projects
/
kconfig-hardened-check.git
/ history
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
Fix syntax to run on the Woodpecker 1.0.0 CI
[kconfig-hardened-check.git]
/
kconfig_hardened_check
/
2023-08-13
Alexander Popov
Report that --print and --generate can't be used together
tree
|
commitdiff
2023-08-13
Alexander Popov
Enable sysctl checking
tree
|
commitdiff
2023-07-23
Alexander Popov
Check the kernel.unprivileged_bpf_disabled sysctl
tree
|
commitdiff
2023-07-23
Alexander Popov
Check the dev.tty.ldisc_autoload sysctl
tree
|
commitdiff
2023-07-23
Alexander Popov
Check the user.max_user_namespaces sysctl
tree
|
commitdiff
2023-07-23
Alexander Popov
Check the kernel.kexec_load_disabled sysctl
tree
|
commitdiff
2023-07-23
Alexander Popov
Check the kernel.perf_event_paranoid sysctl
tree
|
commitdiff
2023-07-23
Alexander Popov
Check the kernel.dmesg_restrict sysctl
tree
|
commitdiff
2023-07-23
Alexander Popov
Check the net.core.bpf_jit_harden sysctl
tree
|
commitdiff
2023-07-23
Alexander Popov
test_engine: use SysctlCheck in test_value_overriding()
tree
|
commitdiff
2023-07-23
Alexander Popov
test_engine: use SysctlCheck in test_stdout()
tree
|
commitdiff
2023-07-23
Alexander Popov
test_engine: implement test_simple_sysctl()
tree
|
commitdiff
2023-07-23
Alexander Popov
test_engine: support SysctlCheck
tree
|
commitdiff
2023-07-22
Alexander Popov
Refactor populate_opt_with_data()
tree
|
commitdiff
2023-07-16
Alexander Popov
Mute warnings in the JSON mode and improve wording
tree
|
commitdiff
2023-07-16
Alexander Popov
Implement parse_sysctl_file()
tree
|
commitdiff
2023-07-15
Alexander Popov
Emit WARNING for the cmdline options that exist multipl...
tree
|
commitdiff
2023-07-15
Alexander Popov
Precise the Kconfig parsing
tree
|
commitdiff
2023-07-12
Alexander Popov
Get rid of useless regular expressions in detect_compiler()
tree
|
commitdiff
2023-07-12
Alexander Popov
Precise the regular expressions in detect_arch() and...
tree
|
commitdiff
2023-07-12
Alexander Popov
Show error if some cmdline option exists multiple times
tree
|
commitdiff
2023-07-08
Alexander Popov
Add the basic infrastructure for checking sysctl
tree
|
commitdiff
2023-07-08
Alexander Popov
Introduce the SysctlCheck class
tree
|
commitdiff
2023-07-04
Alexander Popov
Check disabling XFS_SUPPORT_V4 for cutting attack surface
tree
|
commitdiff
2023-07-02
Alexander Popov
Print the microarchitecture in --generate mode
tree
|
commitdiff
2023-06-25
Alexander Popov
Add the info about /proc/cmdline to the usage help
tree
|
commitdiff
2023-06-17
Alexander Popov
Move the draft of the security hardening sysctls to...
tree
|
commitdiff
2023-06-17
Alexander Popov
Improve normalize_cmdline_options()
tree
|
commitdiff
2023-06-12
Alexander Popov
Add a new feature --generate
tree
|
commitdiff
2023-06-12
Alexander Popov
Refactoring of the argument parsing
tree
|
commitdiff
2023-06-12
Alexander Popov
Improve the comments and README (part II)
tree
|
commitdiff
2023-06-12
Alexander Popov
Skip normalize_cmdline_options() for the vdso32 and...
tree
|
commitdiff
2023-06-12
Alexander Popov
Skip normalize_cmdline_options() for the vsyscall cmdli...
tree
|
commitdiff
2023-06-12
Alexander Popov
Skip normalize_cmdline_options() for the iommu cmdline...
tree
|
commitdiff
2023-06-12
Alexander Popov
Skip normalize_cmdline_options() for the slub_debug...
tree
|
commitdiff
2023-06-12
Alexander Popov
Improve the comments and README
tree
|
commitdiff
2023-06-05
Alexander Popov
Skip normalize_cmdline_options() for the rodata cmdline...
tree
|
commitdiff
2023-06-05
Alexander Popov
Skip normalize_cmdline_options() for the ssbd cmdline...
tree
|
commitdiff
2023-05-28
Alexander Popov
Add a comment about cfi boot parameter
tree
|
commitdiff
2023-05-28
Alexander Popov
Add the X86_KERNEL_IBT check
tree
|
commitdiff
2023-05-28
Alexander Popov
Add a comment about `kernel.oops_limit` and `kernel...
tree
|
commitdiff
2023-05-27
Alexander Popov
Add a comment about `kernel.unprivileged_userns_clone...
tree
|
commitdiff
2023-05-27
Alexander Popov
Add the comments about HARDENED_USERCOPY features
tree
|
commitdiff
2023-05-01
Alexander Popov
Add the checks for vdso32 and vdso on X86_64 and X86_32
tree
|
commitdiff
2023-04-30
Alexander Popov
Improve the COMPAT_VDSO check
tree
|
commitdiff
2023-04-30
Alexander Popov
Improve the vsyscall checks
tree
|
commitdiff
2023-04-30
Alexander Popov
Add the comment about kernel.sysrq=0
tree
|
commitdiff
2023-04-22
Alexander Popov
Make hackish refinement of the CONFIG_ARCH_MMAP_RND_BIT...
tree
|
commitdiff
2023-04-22
Alexander Popov
test_engine: add test_value_overriding()
tree
|
commitdiff
2023-04-22
Alexander Popov
engine: implement override_expected_value()
tree
|
commitdiff
2023-04-22
Alexander Popov
Require one of major LSMs implementing MAC
tree
|
commitdiff
2023-04-22
Alexander Popov
Add the norandmaps check
tree
|
commitdiff
2023-04-22
Alexander Popov
Check that CoreSight Tracing Support is disabled (to...
tree
|
commitdiff
2023-04-09
Alexander Popov
Drop the INTEGRITY check
tree
|
commitdiff
2023-04-09
Alexander Popov
Add the DEBUG_ALIGN_RODATA check for ARM
tree
|
commitdiff
2023-04-09
Alexander Popov
Add new Android kernel configs from my friends
tree
|
commitdiff
2023-04-09
Alexander Popov
Add the LEGACY_TIOCSTI check
tree
|
commitdiff
2023-04-02
Alexander Popov
engine: remove the unused 'type' property from the...
tree
|
commitdiff
2023-04-02
Alexander Popov
test_engine: rename unit-tests
tree
|
commitdiff
2023-04-02
Alexander Popov
test_engine: increase the unit-test coverage
tree
|
commitdiff
2023-04-02
Alexander Popov
test_engine: test the non-verbose output mode
tree
|
commitdiff
2023-04-02
Alexander Popov
test_engine: support the non-verbose output mode in...
tree
|
commitdiff
2023-04-02
Alexander Popov
Fix a pylint warning about f-string
tree
|
commitdiff
2023-04-02
Alexander Popov
test_engine: add test_verbose()
tree
|
commitdiff
2023-04-02
Alexander Popov
test_engine: implement get_engine_result() for stdout
tree
|
commitdiff
2023-04-02
Alexander Popov
test_engine: introduce get_engine_result()
tree
|
commitdiff
2023-03-26
Alexander Popov
test_engine: add test_version()
tree
|
commitdiff
2023-03-26
Alexander Popov
test_engine: add missing cases for test_OR() and test_AND()
tree
|
commitdiff
2023-03-26
Alexander Popov
test_engine: test 'is not off'
tree
|
commitdiff
2023-03-26
Alexander Popov
test_engine: test 'is present'
tree
|
commitdiff
2023-03-26
Alexander Popov
test_engine: add a missing case for test_OR()
tree
|
commitdiff
2023-03-26
Alexander Popov
Inform about supporting *.gz kconfig files
tree
|
commitdiff
2023-03-26
Alexander Popov
Add an example of a gzipped config
tree
|
commitdiff
2023-03-26
Alexander Popov
Merge pull request #80 from nE0sIghT/feature/gzipped...
tree
|
commitdiff
2023-03-25
Yuri Konotopov
Added support for gzipped config (eg. /proc/config.gz)
80/head
tree
|
commitdiff
2023-03-24
Alexander Popov
test_engine: add test_OR() and test_AND()
tree
|
commitdiff
2023-03-24
Alexander Popov
test_engine: reorganize single unit-tests
tree
|
commitdiff
2023-03-24
Alexander Popov
test_engine: add test_kconfig_not_found()
tree
|
commitdiff
2023-03-24
Alexander Popov
Prevent populating the checklist with empty data
tree
|
commitdiff
2023-03-24
Alexander Popov
test_engine: add test_cmdline_ok() and test_cmdline_fail()
tree
|
commitdiff
2023-03-24
Alexander Popov
test_engine: add test_kconfig_fail()
tree
|
commitdiff
2023-03-24
Alexander Popov
Mute some pylint warnings for test_engine.py
tree
|
commitdiff
2023-03-24
Alexander Popov
test_engine: add test_kconfig_ok()
tree
|
commitdiff
2023-03-24
Alexander Popov
run_engine(): add the 'result' argument and put the...
tree
|
commitdiff
2023-03-24
Alexander Popov
Fix pylint warnings: add class docstring
tree
|
commitdiff
2023-03-24
Alexander Popov
Fix pylint warnings: mark run_engine() with @staticmethod
tree
|
commitdiff
2023-03-24
Alexander Popov
Create the run_engine() helper
tree
|
commitdiff
2023-03-24
Alexander Popov
Add the first unit-test draft
tree
|
commitdiff
2023-03-24
Alexander Popov
Fix style
tree
|
commitdiff
2023-03-10
Alexander Popov
Don't fail the unit-test template
tree
|
commitdiff
2023-03-10
Alexander Popov
Add a template for unit-tests
tree
|
commitdiff
2023-03-06
Alexander Popov
Drop a useless 'if'
tree
|
commitdiff
2023-03-06
Alexander Popov
Refactor normalize_cmdline_options() for better style...
tree
|
commitdiff
2023-03-06
Alexander Popov
Drop the 'kvm.nx_huge_pages' check
tree
|
commitdiff
2023-03-06
Alexander Popov
Fix the bug in OptCheck.check() introduced in cb779a71b...
tree
|
commitdiff
2023-03-05
Alexander Popov
Improve the slab_nomerge check
tree
|
commitdiff
2023-03-05
Alexander Popov
Use similar f-strings for more cases
tree
|
commitdiff
2023-03-05
Alexander Popov
Compare with None explicitly
tree
|
commitdiff
2023-03-01
Alexander Popov
Allow not setting specific CPU bug mitigations only...
tree
|
commitdiff
2023-02-26
Alexander Popov
Improve the 'pylint disable' statements
tree
|
commitdiff
next