projects / kconfig-hardened-check.git / shortlog
? search:
summary | shortlog | log | commit | commitdiff | tree
firstprevnext
kconfig-hardened-check.git
2022-04-22 Alexander PopovAdd the STACKPROTECTOR check from KSPP commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-22 Alexander PopovDrop the ARM64_MTE check for userspace hardening commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-22 Alexander PopovSeparate out checking SECURITY_WRITABLE_HOOKS and SECUR... commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-22 Alexander PopovFix the arch condition for the SCHED_CORE check commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-22 Alexander PopovAdd the KSPP recommendation of ZERO_CALL_USED_REGS commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-22 Alexander PopovDisabling X86_MSR is recommended by KSPP commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-20 Alexander PopovFix the bug in the verdict description for ComplexOptCheck commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-20 Alexander PopovAdditional check for TYPES_OF_CHECKS commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-20 Alexander PopovDrop PresenceCheck; OptCheck without 'expected' paramet... commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-20 Alexander PopovUpdate the KSPP recommendations in the config_files commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-20 Alexander PopovAdd the KSPP recommendation of SCHED_CORE commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-20 Alexander PopovAdd the KSPP recommendation of IOMMU_DEFAULT_DMA_STRICT commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-20 Alexander PopovAdd the KSPP recommendation of WERROR commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-20 Alexander PopovAdd the KSPP recommendation of KFENCE commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-08 Alexander PopovNo need in BPF_UNPRIV_DEFAULT_OFF if BPF_SYSCALL is... commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-08 Alexander PopovMerge branch 'from-martin-rowe' commit | commitdiff | tree | snapshot (zip tar.gz)
2022-04-07 Alexander PopovAdd defconfigs for Linux v5.17 commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-28 Alexander PopovDrop unneeded return values (refactoring) commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-26 Martin RoweUBSAN_SANITIZE_ALL not available on ARM 60/head commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-20 Alexander PopovAdd HARDEN_BRANCH_HISTORY for arm commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-20 Alexander PopovAdd MITIGATE_SPECTRE_BRANCH_HISTORY for arm64 commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-18 Alexander PopovTHREAD_INFO_IN_TASK is available for ARM since v5.16 commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-18 Alexander PopovMerge branch 'from-martin-rowe' commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-15 Martin RoweEFI mitigations can't be enabled if EFI is not set 59/head commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-13 Alexander PopovFix the BPF_UNPRIV_DEFAULT_OFF check (it is enabled... commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-13 Alexander PopovAdd CONFIG_SLS vs CVE-2021-26341 in Straight-Line-Specu... commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-13 Alexander PopovAdd the comment that l1d_flush is a part of the l1tf... commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-13 Alexander PopovAdd BPF_UNPRIV_DEFAULT_OFF to cut_attack_surface commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-05 Alexander PopovUse the option type instead of calling hasattr() commit | commitdiff | tree | snapshot (zip tar.gz)
2022-03-05 Alexander PopovMerge branch 'refactoring' commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-14 Alexander PopovIntroduce the json_dump() class method refactoring commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-14 Alexander PopovImprove 'type' for ComplexOptCheck and PresenceCheck... commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-14 Alexander PopovMake populate_with_data() aware of data type commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-14 Alexander PopovAdd 'type' for PresenceCheck and VersionCheck commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-14 Alexander PopovRename VerCheck to VersionCheck commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-14 Alexander PopovAdd more ComplexOptCheck validation commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-14 Alexander PopovImprove print_unknown_options() commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-14 Alexander PopovRemove 'CONFIG_' hardcoding commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-11 Alexander PopovMerge branch 'refactoring' commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-11 Alexander PopovRefactor the OR logic code commit | commitdiff | tree | snapshot (zip tar.gz)
2022-02-11 Alexander PopovRename config to kconfig where needed (part II) commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-22 Alexander PopovExtract populate_with_data() from perform_checks() commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-22 Alexander PopovRename config to kconfig where needed commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-22 Alexander PopovPrint the type of a check in the json mode commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-22 Alexander PopovComplexOptCheck type has the type of the first opt... commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-21 Alexander PopovUpdate the example output in the README (yes, now I... commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-21 Alexander PopovDo more output tuning commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-21 Alexander PopovUpdate the example output in the README commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-21 Alexander PopovAdd check type commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-21 Alexander PopovUpdate the example output in the README commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-21 Alexander PopovPrint compactly commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-21 Alexander PopovIntroduce KconfigCheck class commit | commitdiff | tree | snapshot (zip tar.gz)
2022-01-21 Alexander PopovFix TRIM_UNUSED_KSYMS check commit | commitdiff | tree | snapshot (zip tar.gz)
2021-12-24 Alexander PopovAdd l1d_flush (for future reference) commit | commitdiff | tree | snapshot (zip tar.gz)
2021-12-05 Alexander PopovAdd ARM64_PTR_AUTH_KERNEL extracted from ARM64_PTR_AUTH commit | commitdiff | tree | snapshot (zip tar.gz)
2021-11-21 Alexander PopovDocument the output modes specified by the `-m` parameter commit | commitdiff | tree | snapshot (zip tar.gz)
2021-11-21 Alexander PopovTODO: RISC-V commit | commitdiff | tree | snapshot (zip tar.gz)
2021-11-09 Alexander PopovUpdate the README (a lot of new checks appeared) commit | commitdiff | tree | snapshot (zip tar.gz)
2021-11-09 Alexander PopovKeep the old X86_PTDUMP check as a backup commit | commitdiff | tree | snapshot (zip tar.gz)
2021-11-09 Alexander PopovSimplify the check about PTDUMP_DEBUGFS (I was correct) commit | commitdiff | tree | snapshot (zip tar.gz)
2021-11-09 Alexander PopovAdd more checks from grsecurity for cutting attack... commit | commitdiff | tree | snapshot (zip tar.gz)
2021-11-09 Alexander PopovFix the 'decision' field of the IO_URING check commit | commitdiff | tree | snapshot (zip tar.gz)
2021-11-09 Alexander PopovAdd more checks from grsecurity for cutting attack... commit | commitdiff | tree | snapshot (zip tar.gz)
2021-11-09 Alexander PopovFix the 'decision' field of the KPROBES check commit | commitdiff | tree | snapshot (zip tar.gz)
2021-11-09 Alexander PopovAdd the comment commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-23 Alexander PopovImprove the README commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-23 Alexander PopovGet a bit more coverage commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-23 Alexander PopovUpdate the README v0.5.14 commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-22 Alexander PopovMove 'self_protection' & 'maintainer' higher commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-21 Alexander PopovAdd HARDENED_USERCOPY_PAGESPAN check from KSPP commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-21 Alexander PopovAdd comments about the maintainer recommendations commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-21 Alexander PopovFix UBSAN_BOUNDS recommendations commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-21 Alexander PopovRANDOMIZE_KSTACK_OFFSET_DEFAULT is recommended by KSPP commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-16 Alexander PopovUpdate the KSPP recommendations commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-16 Alexander PopovAdd defconfigs for Linux v5.14 commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-10 Alexander PopovMerge pull request #54 from evdenis/master commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-10 Denis EfremovAdd BLK_DEV_FD 54/head commit | commitdiff | tree | snapshot (zip tar.gz)
2021-09-10 Alexander PopovAdd RANDOMIZE_KSTACK_OFFSET_DEFAULT commit | commitdiff | tree | snapshot (zip tar.gz)
2021-08-29 Alexander PopovAdd CFI_CLANG commit | commitdiff | tree | snapshot (zip tar.gz)
2021-08-29 Alexander PopovAdd ARM64_EPAN commit | commitdiff | tree | snapshot (zip tar.gz)
2021-08-20 Alexander PopovMerge pull request #51 from Hacks4Snacks/master commit | commitdiff | tree | snapshot (zip tar.gz)
2021-08-20 Mark D. GrayAdded Linux/x86_64 kernel config link for CBL-Mariner 51/head commit | commitdiff | tree | snapshot (zip tar.gz)
2021-08-19 Mark D. GrayAdded cbl-mariner kernel configuration file. commit | commitdiff | tree | snapshot (zip tar.gz)
2021-08-14 Alexander PopovAdd hardware tag-based KASAN with arm64 Memory Tagging... commit | commitdiff | tree | snapshot (zip tar.gz)
2021-08-14 Alexander PopovAdd the command line parameters that should NOT be set commit | commitdiff | tree | snapshot (zip tar.gz)
2021-08-08 Alexander PopovDocument the changes of vm.unprivileged_userfaultfd... commit | commitdiff | tree | snapshot (zip tar.gz)
2021-08-08 Alexander PopovAdd the news about PAGE_POISONING commit | commitdiff | tree | snapshot (zip tar.gz)
2021-07-02 Alexander PopovImprove wording commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovUpdate the README. v0.5.10 commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovFix pylint warning commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovRemember that SHADOW_CALL_STACK depends on clang commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovSTACKPROTECTOR_PER_TASK is also available for ARM64 commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovINTEL_IOMMU_SVM is available only for X86_64 commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovReorder arch checks commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovSECURITY_DMESG_RESTRICT is recommended by KSPP now commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovThink about kptr_restrict later (KSPP recommends to... commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovMention that nosmt is slow commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovMore info on init_on_free and init_on_alloc commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovSLUB_DEBUG_ON is very slow, leave it for the kernel... commit | commitdiff | tree | snapshot (zip tar.gz)
2021-06-19 Alexander PopovUpdate KSPP recommendations commit | commitdiff | tree | snapshot (zip tar.gz)
next
kconfig-hardened-check