kconfig-hardened-check.git
2023-08-13 Alexander PopovEnable sysctl checking
2023-07-23 Alexander PopovCheck the kernel.unprivileged_bpf_disabled sysctl
2023-07-23 Alexander PopovCheck the dev.tty.ldisc_autoload sysctl
2023-07-23 Alexander PopovCheck the user.max_user_namespaces sysctl
2023-07-23 Alexander PopovCheck the kernel.kexec_load_disabled sysctl
2023-07-23 Alexander PopovCheck the kernel.perf_event_paranoid sysctl
2023-07-23 Alexander PopovCheck the kernel.dmesg_restrict sysctl
2023-07-23 Alexander PopovCheck the net.core.bpf_jit_harden sysctl
2023-07-23 Alexander Popovtest_engine: use SysctlCheck in test_value_overriding()
2023-07-23 Alexander Popovtest_engine: use SysctlCheck in test_stdout()
2023-07-23 Alexander Popovtest_engine: implement test_simple_sysctl()
2023-07-23 Alexander Popovtest_engine: support SysctlCheck
2023-07-22 Alexander PopovRefactor populate_opt_with_data()
2023-07-16 Alexander PopovMute warnings in the JSON mode and improve wording
2023-07-16 Alexander PopovImplement parse_sysctl_file()
2023-07-15 Alexander PopovDrop an obsolete error handling test
2023-07-15 Alexander PopovFix the bug in the functional tests
2023-07-15 Alexander PopovEmit WARNING for the cmdline options that exist multipl...
2023-07-15 Alexander PopovPrecise the Kconfig parsing
2023-07-12 Alexander PopovGet rid of useless regular expressions in detect_compiler()
2023-07-12 Alexander PopovPrecise the regular expressions in detect_arch() and...
2023-07-12 Alexander PopovShow error if some cmdline option exists multiple times
2023-07-08 Alexander PopovAdd the basic infrastructure for checking sysctl
2023-07-08 Alexander PopovIntroduce the SysctlCheck class
2023-07-04 Alexander PopovCheck disabling XFS_SUPPORT_V4 for cutting attack surface
2023-07-02 Alexander PopovPrint the microarchitecture in --generate mode
2023-06-25 Alexander PopovUpdate the README
2023-06-25 Alexander PopovAdd the info about /proc/cmdline to the usage help
2023-06-18 Alexander Popovsetup: fix "The license_file parameter is deprecated"
2023-06-18 Alexander Popovsetup: Don't use the automatic "find_namespace:" discovery
2023-06-18 Alexander Popovsetup: Fix the warning "Package would be ignored"
2023-06-18 Alexander Popovsetup: Drop obsolete zip_safe flag
2023-06-17 Alexander PopovMove the draft of the security hardening sysctls to...
2023-06-17 Alexander PopovImprove normalize_cmdline_options()
2023-06-12 Alexander PopovGitHub Actions: decrease the max-parallel to 1 to avoid...
2023-06-12 Alexander PopovAdd functional tests for --generate
2023-06-12 Alexander PopovUpdate the README
2023-06-12 Alexander PopovAdd a new feature --generate
2023-06-12 Alexander PopovRefactoring of the argument parsing
2023-06-12 Alexander PopovImprove the comments and README (part II)
2023-06-12 Alexander PopovSkip normalize_cmdline_options() for the vdso32 and...
2023-06-12 Alexander PopovSkip normalize_cmdline_options() for the vsyscall cmdli...
2023-06-12 Alexander PopovSkip normalize_cmdline_options() for the iommu cmdline...
2023-06-12 Alexander PopovSkip normalize_cmdline_options() for the slub_debug...
2023-06-12 Alexander PopovImprove the comments and README
2023-06-05 Alexander PopovSkip normalize_cmdline_options() for the rodata cmdline...
2023-06-05 Alexander PopovSkip normalize_cmdline_options() for the ssbd cmdline...
2023-05-28 Alexander PopovAdd a comment about cfi boot parameter
2023-05-28 Alexander PopovAdd the X86_KERNEL_IBT check
2023-05-28 Alexander PopovAdd a comment about `kernel.oops_limit` and `kernel...
2023-05-27 Alexander PopovAdd a comment about `kernel.unprivileged_userns_clone...
2023-05-27 Alexander PopovAdd the comments about HARDENED_USERCOPY features
2023-05-09 Alexander PopovFix CI output style and move `pip install coverage...
2023-05-08 Alexander PopovUse .github/workflows/functional_test.sh in GitHub...
2023-05-08 Alexander PopovRun the functional tests and collect the coverage in...
2023-05-08 Alexander PopovCheck all configs with the installed tool the functiona...
2023-05-08 Alexander PopovTest the package installation in the functional test...
2023-05-07 Alexander PopovRun the engine unit-test in Woodpecker-CI
2023-05-07 Alexander PopovCreate multiple pipelines for Woodpecker-CI at Codeberg
2023-05-07 Alexander PopovCreate a configuration template for Codeberg CI (.woodp...
2023-05-01 Alexander PopovAdd the checks for vdso32 and vdso on X86_64 and X86_32
2023-04-30 Alexander PopovImprove the COMPAT_VDSO check
2023-04-30 Alexander PopovImprove the vsyscall checks
2023-04-30 Alexander PopovAdd the comment about kernel.sysrq=0
2023-04-22 Alexander PopovMake hackish refinement of the CONFIG_ARCH_MMAP_RND_BIT...
2023-04-22 Alexander Popovtest_engine: add test_value_overriding()
2023-04-22 Alexander Popovengine: implement override_expected_value()
2023-04-22 Alexander PopovRequire one of major LSMs implementing MAC
2023-04-22 Alexander PopovAdd the norandmaps check
2023-04-22 Alexander PopovCheck that CoreSight Tracing Support is disabled (to...
2023-04-09 Alexander PopovDrop the INTEGRITY check
2023-04-09 Alexander PopovAdd the DEBUG_ALIGN_RODATA check for ARM
2023-04-09 Alexander PopovAdd new Android kernel configs from my friends
2023-04-09 Alexander PopovAdd the LEGACY_TIOCSTI check
2023-04-02 Alexander Popovengine: remove the unused 'type' property from the...
2023-04-02 Alexander Popovtest_engine: rename unit-tests
2023-04-02 Alexander Popovtest_engine: increase the unit-test coverage
2023-04-02 Alexander Popovtest_engine: test the non-verbose output mode
2023-04-02 Alexander Popovtest_engine: support the non-verbose output mode in...
2023-04-02 Alexander PopovFix a pylint warning about f-string
2023-04-02 Alexander Popovtest_engine: add test_verbose()
2023-04-02 Alexander Popovtest_engine: implement get_engine_result() for stdout
2023-04-02 Alexander Popovtest_engine: introduce get_engine_result()
2023-03-26 Alexander Popovtest_engine: add test_version()
2023-03-26 Alexander Popovtest_engine: add missing cases for test_OR() and test_AND()
2023-03-26 Alexander Popovtest_engine: test 'is not off'
2023-03-26 Alexander Popovtest_engine: test 'is present'
2023-03-26 Alexander Popovtest_engine: add a missing case for test_OR()
2023-03-26 Alexander PopovEnable functional testing for a gzipped config
2023-03-26 Alexander PopovInform about supporting *.gz kconfig files
2023-03-26 Alexander PopovAdd an example of a gzipped config
2023-03-26 Alexander PopovMerge pull request #80 from nE0sIghT/feature/gzipped...
2023-03-25 Yuri KonotopovAdded support for gzipped config (eg. /proc/config.gz) 80/head
2023-03-24 Alexander Popovtest_engine: add test_OR() and test_AND()
2023-03-24 Alexander Popovtest_engine: reorganize single unit-tests
2023-03-24 Alexander Popovtest_engine: add test_kconfig_not_found()
2023-03-24 Alexander PopovPrevent populating the checklist with empty data
2023-03-24 Alexander Popovtest_engine: add test_cmdline_ok() and test_cmdline_fail()
2023-03-24 Alexander Popovtest_engine: add test_kconfig_fail()
2023-03-24 Alexander PopovMute some pylint warnings for test_engine.py
next