projects
/
kconfig-hardened-check.git
/ history
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
Update the `decision` for the SLAB_MERGE_DEFAULT check
[kconfig-hardened-check.git]
/
kernel_hardening_checker
/
2024-07-03
Alexander Popov
Update the `decision` for the SLAB_MERGE_DEFAULT check
tree
|
commitdiff
2024-07-03
Alexander Popov
Update the KFENCE_SAMPLE_INTERVAL check
tree
|
commitdiff
2024-06-19
Alexander Popov
Comment out the RANDSTRUCT_PERFORMANCE check
tree
|
commitdiff
2024-06-19
Alexander Popov
Update the KSPP recommendations (https://github.com...
tree
|
commitdiff
2024-06-16
Alexander Popov
Update the 'kernel.modules_disabled' check
tree
|
commitdiff
2024-06-16
Alexander Popov
Add the 'kernel.oops_limit' and 'kernel.warn_limit...
tree
|
commitdiff
2024-06-16
Alexander Popov
Add the "cfi" check
tree
|
commitdiff
2024-06-16
Alexander Popov
Add the "MAGIC_SYSRQ_SERIAL" check
tree
|
commitdiff
2024-06-16
Alexander Popov
Add the "kernel.sysrq" check
tree
|
commitdiff
2024-06-15
Alexander Popov
Add the MAGIC_SYSRQ_DEFAULT_ENABLE check
tree
|
commitdiff
2024-06-15
Alexander Popov
Sync with KSPP: update the `decision` for some checks
tree
|
commitdiff
2024-06-15
Alexander Popov
Add CONFIG_CC_IS_CLANG and CONFIG_CC_IS_GCC to the...
tree
|
commitdiff
2024-06-15
Alexander Popov
ruff: Fix EXE001 "Shebang is present but file is not...
tree
|
commitdiff
2024-06-10
Alexander Popov
Add the comment about 'if arch' for the 'cut_attack_sur...
tree
|
commitdiff
2024-06-10
Alexander Popov
Update the KSPP recommendations
tree
|
commitdiff
2024-06-10
Alexander Popov
Code refactoring to improve test coverage (I)
tree
|
commitdiff
2024-06-09
Alexander Popov
Merge branch 'scs-pac'
tree
|
commitdiff
2024-06-09
Alexander Popov
Merge branch 'page-table-check'
tree
|
commitdiff
2024-06-02
Alexander Popov
Merge branch 'open_check'
tree
|
commitdiff
2024-06-02
Alexander Popov
Check that the cmdline file is not empty
tree
|
commitdiff
2024-06-02
Alexander Popov
Also check that the cmdline file and sysctl file exist
tree
|
commitdiff
2024-06-02
Alexander Popov
Merge branch 'master' into open-check
tree
|
commitdiff
2024-06-02
Alexander Popov
Check MITIGATION_SPECTRE_BHI and spectre_bhi
tree
|
commitdiff
2024-06-02
Alexander Popov
Check MITIGATION_RFDS and reg_file_data_sampling
tree
|
commitdiff
2024-06-02
Alexander Popov
Add the new name of SPECULATION_MITIGATIONS
tree
|
commitdiff
2024-06-02
Alexander Popov
Add the new names of RETPOLINE, CPU_SRSO, SLS
tree
|
commitdiff
2024-06-02
Alexander Popov
Add the new name of PAGE_TABLE_ISOLATION
tree
|
commitdiff
2024-05-22
jvoisin
Add two PAGE_TABLE_CHECK related checks from kspp
140/head
tree
|
commitdiff
2024-05-19
Julien Voisin
Merge branch 'master' into scs_pac
131/head
tree
|
commitdiff
2024-05-14
Alexander Popov
Merge remote-tracking branch 'origin/pylint'
tree
|
commitdiff
2024-05-14
Alexander Popov
Don't use TODO to avoid pylint warnings
136/head
tree
|
commitdiff
2024-05-14
Alexander Popov
Drop 'disable=invalid-name' for pylint
tree
|
commitdiff
2024-05-14
Alexander Popov
Drop __about__.py and use 'version = attr:' in setup.cfg
tree
|
commitdiff
2024-05-13
Alexander Popov
Merge branch 'typing'
tree
|
commitdiff
2024-05-13
Alexander Popov
Introduce ResultType and improve static typing in test_...
tree
|
commitdiff
2024-05-13
Alexander Popov
Improve the VersionCheck static typing
tree
|
commitdiff
2024-05-13
Alexander Popov
Improve typing and drop the unused **kwargs in the...
tree
|
commitdiff
2024-05-13
Alexander Popov
Improve _open() to avoid mypy and pylint warnings
tree
|
commitdiff
2024-05-13
Alexander Popov
Style fixes for engine import
tree
|
commitdiff
2024-05-13
Alexander Popov
Use dict instead of OrderedDict
tree
|
commitdiff
2024-05-13
Alexander Popov
Add more typing annotations to test_engine.py
tree
|
commitdiff
2024-05-13
Alexander Popov
Fix mypy typing warnings for ChecklistObjType
tree
|
commitdiff
2024-05-13
Alexander Popov
Add more precise typing for checklist: List[ChecklistOb...
tree
|
commitdiff
2024-05-13
Alexander Popov
Fix assertion style
tree
|
commitdiff
2024-05-13
Alexander Popov
Fix mypy typing warnings in engine.py
tree
|
commitdiff
2024-05-13
Alexander Popov
Add more typing annotations to engine.py
tree
|
commitdiff
2024-05-13
Alexander Popov
Move print_unknown_options() to engine.py
tree
|
commitdiff
2024-05-12
Alexander Popov
Add more precise typing for OrderedDict
tree
|
commitdiff
2024-05-12
Alexander Popov
Add more typing annotations to checks.py
tree
|
commitdiff
2024-05-12
Alexander Popov
Make the static typing work for Python v3.8
tree
|
commitdiff
2024-05-12
Alexander Popov
Fix mypy typing warnings in __init__.py
tree
|
commitdiff
2024-05-12
Alexander Popov
Add more typing annotations to __init__.py
tree
|
commitdiff
2024-05-12
Alexander Popov
Fix pylint warnings in _open
tree
|
commitdiff
2024-05-12
jvoisin
Add a check to `_open`
tree
|
commitdiff
2024-05-12
Alexander Popov
Fix mypy warning in _open()
tree
|
commitdiff
2024-05-12
Alexander Popov
Fix mypy warning in json_dump()
tree
|
commitdiff
2024-05-03
jvoisin
Add a check for CONFIG_UNWIND_PATCH_PAC_INTO_SCS
tree
|
commitdiff
2024-05-03
Julien Voisin
Merge branch 'master' into typing
tree
|
commitdiff
2024-05-02
Alexander Popov
Merge branch 'skip_sysctl'
tree
|
commitdiff
2024-05-02
Alexander Popov
Style fixes, should be no functional changes
125/head
tree
|
commitdiff
2024-05-02
Alexander Popov
Fix the reason and decision of the KEXEC_CORE check
tree
|
commitdiff
2024-05-02
Alexander Popov
Fix the reason and decision of the BPF_JIT check
tree
|
commitdiff
2024-05-02
Alexander Popov
Restore the `dev.tty.legacy_tiocsti` check
tree
|
commitdiff
2024-05-02
Alexander Popov
Use CONFIG_LOCALVERSION instead of CONFIG_DEFAULT_INIT...
tree
|
commitdiff
2024-05-02
Eneas U de Queiroz
skip kernel.modules_disabled if MODULES not set
tree
|
commitdiff
2024-05-02
Eneas U de Queiroz
Skip unprivileged_userfaultfd if USERFAULTFD unset
tree
|
commitdiff
2024-05-02
Eneas U de Queiroz
Don't fail if dev.tty.legacy_tiocsti not found
tree
|
commitdiff
2024-05-02
Eneas U de Queiroz
Skip unprivileged_bpf_disabled if BPF_SYSCALL not set
tree
|
commitdiff
2024-05-02
Eneas U de Queiroz
Skip kexec_load_disabled if KEXEC_CORE is not set
tree
|
commitdiff
2024-05-02
Eneas U de Queiroz
Skip bpf_jit_harden sysctl if BPF_JIT is not set
tree
|
commitdiff
2024-04-30
Alexander Popov
Merge branch 'cpu_depend'
tree
|
commitdiff
2024-04-30
jvoisin
Add some lightweight typing
tree
|
commitdiff
2024-04-30
Alexander Popov
Fix the reason and decision for CPU_SUP_INTEL
123/head
tree
|
commitdiff
2024-04-30
Alexander Popov
Style fixes
tree
|
commitdiff
2024-04-23
Eneas U de Queiroz
Skip CPU-dependent checks if CPU is not supported
tree
|
commitdiff
2024-04-21
Alexander Popov
Like grep, colorize the output only if stdout is connec...
tree
|
commitdiff
2024-04-21
Alexander Popov
Don't use the `type` name for the class methods
tree
|
commitdiff
2024-04-18
Alexander Popov
Add the BLK_DEV_WRITE_MOUNTED/bdev_allow_write_mounted...
tree
|
commitdiff
2024-04-17
Alexander Popov
Merge branch 'shstk'
tree
|
commitdiff
2024-04-17
Alexander Popov
Fix 'decision' for the X86_USER_SHADOW_STACK check
120/head
tree
|
commitdiff
2024-04-15
jvoisin
Add a check for X86_USER_SHADOW_STACK
tree
|
commitdiff
2024-03-30
Alexander Popov
Add a comment that 'user.max_user_namespaces=0' may...
tree
|
commitdiff
2024-03-25
Alexander Popov
Improve the CONFIG_CFI_CLANG checks (add the CONFIG_CC_...
tree
|
commitdiff
2024-03-25
Alexander Popov
Drop the GCC_PLUGINS check (checking CC_IS_GCC is enough)
tree
|
commitdiff
2024-03-25
Alexander Popov
Add the CONFIG_CC_IS_GCC dependency for gcc plugins
tree
|
commitdiff
2024-03-25
Alexander Popov
Don't require GCC_PLUGINS separately
tree
|
commitdiff
2024-03-24
Alexander Popov
Rename the 'my' check decision to 'a13xp0p0v'
tree
|
commitdiff
2024-03-17
Alexander Popov
Make the table column names and JSON field names fit...
tree
|
commitdiff
2024-03-17
Alexander Popov
Merge remote-tracking branch 'krishjainx/improve-json...
tree
|
commitdiff
2024-03-17
krishjainx
update
115/head
tree
|
commitdiff
2024-03-17
krishjainx
fix issues
tree
|
commitdiff
2024-03-14
krishjainx
Fix tests to work with new JSON schema
tree
|
commitdiff
2024-03-14
krishjainx
Improve JSON output format for enhanced processing
tree
|
commitdiff
2024-03-11
Alexander Popov
Improve the DEBUG_CREDENTIALS check
tree
|
commitdiff
2024-03-10
Alexander Popov
Fix the false result of the REFCOUNT_FULL check for...
tree
|
commitdiff
2024-03-09
Alexander Popov
Adapt test_version() in the unittest
tree
|
commitdiff
2024-03-09
Alexander Popov
Check all 3 numbers of the kernel version in VersionCheck
tree
|
commitdiff
2024-03-09
Alexander Popov
Fix the fresh set_state() bug found by unittest
tree
|
commitdiff
2024-03-09
Alexander Popov
Make `python -m unittest` show the whole output
tree
|
commitdiff
2024-03-09
Alexander Popov
Implement the set_state() method of the check classes
tree
|
commitdiff
next