projects
/
kconfig-hardened-check.git
/ history
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅ next
test_engine: add test_complex_nested()
[kconfig-hardened-check.git]
/
kconfig_hardened_check
/
checks.py
2023-09-03
Alexander Popov
Fix arch conditions for some CmdlineChecks
blob
|
commitdiff
|
raw
2023-08-27
Alexander Popov
Support separate sysctl checking (without kconfig)
blob
|
commitdiff
|
raw
|
diff to current
2023-07-23
Alexander Popov
Check the kernel.unprivileged_bpf_disabled sysctl
blob
|
commitdiff
|
raw
|
diff to current
2023-07-23
Alexander Popov
Check the dev.tty.ldisc_autoload sysctl
blob
|
commitdiff
|
raw
|
diff to current
2023-07-23
Alexander Popov
Check the user.max_user_namespaces sysctl
blob
|
commitdiff
|
raw
|
diff to current
2023-07-23
Alexander Popov
Check the kernel.kexec_load_disabled sysctl
blob
|
commitdiff
|
raw
|
diff to current
2023-07-23
Alexander Popov
Check the kernel.perf_event_paranoid sysctl
blob
|
commitdiff
|
raw
|
diff to current
2023-07-23
Alexander Popov
Check the kernel.dmesg_restrict sysctl
blob
|
commitdiff
|
raw
|
diff to current
2023-07-23
Alexander Popov
Check the net.core.bpf_jit_harden sysctl
blob
|
commitdiff
|
raw
|
diff to current
2023-07-08
Alexander Popov
Add the basic infrastructure for checking sysctl
blob
|
commitdiff
|
raw
|
diff to current
2023-07-04
Alexander Popov
Check disabling XFS_SUPPORT_V4 for cutting attack surface
blob
|
commitdiff
|
raw
|
diff to current
2023-06-17
Alexander Popov
Move the draft of the security hardening sysctls to...
blob
|
commitdiff
|
raw
|
diff to current
2023-06-17
Alexander Popov
Improve normalize_cmdline_options()
blob
|
commitdiff
|
raw
|
diff to current
2023-06-12
Alexander Popov
Skip normalize_cmdline_options() for the vdso32 and...
blob
|
commitdiff
|
raw
|
diff to current
2023-06-12
Alexander Popov
Skip normalize_cmdline_options() for the vsyscall cmdli...
blob
|
commitdiff
|
raw
|
diff to current
2023-06-12
Alexander Popov
Skip normalize_cmdline_options() for the iommu cmdline...
blob
|
commitdiff
|
raw
|
diff to current
2023-06-12
Alexander Popov
Skip normalize_cmdline_options() for the slub_debug...
blob
|
commitdiff
|
raw
|
diff to current
2023-06-12
Alexander Popov
Improve the comments and README
blob
|
commitdiff
|
raw
|
diff to current
2023-06-05
Alexander Popov
Skip normalize_cmdline_options() for the rodata cmdline...
blob
|
commitdiff
|
raw
|
diff to current
2023-06-05
Alexander Popov
Skip normalize_cmdline_options() for the ssbd cmdline...
blob
|
commitdiff
|
raw
|
diff to current
2023-05-28
Alexander Popov
Add a comment about cfi boot parameter
blob
|
commitdiff
|
raw
|
diff to current
2023-05-28
Alexander Popov
Add the X86_KERNEL_IBT check
blob
|
commitdiff
|
raw
|
diff to current
2023-05-28
Alexander Popov
Add a comment about `kernel.oops_limit` and `kernel...
blob
|
commitdiff
|
raw
|
diff to current
2023-05-27
Alexander Popov
Add a comment about `kernel.unprivileged_userns_clone...
blob
|
commitdiff
|
raw
|
diff to current
2023-05-27
Alexander Popov
Add the comments about HARDENED_USERCOPY features
blob
|
commitdiff
|
raw
|
diff to current
2023-05-01
Alexander Popov
Add the checks for vdso32 and vdso on X86_64 and X86_32
blob
|
commitdiff
|
raw
|
diff to current
2023-04-30
Alexander Popov
Improve the COMPAT_VDSO check
blob
|
commitdiff
|
raw
|
diff to current
2023-04-30
Alexander Popov
Improve the vsyscall checks
blob
|
commitdiff
|
raw
|
diff to current
2023-04-30
Alexander Popov
Add the comment about kernel.sysrq=0
blob
|
commitdiff
|
raw
|
diff to current
2023-04-22
Alexander Popov
Make hackish refinement of the CONFIG_ARCH_MMAP_RND_BIT...
blob
|
commitdiff
|
raw
|
diff to current
2023-04-22
Alexander Popov
Require one of major LSMs implementing MAC
blob
|
commitdiff
|
raw
|
diff to current
2023-04-22
Alexander Popov
Add the norandmaps check
blob
|
commitdiff
|
raw
|
diff to current
2023-04-22
Alexander Popov
Check that CoreSight Tracing Support is disabled (to...
blob
|
commitdiff
|
raw
|
diff to current
2023-04-09
Alexander Popov
Drop the INTEGRITY check
blob
|
commitdiff
|
raw
|
diff to current
2023-04-09
Alexander Popov
Add the DEBUG_ALIGN_RODATA check for ARM
blob
|
commitdiff
|
raw
|
diff to current
2023-04-09
Alexander Popov
Add the LEGACY_TIOCSTI check
blob
|
commitdiff
|
raw
|
diff to current
2023-03-06
Alexander Popov
Refactor normalize_cmdline_options() for better style...
blob
|
commitdiff
|
raw
|
diff to current
2023-03-06
Alexander Popov
Drop the 'kvm.nx_huge_pages' check
blob
|
commitdiff
|
raw
|
diff to current
2023-03-05
Alexander Popov
Improve the slab_nomerge check
blob
|
commitdiff
|
raw
|
diff to current
2023-03-01
Alexander Popov
Allow not setting specific CPU bug mitigations only...
blob
|
commitdiff
|
raw
|
diff to current
2023-02-26
Alexander Popov
Improve the 'pylint disable' statements
blob
|
commitdiff
|
raw
|
diff to current
2023-02-26
Alexander Popov
Add docstrings for the modules
blob
|
commitdiff
|
raw
|
diff to current
2023-02-26
Alexander Popov
Split into Python modules
blob
|
commitdiff
|
raw
|
diff to current