projects
/
kconfig-hardened-check.git
/ history
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
Use the option type instead of calling hasattr()
[kconfig-hardened-check.git]
/
kconfig_hardened_check
/
__init__.py
2022-03-05
Alexander Popov
Use the option type instead of calling hasattr()
blob
|
commitdiff
|
raw
2022-03-05
Alexander Popov
Merge branch 'refactoring'
blob
|
commitdiff
|
raw
|
diff to current
2022-02-14
Alexander Popov
Introduce the json_dump() class method
refactoring
blob
|
commitdiff
|
raw
|
diff to current
2022-02-14
Alexander Popov
Improve 'type' for ComplexOptCheck and PresenceCheck...
blob
|
commitdiff
|
raw
|
diff to current
2022-02-14
Alexander Popov
Make populate_with_data() aware of data type
blob
|
commitdiff
|
raw
|
diff to current
2022-02-14
Alexander Popov
Add 'type' for PresenceCheck and VersionCheck
blob
|
commitdiff
|
raw
|
diff to current
2022-02-14
Alexander Popov
Rename VerCheck to VersionCheck
blob
|
commitdiff
|
raw
|
diff to current
2022-02-14
Alexander Popov
Add more ComplexOptCheck validation
blob
|
commitdiff
|
raw
|
diff to current
2022-02-14
Alexander Popov
Improve print_unknown_options()
blob
|
commitdiff
|
raw
|
diff to current
2022-02-14
Alexander Popov
Remove 'CONFIG_' hardcoding
blob
|
commitdiff
|
raw
|
diff to current
2022-02-11
Alexander Popov
Merge branch 'refactoring'
blob
|
commitdiff
|
raw
|
diff to current
2022-02-11
Alexander Popov
Refactor the OR logic code
blob
|
commitdiff
|
raw
|
diff to current
2022-02-11
Alexander Popov
Rename config to kconfig where needed (part II)
blob
|
commitdiff
|
raw
|
diff to current
2022-01-22
Alexander Popov
Extract populate_with_data() from perform_checks()
blob
|
commitdiff
|
raw
|
diff to current
2022-01-22
Alexander Popov
Rename config to kconfig where needed
blob
|
commitdiff
|
raw
|
diff to current
2022-01-22
Alexander Popov
Print the type of a check in the json mode
blob
|
commitdiff
|
raw
|
diff to current
2022-01-22
Alexander Popov
ComplexOptCheck type has the type of the first opt...
blob
|
commitdiff
|
raw
|
diff to current
2022-01-21
Alexander Popov
Do more output tuning
blob
|
commitdiff
|
raw
|
diff to current
2022-01-21
Alexander Popov
Add check type
blob
|
commitdiff
|
raw
|
diff to current
2022-01-21
Alexander Popov
Print compactly
blob
|
commitdiff
|
raw
|
diff to current
2022-01-21
Alexander Popov
Introduce KconfigCheck class
blob
|
commitdiff
|
raw
|
diff to current
2022-01-21
Alexander Popov
Fix TRIM_UNUSED_KSYMS check
blob
|
commitdiff
|
raw
|
diff to current
2021-12-24
Alexander Popov
Add l1d_flush (for future reference)
blob
|
commitdiff
|
raw
|
diff to current
2021-12-05
Alexander Popov
Add ARM64_PTR_AUTH_KERNEL extracted from ARM64_PTR_AUTH
blob
|
commitdiff
|
raw
|
diff to current
2021-11-09
Alexander Popov
Keep the old X86_PTDUMP check as a backup
blob
|
commitdiff
|
raw
|
diff to current
2021-11-09
Alexander Popov
Simplify the check about PTDUMP_DEBUGFS (I was correct)
blob
|
commitdiff
|
raw
|
diff to current
2021-11-09
Alexander Popov
Add more checks from grsecurity for cutting attack...
blob
|
commitdiff
|
raw
|
diff to current
2021-11-09
Alexander Popov
Fix the 'decision' field of the IO_URING check
blob
|
commitdiff
|
raw
|
diff to current
2021-11-09
Alexander Popov
Add more checks from grsecurity for cutting attack...
blob
|
commitdiff
|
raw
|
diff to current
2021-11-09
Alexander Popov
Fix the 'decision' field of the KPROBES check
blob
|
commitdiff
|
raw
|
diff to current
2021-11-09
Alexander Popov
Add the comment
blob
|
commitdiff
|
raw
|
diff to current
2021-09-22
Alexander Popov
Move 'self_protection' & 'maintainer' higher
blob
|
commitdiff
|
raw
|
diff to current
2021-09-21
Alexander Popov
Add HARDENED_USERCOPY_PAGESPAN check from KSPP
blob
|
commitdiff
|
raw
|
diff to current
2021-09-21
Alexander Popov
Add comments about the maintainer recommendations
blob
|
commitdiff
|
raw
|
diff to current
2021-09-21
Alexander Popov
Fix UBSAN_BOUNDS recommendations
blob
|
commitdiff
|
raw
|
diff to current
2021-09-21
Alexander Popov
RANDOMIZE_KSTACK_OFFSET_DEFAULT is recommended by KSPP
blob
|
commitdiff
|
raw
|
diff to current
2021-09-10
Alexander Popov
Merge pull request #54 from evdenis/master
blob
|
commitdiff
|
raw
|
diff to current
2021-09-10
Denis Efremov
Add BLK_DEV_FD
54/head
blob
|
commitdiff
|
raw
|
diff to current
2021-09-10
Alexander Popov
Add RANDOMIZE_KSTACK_OFFSET_DEFAULT
blob
|
commitdiff
|
raw
|
diff to current
2021-08-29
Alexander Popov
Add CFI_CLANG
blob
|
commitdiff
|
raw
|
diff to current
2021-08-29
Alexander Popov
Add ARM64_EPAN
blob
|
commitdiff
|
raw
|
diff to current
2021-08-14
Alexander Popov
Add hardware tag-based KASAN with arm64 Memory Tagging...
blob
|
commitdiff
|
raw
|
diff to current
2021-08-14
Alexander Popov
Add the command line parameters that should NOT be set
blob
|
commitdiff
|
raw
|
diff to current
2021-08-08
Alexander Popov
Document the changes of vm.unprivileged_userfaultfd...
blob
|
commitdiff
|
raw
|
diff to current
2021-08-08
Alexander Popov
Add the news about PAGE_POISONING
blob
|
commitdiff
|
raw
|
diff to current
2021-07-02
Alexander Popov
Improve wording
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
Fix pylint warning
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
Remember that SHADOW_CALL_STACK depends on clang
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
STACKPROTECTOR_PER_TASK is also available for ARM64
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
INTEL_IOMMU_SVM is available only for X86_64
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
Reorder arch checks
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
SECURITY_DMESG_RESTRICT is recommended by KSPP now
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
Think about kptr_restrict later (KSPP recommends to...
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
Mention that nosmt is slow
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
More info on init_on_free and init_on_alloc
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
SLUB_DEBUG_ON is very slow, leave it for the kernel...
blob
|
commitdiff
|
raw
|
diff to current
2021-06-19
Alexander Popov
HARDEN_BRANCH_PREDICTOR for ARM64 is enabled by default...
blob
|
commitdiff
|
raw
|
diff to current
2021-06-18
Alexander Popov
Add ARM64_MTE for userspace
blob
|
commitdiff
|
raw
|
diff to current
2021-06-18
Alexander Popov
Maybe SHADOW_CALL_STACK should be alternative to STACKP...
blob
|
commitdiff
|
raw
|
diff to current
2021-06-18
Alexander Popov
Save 'debugfs=no-mount' for future
blob
|
commitdiff
|
raw
|
diff to current
2020-10-30
Alexander Popov
Fix indentation (thanks to pylint)
blob
|
commitdiff
|
raw
|
diff to current
2020-10-23
Alexander Popov
INIT_STACK_ALL -> INIT_STACK_ALL_ZERO (was renamed)
blob
|
commitdiff
|
raw
|
diff to current
2020-10-23
Alexander Popov
Add SHADOW_CALL_STACK for ARM64
blob
|
commitdiff
|
raw
|
diff to current
2020-10-22
Alexander Popov
Add the recommendation about TRIM_UNUSED_KSYMS
blob
|
commitdiff
|
raw
|
diff to current
2020-10-22
Alexander Popov
Add ARM64_BTI_KERNEL
blob
|
commitdiff
|
raw
|
diff to current
2020-10-22
Alexander Popov
Add the recommendation about UBSAN_BOUNDS
blob
|
commitdiff
|
raw
|
diff to current
2020-10-22
Alexander Popov
PAGE_POISONING -> PAGE_POISONING_ZERO
blob
|
commitdiff
|
raw
|
diff to current
2020-10-22
Alexander Popov
Improve AND check reports
blob
|
commitdiff
|
raw
|
diff to current
2020-10-22
Alexander Popov
Improve HARDEN_EL2_VECTORS check
blob
|
commitdiff
|
raw
|
diff to current
2020-10-22
Alexander Popov
Merge remote-tracking branch 'pgils/el2_vectors'
blob
|
commitdiff
|
raw
|
diff to current
2020-10-21
Alexander Popov
Add nested ComplexOptChecks support
blob
|
commitdiff
|
raw
|
diff to current
2020-10-19
Pelle van Gils
Do not check CONFIG_HARDEN_EL2_VECTORS for v5.9+
48/head
blob
|
commitdiff
|
raw
|
diff to current
2020-10-16
Alexander Popov
Add TODO about SLUB_DEBUG_ON
blob
|
commitdiff
|
raw
|
diff to current
2020-10-16
Alexander Popov
Add CLIP OS recommendation about EFI_CUSTOM_SSDT_OVERLAYS
blob
|
commitdiff
|
raw
|
diff to current
2020-10-16
Alexander Popov
Disabling ACPI_TABLE_UPGRADE is now recommended by...
blob
|
commitdiff
|
raw
|
diff to current
2020-10-16
Alexander Popov
Withdraw my recommendation about BPF_JIT
blob
|
commitdiff
|
raw
|
diff to current
2020-07-15
Alexander Popov
Fix relevant pylint warnings
blob
|
commitdiff
|
raw
|
diff to current
2020-07-15
Alexander Popov
Fix 'decision' priority order ('lockdown' vs 'clipos...
blob
|
commitdiff
|
raw
|
diff to current
2020-07-15
Alexander Popov
Add CLIP OS recommendations about CONFIG_IO_URING and...
blob
|
commitdiff
|
raw
|
diff to current
2020-07-15
Alexander Popov
Add CONFIG_EFI_DISABLE_PCI_DMA recommended by CLIP OS
blob
|
commitdiff
|
raw
|
diff to current
2020-07-15
Alexander Popov
Fix 'decision' -- CONFIG_INTEGRITY is not enabled by...
blob
|
commitdiff
|
raw
|
diff to current
2020-07-15
Alexander Popov
Take new AND use case for X86_PTDUMP / PTDUMP_DEBUGFS
blob
|
commitdiff
|
raw
|
diff to current
2020-07-15
Alexander Popov
Improve ComplexOptCheck use cases
blob
|
commitdiff
|
raw
|
diff to current
2020-07-15
Alexander Popov
Add 'show_ok' and 'show_fail' print modes
blob
|
commitdiff
|
raw
|
diff to current
2020-07-13
Alexander Popov
Declare variables closer to their usage
blob
|
commitdiff
|
raw
|
diff to current
2020-07-13
Alexander Popov
Get rid of 'kernel_version' global variable
blob
|
commitdiff
|
raw
|
diff to current
2020-07-13
Alexander Popov
Big rework of the report modes
blob
|
commitdiff
|
raw
|
diff to current
2020-07-10
Alexander Popov
Add ARM64_PAN
blob
|
commitdiff
|
raw
|
diff to current
2020-07-09
Alexander Popov
Use += instead of append() for checklist
blob
|
commitdiff
|
raw
|
diff to current
2020-07-09
Alexander Popov
Reorder some checking rules for better looking code
blob
|
commitdiff
|
raw
|
diff to current
2020-07-09
Alexander Popov
Change the order of arguments in OptCheck constructor
blob
|
commitdiff
|
raw
|
diff to current
2020-07-09
Alexander Popov
Drop unused 'state' property from ComplexOptCheck
blob
|
commitdiff
|
raw
|
diff to current
2020-07-09
Alexander Popov
Don't return self.result in check() method -- it's...
blob
|
commitdiff
|
raw
|
diff to current
2020-07-06
Alexander Popov
ARM64_PTR_AUTH is now supported for the kernel (from...
blob
|
commitdiff
|
raw
|
diff to current
2020-04-09
Alexander Popov
Merge branch 'evbug'
blob
|
commitdiff
|
raw
|
diff to current
2020-04-09
Alexander Popov
Merge branch 'pylint'
blob
|
commitdiff
|
raw
|
diff to current
2020-04-09
HacKurx
Add CONFIG_INPUT_EVBUG
blob
|
commitdiff
|
raw
|
diff to current
2020-04-08
shamilbi
pylint some code
40/head
blob
|
commitdiff
|
raw
|
diff to current
2020-04-06
Alexander Popov
Improve versioning
blob
|
commitdiff
|
raw
|
diff to current
2020-04-03
Alexander Popov
Add DRM_LEGACY, FB, and VT checks
blob
|
commitdiff
|
raw
|
diff to current
next