kconfig-hardened-check.git
2024-04-17 Alexander PopovAdd the links to the corresponding codecov pages in...
2024-04-17 Alexander PopovCI: Move to codecov-action@4
2024-04-17 Alexander PopovCI: Move to codecov-action@v3.1.5
2024-04-17 Alexander PopovMerge branch 'shstk'
2024-04-17 Alexander PopovFix 'decision' for the X86_USER_SHADOW_STACK check 120/head
2024-04-15 jvoisinAdd a check for X86_USER_SHADOW_STACK
2024-03-30 Alexander PopovAdd a comment that 'user.max_user_namespaces=0' may...
2024-03-25 Alexander PopovUpdate the README
2024-03-25 Alexander PopovImprove the CONFIG_CFI_CLANG checks (add the CONFIG_CC_...
2024-03-25 Alexander PopovDrop the GCC_PLUGINS check (checking CC_IS_GCC is enough)
2024-03-25 Alexander PopovAdd the CONFIG_CC_IS_GCC dependency for gcc plugins
2024-03-25 Alexander PopovDon't require GCC_PLUGINS separately
2024-03-24 Alexander PopovRename the 'my' check decision to 'a13xp0p0v'
2024-03-17 Alexander PopovMake the table column names and JSON field names fit...
2024-03-17 Alexander PopovMerge remote-tracking branch 'krishjainx/improve-json...
2024-03-17 krishjainxupdate 115/head
2024-03-17 krishjainxfix issues
2024-03-14 krishjainxFix tests to work with new JSON schema
2024-03-14 krishjainxImprove JSON output format for enhanced processing
2024-03-11 Alexander PopovImprove the DEBUG_CREDENTIALS check
2024-03-10 Alexander PopovFix the false result of the REFCOUNT_FULL check for...
2024-03-09 Alexander PopovHave to revert codecov back to v3
2024-03-09 Alexander PopovUpdate codecov-action
2024-03-09 Alexander PopovAdapt test_version() in the unittest
2024-03-09 Alexander PopovCheck all 3 numbers of the kernel version in VersionCheck
2024-03-09 Alexander PopovFix the fresh set_state() bug found by unittest
2024-03-09 Alexander PopovMake `python -m unittest` show the whole output
2024-03-09 Alexander PopovUpdate github actions
2024-03-09 Alexander PopovImplement the set_state() method of the check classes
2024-03-09 Alexander PopovUse 3 numbers in the VersionCheck constructor
2024-03-09 Alexander PopovParse all numbers of the kernel version
2024-03-09 Alexander PopovSkip the kernel version part after '-'
2024-03-04 Alexander PopovAdd the ia32_emulation check
2024-02-19 Alexander PopovAdd MODULE_SIG_SHA3_512 as a valid option
2024-02-17 Alexander PopovMake LOCKDOWN_LSM 'self_protection', not 'security_policy'
2024-01-16 Alexander PopovReady for the release 0.6.6 v0.6.6
2024-01-16 Alexander PopovUpdate issues.md
2024-01-16 Alexander PopovUpdate the README
2024-01-16 Alexander PopovUpdate the Ubuntu example configs
2024-01-16 Alexander PopovDon't print the warning about ARCH_MMAP_RND_BITS in...
2024-01-16 Alexander PopovImprove the check of DEBUG_NOTIFIERS feature (part 2)
2024-01-16 Alexander PopovImprove the check of DEBUG_NOTIFIERS feature
2024-01-16 Alexander PopovImprove the check of SCHED_STACK_END_CHECK.
2024-01-16 Alexander PopovFix style (III)
2024-01-16 Alexander PopovFix style (II)
2024-01-16 Alexander PopovFix style (I)
2024-01-16 Alexander PopovDisable pylint too-many-locals, it's not useful for...
2024-01-16 Alexander PopovFix pylint W0613: Unused argument 'arch'
2024-01-16 Alexander PopovFix pylint E1101: Instance of 'OptCheck' has no 'type...
2024-01-16 Alexander PopovFix pylint W0613: Unused argument 'mode'
2024-01-15 Alexander PopovUpdate the NixOS configs
2024-01-14 Alexander PopovDon't add options without explicitly recommended values...
2024-01-14 Alexander PopovUBSAN_SANITIZE_ALL is now available for ARM
2023-12-30 Alexander PopovFix the order in the vdso32 check (part II)
2023-12-30 Alexander PopovFix the order in the vdso32 check
2023-12-30 Alexander PopovImprove the hackish refinement of the CONFIG_ARCH_MMAP_...
2023-12-30 Alexander PopovShow the option type in print_unknown_options()
2023-12-30 Alexander PopovUse raw strings for regular expression
2023-12-30 Alexander PopovFix the 'decision' for the 'AIO' check
2023-12-29 Alexander PopovFix the 'decision' for the 'vdso32' check
2023-12-29 Alexander PopovImprove the comment for the 'slab_common.usercopy_fallb...
2023-12-28 Alexander PopovFix the arch condition for the SCHED_CORE check (III)
2023-12-28 Alexander PopovUpdate the KSPP recommendations
2023-12-28 Alexander PopovFix the arch for the CPU_SRSO check (it's available...
2023-12-28 Alexander PopovSplit the HW_RANDOM_TPM check (it's enabled by default...
2023-12-28 Alexander PopovChange the 'decision' of the INIT_STACK_ALL_ZERO check
2023-12-17 Alexander PopovAdd defconfigs for Linux v6.6
2023-12-16 Alexander PopovAdd the RANDOM_KMALLOC_CACHES check
2023-12-16 Alexander PopovAdd the SECURITY_SELINUX_DEBUG check
2023-12-16 Alexander PopovFix the 'decision' for the LEGACY_TIOCSTI check
2023-12-16 Alexander PopovAdd the CONFIG_LIST_HARDENED check
2023-12-09 Alexander PopovAdd the gather_data_sampling check
2023-12-09 Alexander PopovAdd the CPU_SRSO check
2023-12-09 Alexander PopovAdd the SPECULATION_MITIGATIONS check
2023-12-09 Alexander PopovAdd the spec_rstack_overflow check
2023-12-09 Alexander PopovAdd the MODULE_FORCE_LOAD check
2023-12-02 Alexander PopovUpdate the README
2023-12-02 Alexander PopovAdd the check for dis_ucode_ldr
2023-12-02 Alexander PopovAdd the MICROCODE_INTEL and MICROCODE_AMD checks
2023-12-02 Alexander PopovAdd a check for the 'kfence.sample_interval' boot parameter
2023-12-02 Alexander PopovAdd the KFENCE_SAMPLE_INTERVAL check
2023-12-02 Alexander PopovKeep the recommendation to disable kernel modules
2023-12-02 Alexander PopovAdd a comment about 'kernel.modules_disabled'
2023-12-02 Alexander Popovadd --kernel-version option (#94)
2023-12-01 Fabrice Fontaineadd --kernel-version option 94/head
2023-10-18 Alexander PopovFix the reason for the 'kernel.yama.ptrace_scope' check
2023-10-17 Alexander PopovAdd kspp-recommendations/kspp-sysctl.txt
2023-10-17 Alexander PopovFix the reason for the nosmt check
2023-10-17 Alexander PopovUpdate kspp-cmdline-x86-64.txt
2023-10-17 Alexander PopovAdd the 'dev.tty.legacy_tiocsti' check
2023-10-17 Alexander PopovAdd the 'kernel.randomize_va_space' check
2023-10-17 Alexander PopovAdd the 'fs.suid_dumpable' check
2023-10-17 Alexander PopovChange the reason of the COREDUMP check
2023-10-17 Alexander PopovAdd the 'fs.protected_regular' check
2023-10-17 Alexander PopovAdd the 'fs.protected_fifos' check
2023-10-17 Alexander PopovAdd the 'fs.protected_hardlinks' check
2023-10-17 Alexander PopovAdd the 'fs.protected_symlinks' check
2023-10-17 Alexander PopovAdd the 'vm.unprivileged_userfaultfd' check
2023-10-17 Alexander PopovAdd the 'kernel.yama.ptrace_scope' check
2023-10-17 Alexander PopovAdd the 'kernel.kptr_restrict' check
next