projects
/
kconfig-hardened-check.git
/ shortlog
commit
grep
author
committer
pickaxe
?
search:
re
summary
| shortlog |
log
|
commit
|
commitdiff
|
tree
first ⋅ prev ⋅
next
kconfig-hardened-check.git
2024-05-02
Alexander Popov
Restore the `dev.tty.legacy_tiocsti` check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Alexander Popov
Use CONFIG_LOCALVERSION instead of CONFIG_DEFAULT_INIT...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Eneas U de...
skip kernel.modules_disabled if MODULES not set
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Eneas U de...
Skip unprivileged_userfaultfd if USERFAULTFD unset
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Eneas U de...
Don't fail if dev.tty.legacy_tiocsti not found
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Eneas U de...
Skip unprivileged_bpf_disabled if BPF_SYSCALL not set
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Eneas U de...
Skip kexec_load_disabled if KEXEC_CORE is not set
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-05-02
Eneas U de...
Skip bpf_jit_harden sysctl if BPF_JIT is not set
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-30
Alexander Popov
Merge branch 'cpu_depend'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-30
Alexander Popov
Fix the reason and decision for CPU_SUP_INTEL
123/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-30
Alexander Popov
Style fixes
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-23
Eneas U de...
Skip CPU-dependent checks if CPU is not supported
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-21
Alexander Popov
Like grep, colorize the output only if stdout is connec...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-21
Alexander Popov
Don't use the `type` name for the class methods
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-18
Alexander Popov
Add the BLK_DEV_WRITE_MOUNTED/bdev_allow_write_mounted...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-17
Alexander Popov
CI: codecov-action@v3.1.5 with token doesn't work well...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-17
Alexander Popov
CI: Return to codecov-action@v3.1.5, but with tokens
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-17
Alexander Popov
CI: Update python versions
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-17
Alexander Popov
Add the links to the corresponding codecov pages in...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-17
Alexander Popov
CI: Move to codecov-action@4
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-17
Alexander Popov
CI: Move to codecov-action@v3.1.5
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-17
Alexander Popov
Merge branch 'shstk'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-17
Alexander Popov
Fix 'decision' for the X86_USER_SHADOW_STACK check
120/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-04-15
jvoisin
Add a check for X86_USER_SHADOW_STACK
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-30
Alexander Popov
Add a comment that 'user.max_user_namespaces=0' may...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-25
Alexander Popov
Update the README
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-25
Alexander Popov
Improve the CONFIG_CFI_CLANG checks (add the CONFIG_CC_...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-25
Alexander Popov
Drop the GCC_PLUGINS check (checking CC_IS_GCC is enough)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-25
Alexander Popov
Add the CONFIG_CC_IS_GCC dependency for gcc plugins
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-25
Alexander Popov
Don't require GCC_PLUGINS separately
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-24
Alexander Popov
Rename the 'my' check decision to 'a13xp0p0v'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-17
Alexander Popov
Make the table column names and JSON field names fit...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-17
Alexander Popov
Merge remote-tracking branch 'krishjainx/improve-json...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-17
krishjainx
update
115/head
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-17
krishjainx
fix issues
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-14
krishjainx
Fix tests to work with new JSON schema
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-14
krishjainx
Improve JSON output format for enhanced processing
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-11
Alexander Popov
Improve the DEBUG_CREDENTIALS check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-10
Alexander Popov
Fix the false result of the REFCOUNT_FULL check for...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Have to revert codecov back to v3
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Update codecov-action
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Adapt test_version() in the unittest
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Check all 3 numbers of the kernel version in VersionCheck
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Fix the fresh set_state() bug found by unittest
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Make `python -m unittest` show the whole output
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Update github actions
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Implement the set_state() method of the check classes
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Use 3 numbers in the VersionCheck constructor
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Parse all numbers of the kernel version
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-09
Alexander Popov
Skip the kernel version part after '-'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-03-04
Alexander Popov
Add the ia32_emulation check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-02-19
Alexander Popov
Add MODULE_SIG_SHA3_512 as a valid option
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-02-17
Alexander Popov
Make LOCKDOWN_LSM 'self_protection', not 'security_policy'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Ready for the release 0.6.6
v0.6.6
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Update issues.md
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Update the README
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Update the Ubuntu example configs
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Don't print the warning about ARCH_MMAP_RND_BITS in...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Improve the check of DEBUG_NOTIFIERS feature (part 2)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Improve the check of DEBUG_NOTIFIERS feature
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Improve the check of SCHED_STACK_END_CHECK.
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Fix style (III)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Fix style (II)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Fix style (I)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Disable pylint too-many-locals, it's not useful for...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Fix pylint W0613: Unused argument 'arch'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Fix pylint E1101: Instance of 'OptCheck' has no 'type...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-16
Alexander Popov
Fix pylint W0613: Unused argument 'mode'
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-15
Alexander Popov
Update the NixOS configs
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-14
Alexander Popov
Don't add options without explicitly recommended values...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2024-01-14
Alexander Popov
UBSAN_SANITIZE_ALL is now available for ARM
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-30
Alexander Popov
Fix the order in the vdso32 check (part II)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-30
Alexander Popov
Fix the order in the vdso32 check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-30
Alexander Popov
Improve the hackish refinement of the CONFIG_ARCH_MMAP_...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-30
Alexander Popov
Show the option type in print_unknown_options()
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-30
Alexander Popov
Use raw strings for regular expression
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-30
Alexander Popov
Fix the 'decision' for the 'AIO' check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-29
Alexander Popov
Fix the 'decision' for the 'vdso32' check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-29
Alexander Popov
Improve the comment for the 'slab_common.usercopy_fallb...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-28
Alexander Popov
Fix the arch condition for the SCHED_CORE check (III)
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-28
Alexander Popov
Update the KSPP recommendations
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-28
Alexander Popov
Fix the arch for the CPU_SRSO check (it's available...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-28
Alexander Popov
Split the HW_RANDOM_TPM check (it's enabled by default...
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-28
Alexander Popov
Change the 'decision' of the INIT_STACK_ALL_ZERO check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-17
Alexander Popov
Add defconfigs for Linux v6.6
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-16
Alexander Popov
Add the RANDOM_KMALLOC_CACHES check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-16
Alexander Popov
Add the SECURITY_SELINUX_DEBUG check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-16
Alexander Popov
Fix the 'decision' for the LEGACY_TIOCSTI check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-16
Alexander Popov
Add the CONFIG_LIST_HARDENED check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-09
Alexander Popov
Add the gather_data_sampling check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-09
Alexander Popov
Add the CPU_SRSO check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-09
Alexander Popov
Add the SPECULATION_MITIGATIONS check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-09
Alexander Popov
Add the spec_rstack_overflow check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-09
Alexander Popov
Add the MODULE_FORCE_LOAD check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-02
Alexander Popov
Update the README
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-02
Alexander Popov
Add the check for dis_ucode_ldr
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-02
Alexander Popov
Add the MICROCODE_INTEL and MICROCODE_AMD checks
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-02
Alexander Popov
Add a check for the 'kfence.sample_interval' boot parameter
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-02
Alexander Popov
Add the KFENCE_SAMPLE_INTERVAL check
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
2023-12-02
Alexander Popov
Keep the recommendation to disable kernel modules
commit
|
commitdiff
|
tree
| snapshot (
zip
tar.gz
)
next