projects / kconfig-hardened-check.git / history
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
Improve the check of DEBUG_NOTIFIERS feature
[kconfig-hardened-check.git] / kernel_hardening_checker / checks.py
2024-01-16 Alexander PopovImprove the check of DEBUG_NOTIFIERS feature blob | commitdiff | raw
2024-01-16 Alexander PopovImprove the check of SCHED_STACK_END_CHECK. blob | commitdiff | raw | diff to current
2024-01-16 Alexander PopovDisable pylint too-many-locals, it's not useful for... blob | commitdiff | raw | diff to current
2024-01-16 Alexander PopovFix pylint W0613: Unused argument 'arch' blob | commitdiff | raw | diff to current
2024-01-14 Alexander PopovUBSAN_SANITIZE_ALL is now available for ARM blob | commitdiff | raw | diff to current
2023-12-30 Alexander PopovFix the order in the vdso32 check (part II) blob | commitdiff | raw | diff to current
2023-12-30 Alexander PopovFix the order in the vdso32 check blob | commitdiff | raw | diff to current
2023-12-30 Alexander PopovFix the 'decision' for the 'AIO' check blob | commitdiff | raw | diff to current
2023-12-29 Alexander PopovFix the 'decision' for the 'vdso32' check blob | commitdiff | raw | diff to current
2023-12-29 Alexander PopovImprove the comment for the 'slab_common.usercopy_fallb... blob | commitdiff | raw | diff to current
2023-12-28 Alexander PopovFix the arch condition for the SCHED_CORE check (III) blob | commitdiff | raw | diff to current
2023-12-28 Alexander PopovFix the arch for the CPU_SRSO check (it's available... blob | commitdiff | raw | diff to current
2023-12-28 Alexander PopovSplit the HW_RANDOM_TPM check (it's enabled by default... blob | commitdiff | raw | diff to current
2023-12-28 Alexander PopovChange the 'decision' of the INIT_STACK_ALL_ZERO check blob | commitdiff | raw | diff to current
2023-12-16 Alexander PopovAdd the RANDOM_KMALLOC_CACHES check blob | commitdiff | raw | diff to current
2023-12-16 Alexander PopovAdd the SECURITY_SELINUX_DEBUG check blob | commitdiff | raw | diff to current
2023-12-16 Alexander PopovFix the 'decision' for the LEGACY_TIOCSTI check blob | commitdiff | raw | diff to current
2023-12-16 Alexander PopovAdd the CONFIG_LIST_HARDENED check blob | commitdiff | raw | diff to current
2023-12-09 Alexander PopovAdd the gather_data_sampling check blob | commitdiff | raw | diff to current
2023-12-09 Alexander PopovAdd the CPU_SRSO check blob | commitdiff | raw | diff to current
2023-12-09 Alexander PopovAdd the SPECULATION_MITIGATIONS check blob | commitdiff | raw | diff to current
2023-12-09 Alexander PopovAdd the spec_rstack_overflow check blob | commitdiff | raw | diff to current
2023-12-09 Alexander PopovAdd the MODULE_FORCE_LOAD check blob | commitdiff | raw | diff to current
2023-12-02 Alexander PopovAdd the check for dis_ucode_ldr blob | commitdiff | raw | diff to current
2023-12-02 Alexander PopovAdd the MICROCODE_INTEL and MICROCODE_AMD checks blob | commitdiff | raw | diff to current
2023-12-02 Alexander PopovAdd a check for the 'kfence.sample_interval' boot parameter blob | commitdiff | raw | diff to current
2023-12-02 Alexander PopovAdd the KFENCE_SAMPLE_INTERVAL check blob | commitdiff | raw | diff to current
2023-12-02 Alexander PopovKeep the recommendation to disable kernel modules blob | commitdiff | raw | diff to current
2023-12-02 Alexander PopovAdd a comment about 'kernel.modules_disabled' blob | commitdiff | raw | diff to current
2023-10-18 Alexander PopovFix the reason for the 'kernel.yama.ptrace_scope' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovFix the reason for the nosmt check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovAdd the 'dev.tty.legacy_tiocsti' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovAdd the 'kernel.randomize_va_space' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovAdd the 'fs.suid_dumpable' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovChange the reason of the COREDUMP check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovAdd the 'fs.protected_regular' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovAdd the 'fs.protected_fifos' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovAdd the 'fs.protected_hardlinks' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovAdd the 'fs.protected_symlinks' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovAdd the 'vm.unprivileged_userfaultfd' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovAdd the 'kernel.yama.ptrace_scope' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovAdd the 'kernel.kptr_restrict' check blob | commitdiff | raw | diff to current
2023-10-17 Alexander PopovImprove the slab_common.usercopy_fallback check blob | commitdiff | raw | diff to current
2023-10-17 Alexander Popovhardened_usercopy=1 is now officially recommended by... blob | commitdiff | raw | diff to current
2023-10-16 Alexander PopovEnabling page_alloc.shuffle is now recommended by KSPP blob | commitdiff | raw | diff to current
2023-10-16 Alexander Popov'mitigations=auto,nosmt' is now recommended by KSPP blob | commitdiff | raw | diff to current
2023-10-16 Alexander PopovDisabling X86_VSYSCALL_EMULATION is now recommended... blob | commitdiff | raw | diff to current
2023-10-16 Alexander PopovUse /usr/bin/env in shebangs (#90) blob | commitdiff | raw | diff to current
2023-10-05 Sandro JäckelUse /usr/bin/env in shebangs 90/head blob | commitdiff | raw | diff to current
2023-10-04 Alexander PopovDrop ZERO_CALL_USED_REGS in favour of backward-edge CFI blob | commitdiff | raw | diff to current
2023-09-17 Alexander PopovRename kconfig-hardened-check into kernel-hardening... blob | commitdiff | raw | diff to current
2023-09-17 Alexander Popovkconfig-hardened-check -> kernel-hardening-checker blob | commitdiff | raw | diff to current
kconfig-hardened-check