projects
/
kconfig-hardened-check.git
/ shortlog
commit
grep
author
committer
pickaxe
?
search:
re
summary
| shortlog |
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
kconfig-hardened-check.git
2024-08-19
Alexander Popov
Introduce the ARM_PTDUMP_DEBUGFS check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-19
Alexander Popov
Merge branch 'master' into from-jvoisin
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-18
Alexander Popov
Merge remote-tracking branch 'citypw/patch-1'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-11
Shawn C
Add ARM SMMU check options
150/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-11
Alexander Popov
Add missing UBSAN_SIGNED_WRAP mentioned in kernel/confi...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-11
Alexander Popov
Improve the CONFIG_GCC_PLUGIN_STRUCTLEAK check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-11
Alexander Popov
Update the KSPP recommendations (II)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-11
Alexander Popov
Update the KSPP recommendations
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-11
Alexander Popov
Add the comments about `vm.mmap_rnd_bits` and `vm.mmap_...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-11
Alexander Popov
Mark the sysrq checks as GrapheneOS recommendations
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-11
Alexander Popov
Reorder some checks
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-10
Alexander Popov
Improve the reflections on CONFIG_PANIC_ON_OOPS
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-08-10
Alexander Popov
Add the LKDTM check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-29
Alexander Popov
Add defconfigs for Linux v6.10
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-28
Alexander Popov
Merge branch 'simp_detect_arch'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-16
jvoisin
Simplify a bit the detect_arch function
148/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-07
Alexander Popov
Add the FAULT_INJECTION check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-07
Alexander Popov
Add the CONFIG_N_GSM check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-07
Alexander Popov
Add the CRASH_DUMP check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-07
Alexander Popov
Update the `kfence.sample_interval` check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-06
Alexander Popov
Allow the empty values for Kconfig options
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-06
Alexander Popov
Add the missing SPDX info
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-06
Alexander Popov
Improve the README
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-06
Alexander Popov
Specify the `GPL-3.0-only` license explicitly
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-03
Alexander Popov
Update the `decision` for the SLAB_MERGE_DEFAULT check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-07-03
Alexander Popov
Update the KFENCE_SAMPLE_INTERVAL check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-28
Julien Voisin
Merge branch 'master' into grsecurity
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-19
Alexander Popov
Comment out the RANDSTRUCT_PERFORMANCE check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-19
Alexander Popov
Update the KSPP recommendations (https://github.com...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-16
Alexander Popov
Update the 'kernel.modules_disabled' check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-16
Alexander Popov
Add the 'kernel.oops_limit' and 'kernel.warn_limit...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-16
Alexander Popov
Add the "cfi" check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-16
Alexander Popov
Add the "MAGIC_SYSRQ_SERIAL" check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-16
Alexander Popov
Add the "kernel.sysrq" check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-15
Alexander Popov
Add the MAGIC_SYSRQ_DEFAULT_ENABLE check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-15
Alexander Popov
Sync with KSPP: update the `decision` for some checks
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-15
Alexander Popov
Add CONFIG_CC_IS_CLANG and CONFIG_CC_IS_GCC to the...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-15
Alexander Popov
ruff: Fix EXE001 "Shebang is present but file is not...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-10
Alexander Popov
Add the comment about 'if arch' for the 'cut_attack_sur...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-10
Alexander Popov
Update the KSPP recommendations
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-10
Alexander Popov
Code refactoring to improve test coverage (II)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-10
Alexander Popov
Code refactoring to improve test coverage (I)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-09
Alexander Popov
Merge branch 'scs-pac'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-09
Alexander Popov
Merge branch 'page-table-check'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
Merge branch 'open_check'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
CI: Add the test for the code checking that the cmdline...
134/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
CI: Add the tests for the code checking that the config...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
Check that the cmdline file is not empty
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
Also check that the cmdline file and sysctl file exist
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
Merge branch 'master' into open-check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
Check MITIGATION_SPECTRE_BHI and spectre_bhi
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
Check MITIGATION_RFDS and reg_file_data_sampling
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
Add the new name of SPECULATION_MITIGATIONS
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
Add the new names of RETPOLINE, CPU_SRSO, SLS
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-06-02
Alexander Popov
Add the new name of PAGE_TABLE_ISOLATION
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-22
jvoisin
Add two PAGE_TABLE_CHECK related checks from kspp
140/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-19
Julien Voisin
Merge branch 'master' into scs_pac
131/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-17
jvoisin
Add a couple of grsecurity disabled options
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-14
Alexander Popov
Merge remote-tracking branch 'origin/pylint'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-14
Alexander Popov
Don't use TODO to avoid pylint warnings
136/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-14
Alexander Popov
CI: add pylint
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-14
Alexander Popov
Drop 'disable=invalid-name' for pylint
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-14
Alexander Popov
Drop __about__.py and use 'version = attr:' in setup.cfg
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
CI: Add the mypy arguments to the WoodPecker CI
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Merge branch 'typing'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
CI: Put mypy into a separate workflow and add some...
121/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Introduce ResultType and improve static typing in test_...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Improve the VersionCheck static typing
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Improve typing and drop the unused **kwargs in the...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Improve _open() to avoid mypy and pylint warnings
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
CI: Check static typing with mypy during the functional...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Style fixes for engine import
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Use dict instead of OrderedDict
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Add more typing annotations to test_engine.py
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Fix mypy typing warnings for ChecklistObjType
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Add more precise typing for checklist: List[ChecklistOb...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Fix assertion style
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Fix mypy typing warnings in engine.py
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Add more typing annotations to engine.py
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-13
Alexander Popov
Move print_unknown_options() to engine.py
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-12
Alexander Popov
Add more precise typing for OrderedDict
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-12
Alexander Popov
Add more typing annotations to checks.py
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-12
Alexander Popov
Make the static typing work for Python v3.8
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-12
Alexander Popov
Fix mypy typing warnings in __init__.py
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-12
Alexander Popov
Add more typing annotations to __init__.py
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-12
Alexander Popov
Fix pylint warnings in _open
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-12
jvoisin
Add a check to `_open`
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-12
Alexander Popov
Fix mypy warning in _open()
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-12
Alexander Popov
Fix mypy warning in json_dump()
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-03
jvoisin
Add a check for CONFIG_UNWIND_PATCH_PAC_INTO_SCS
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-03
Julien Voisin
Merge branch 'master' into typing
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-03
Alexander Popov
CI: Don't run the tests with coverage control for pull...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Alexander Popov
CI: Add a functional test without collecting coverage...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Alexander Popov
CI: Fix the name of engine_unit-test_no_coverage (II)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Alexander Popov
CI: Fix the name of engine_unit-test_no_coverage
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Alexander Popov
CI: Add a unit-test without collecting coverage (tired...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Alexander Popov
Merge branch 'skip_sysctl'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Alexander Popov
Style fixes, should be no functional changes
125/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Alexander Popov
Fix the reason and decision of the KEXEC_CORE check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Alexander Popov
Fix the reason and decision of the BPF_JIT check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
next