf 100644
--- a/test/e2e_node/system/specs/gke.yaml
+++ b/test/e2e_node/system/specs/gke.yaml
@@ -49,7 +49,7 @@ kernelSpec:
   - name: IP6_NF_IPTABLES
     description: 'Required by kube-proxy.'
   - name: IP_NF_TARGET_REDIRECT
-    alias:
+    aliases:
     - NETFILTER_XT_TARGET_REDIRECT
     description: 'Enabled REDIRECT: all incoming connections are mapped onto
       the incoming interface''s address, causing the packets to come to the
@@ -167,10 +167,11 @@ kernelSpec:
     description: 'Enabled the SECCOMP application API.'
   - name: SECURITY_APPARMOR
     description: 'Enable for AppArmor support.'
-  - name: CC_STACKPROTECTOR_STRONG
-    alias:
-    - CONFIG_CC_STACKPROTECTOR_REGULAR
-      CONFIG_CC_STACKPROTECTOR_ALL
+  - name: CC_STACKPROTECTOR_STRONG # Linux kernel <= 4.17
+    aliases:
+    - CC_STACKPROTECTOR_REGULAR # Linux kernel <= 4.17
+    - CC_STACKPROTECTOR_ALL # Linux kernel <= 4.17
+    - STACKPROTECTOR_STRONG # Linux kernel >= 4.18
     description: 'Add the stack buffer overflow protections.'
   - name: STRICT_DEVMEM
     description: 'Required for blocking the direct physical memory access.'