kconfig-hardened-check.git
2024-06-19 Alexander PopovUpdate the KSPP recommendations (https://github.com...
2024-06-16 Alexander PopovUpdate the 'kernel.modules_disabled' check
2024-06-16 Alexander PopovAdd the 'kernel.oops_limit' and 'kernel.warn_limit...
2024-06-16 Alexander PopovAdd the "cfi" check
2024-06-16 Alexander PopovAdd the "MAGIC_SYSRQ_SERIAL" check
2024-06-16 Alexander PopovAdd the "kernel.sysrq" check
2024-06-15 Alexander PopovAdd the MAGIC_SYSRQ_DEFAULT_ENABLE check
2024-06-15 Alexander PopovSync with KSPP: update the `decision` for some checks
2024-06-15 Alexander PopovAdd CONFIG_CC_IS_CLANG and CONFIG_CC_IS_GCC to the...
2024-06-15 Alexander Popovruff: Fix EXE001 "Shebang is present but file is not...
2024-06-10 Alexander PopovAdd the comment about 'if arch' for the 'cut_attack_sur...
2024-06-10 Alexander PopovUpdate the KSPP recommendations
2024-06-10 Alexander PopovCode refactoring to improve test coverage (II)
2024-06-10 Alexander PopovCode refactoring to improve test coverage (I)
2024-06-09 Alexander PopovMerge branch 'scs-pac'
2024-06-09 Alexander PopovMerge branch 'page-table-check'
2024-06-02 Alexander PopovMerge branch 'open_check'
2024-06-02 Alexander PopovCI: Add the test for the code checking that the cmdline... 134/head
2024-06-02 Alexander PopovCI: Add the tests for the code checking that the config...
2024-06-02 Alexander PopovCheck that the cmdline file is not empty
2024-06-02 Alexander PopovAlso check that the cmdline file and sysctl file exist
2024-06-02 Alexander PopovMerge branch 'master' into open-check
2024-06-02 Alexander PopovCheck MITIGATION_SPECTRE_BHI and spectre_bhi
2024-06-02 Alexander PopovCheck MITIGATION_RFDS and reg_file_data_sampling
2024-06-02 Alexander PopovAdd the new name of SPECULATION_MITIGATIONS
2024-06-02 Alexander PopovAdd the new names of RETPOLINE, CPU_SRSO, SLS
2024-06-02 Alexander PopovAdd the new name of PAGE_TABLE_ISOLATION
2024-05-22 jvoisinAdd two PAGE_TABLE_CHECK related checks from kspp 140/head
2024-05-19 Julien VoisinMerge branch 'master' into scs_pac 131/head
2024-05-14 Alexander PopovMerge remote-tracking branch 'origin/pylint'
2024-05-14 Alexander PopovDon't use TODO to avoid pylint warnings 136/head
2024-05-14 Alexander PopovCI: add pylint
2024-05-14 Alexander PopovDrop 'disable=invalid-name' for pylint
2024-05-14 Alexander PopovDrop __about__.py and use 'version = attr:' in setup.cfg
2024-05-13 Alexander PopovCI: Add the mypy arguments to the WoodPecker CI
2024-05-13 Alexander PopovMerge branch 'typing'
2024-05-13 Alexander PopovCI: Put mypy into a separate workflow and add some... 121/head
2024-05-13 Alexander PopovIntroduce ResultType and improve static typing in test_...
2024-05-13 Alexander PopovImprove the VersionCheck static typing
2024-05-13 Alexander PopovImprove typing and drop the unused **kwargs in the...
2024-05-13 Alexander PopovImprove _open() to avoid mypy and pylint warnings
2024-05-13 Alexander PopovCI: Check static typing with mypy during the functional...
2024-05-13 Alexander PopovStyle fixes for engine import
2024-05-13 Alexander PopovUse dict instead of OrderedDict
2024-05-13 Alexander PopovAdd more typing annotations to test_engine.py
2024-05-13 Alexander PopovFix mypy typing warnings for ChecklistObjType
2024-05-13 Alexander PopovAdd more precise typing for checklist: List[ChecklistOb...
2024-05-13 Alexander PopovFix assertion style
2024-05-13 Alexander PopovFix mypy typing warnings in engine.py
2024-05-13 Alexander PopovAdd more typing annotations to engine.py
2024-05-13 Alexander PopovMove print_unknown_options() to engine.py
2024-05-12 Alexander PopovAdd more precise typing for OrderedDict
2024-05-12 Alexander PopovAdd more typing annotations to checks.py
2024-05-12 Alexander PopovMake the static typing work for Python v3.8
2024-05-12 Alexander PopovFix mypy typing warnings in __init__.py
2024-05-12 Alexander PopovAdd more typing annotations to __init__.py
2024-05-12 Alexander PopovFix pylint warnings in _open
2024-05-12 jvoisinAdd a check to `_open`
2024-05-12 Alexander PopovFix mypy warning in _open()
2024-05-12 Alexander PopovFix mypy warning in json_dump()
2024-05-03 jvoisinAdd a check for CONFIG_UNWIND_PATCH_PAC_INTO_SCS
2024-05-03 Julien VoisinMerge branch 'master' into typing
2024-05-03 Alexander PopovCI: Don't run the tests with coverage control for pull...
2024-05-02 Alexander PopovCI: Add a functional test without collecting coverage...
2024-05-02 Alexander PopovCI: Fix the name of engine_unit-test_no_coverage (II)
2024-05-02 Alexander PopovCI: Fix the name of engine_unit-test_no_coverage
2024-05-02 Alexander PopovCI: Add a unit-test without collecting coverage (tired...
2024-05-02 Alexander PopovMerge branch 'skip_sysctl'
2024-05-02 Alexander PopovStyle fixes, should be no functional changes 125/head
2024-05-02 Alexander PopovFix the reason and decision of the KEXEC_CORE check
2024-05-02 Alexander PopovFix the reason and decision of the BPF_JIT check
2024-05-02 Alexander PopovRestore the `dev.tty.legacy_tiocsti` check
2024-05-02 Alexander PopovUse CONFIG_LOCALVERSION instead of CONFIG_DEFAULT_INIT...
2024-05-02 Eneas U de... skip kernel.modules_disabled if MODULES not set
2024-05-02 Eneas U de... Skip unprivileged_userfaultfd if USERFAULTFD unset
2024-05-02 Eneas U de... Don't fail if dev.tty.legacy_tiocsti not found
2024-05-02 Eneas U de... Skip unprivileged_bpf_disabled if BPF_SYSCALL not set
2024-05-02 Eneas U de... Skip kexec_load_disabled if KEXEC_CORE is not set
2024-05-02 Eneas U de... Skip bpf_jit_harden sysctl if BPF_JIT is not set
2024-04-30 Alexander PopovMerge branch 'cpu_depend'
2024-04-30 jvoisinAdd some lightweight typing
2024-04-30 Alexander PopovFix the reason and decision for CPU_SUP_INTEL 123/head
2024-04-30 Alexander PopovStyle fixes
2024-04-23 Eneas U de... Skip CPU-dependent checks if CPU is not supported
2024-04-21 Alexander PopovLike grep, colorize the output only if stdout is connec...
2024-04-21 Alexander PopovDon't use the `type` name for the class methods
2024-04-18 Alexander PopovAdd the BLK_DEV_WRITE_MOUNTED/bdev_allow_write_mounted...
2024-04-17 Alexander PopovCI: codecov-action@v3.1.5 with token doesn't work well...
2024-04-17 Alexander PopovCI: Return to codecov-action@v3.1.5, but with tokens
2024-04-17 Alexander PopovCI: Update python versions
2024-04-17 Alexander PopovAdd the links to the corresponding codecov pages in...
2024-04-17 Alexander PopovCI: Move to codecov-action@4
2024-04-17 Alexander PopovCI: Move to codecov-action@v3.1.5
2024-04-17 Alexander PopovMerge branch 'shstk'
2024-04-17 Alexander PopovFix 'decision' for the X86_USER_SHADOW_STACK check 120/head
2024-04-15 jvoisinAdd a check for X86_USER_SHADOW_STACK
2024-03-30 Alexander PopovAdd a comment that 'user.max_user_namespaces=0' may...
2024-03-25 Alexander PopovUpdate the README
2024-03-25 Alexander PopovImprove the CONFIG_CFI_CLANG checks (add the CONFIG_CC_...
2024-03-25 Alexander PopovDrop the GCC_PLUGINS check (checking CC_IS_GCC is enough)
next