kconfig-hardened-check.git
2024-03-11 Alexander PopovImprove the DEBUG_CREDENTIALS check
2024-03-10 Alexander PopovFix the false result of the REFCOUNT_FULL check for...
2024-03-09 Alexander PopovHave to revert codecov back to v3
2024-03-09 Alexander PopovUpdate codecov-action
2024-03-09 Alexander PopovAdapt test_version() in the unittest
2024-03-09 Alexander PopovCheck all 3 numbers of the kernel version in VersionCheck
2024-03-09 Alexander PopovFix the fresh set_state() bug found by unittest
2024-03-09 Alexander PopovMake `python -m unittest` show the whole output
2024-03-09 Alexander PopovUpdate github actions
2024-03-09 Alexander PopovImplement the set_state() method of the check classes
2024-03-09 Alexander PopovUse 3 numbers in the VersionCheck constructor
2024-03-09 Alexander PopovParse all numbers of the kernel version
2024-03-09 Alexander PopovSkip the kernel version part after '-'
2024-03-04 Alexander PopovAdd the ia32_emulation check
2024-02-19 Alexander PopovAdd MODULE_SIG_SHA3_512 as a valid option
2024-02-17 Alexander PopovMake LOCKDOWN_LSM 'self_protection', not 'security_policy'
2024-01-16 Alexander PopovReady for the release 0.6.6 v0.6.6
2024-01-16 Alexander PopovUpdate issues.md
2024-01-16 Alexander PopovUpdate the README
2024-01-16 Alexander PopovUpdate the Ubuntu example configs
2024-01-16 Alexander PopovDon't print the warning about ARCH_MMAP_RND_BITS in...
2024-01-16 Alexander PopovImprove the check of DEBUG_NOTIFIERS feature (part 2)
2024-01-16 Alexander PopovImprove the check of DEBUG_NOTIFIERS feature
2024-01-16 Alexander PopovImprove the check of SCHED_STACK_END_CHECK.
2024-01-16 Alexander PopovFix style (III)
2024-01-16 Alexander PopovFix style (II)
2024-01-16 Alexander PopovFix style (I)
2024-01-16 Alexander PopovDisable pylint too-many-locals, it's not useful for...
2024-01-16 Alexander PopovFix pylint W0613: Unused argument 'arch'
2024-01-16 Alexander PopovFix pylint E1101: Instance of 'OptCheck' has no 'type...
2024-01-16 Alexander PopovFix pylint W0613: Unused argument 'mode'
2024-01-15 Alexander PopovUpdate the NixOS configs
2024-01-14 Alexander PopovDon't add options without explicitly recommended values...
2024-01-14 Alexander PopovUBSAN_SANITIZE_ALL is now available for ARM
2023-12-30 Alexander PopovFix the order in the vdso32 check (part II)
2023-12-30 Alexander PopovFix the order in the vdso32 check
2023-12-30 Alexander PopovImprove the hackish refinement of the CONFIG_ARCH_MMAP_...
2023-12-30 Alexander PopovShow the option type in print_unknown_options()
2023-12-30 Alexander PopovUse raw strings for regular expression
2023-12-30 Alexander PopovFix the 'decision' for the 'AIO' check
2023-12-29 Alexander PopovFix the 'decision' for the 'vdso32' check
2023-12-29 Alexander PopovImprove the comment for the 'slab_common.usercopy_fallb...
2023-12-28 Alexander PopovFix the arch condition for the SCHED_CORE check (III)
2023-12-28 Alexander PopovUpdate the KSPP recommendations
2023-12-28 Alexander PopovFix the arch for the CPU_SRSO check (it's available...
2023-12-28 Alexander PopovSplit the HW_RANDOM_TPM check (it's enabled by default...
2023-12-28 Alexander PopovChange the 'decision' of the INIT_STACK_ALL_ZERO check
2023-12-17 Alexander PopovAdd defconfigs for Linux v6.6
2023-12-16 Alexander PopovAdd the RANDOM_KMALLOC_CACHES check
2023-12-16 Alexander PopovAdd the SECURITY_SELINUX_DEBUG check
2023-12-16 Alexander PopovFix the 'decision' for the LEGACY_TIOCSTI check
2023-12-16 Alexander PopovAdd the CONFIG_LIST_HARDENED check
2023-12-09 Alexander PopovAdd the gather_data_sampling check
2023-12-09 Alexander PopovAdd the CPU_SRSO check
2023-12-09 Alexander PopovAdd the SPECULATION_MITIGATIONS check
2023-12-09 Alexander PopovAdd the spec_rstack_overflow check
2023-12-09 Alexander PopovAdd the MODULE_FORCE_LOAD check
2023-12-02 Alexander PopovUpdate the README
2023-12-02 Alexander PopovAdd the check for dis_ucode_ldr
2023-12-02 Alexander PopovAdd the MICROCODE_INTEL and MICROCODE_AMD checks
2023-12-02 Alexander PopovAdd a check for the 'kfence.sample_interval' boot parameter
2023-12-02 Alexander PopovAdd the KFENCE_SAMPLE_INTERVAL check
2023-12-02 Alexander PopovKeep the recommendation to disable kernel modules
2023-12-02 Alexander PopovAdd a comment about 'kernel.modules_disabled'
2023-12-02 Alexander Popovadd --kernel-version option (#94)
2023-12-01 Fabrice Fontaineadd --kernel-version option 94/head
2023-10-18 Alexander PopovFix the reason for the 'kernel.yama.ptrace_scope' check
2023-10-17 Alexander PopovAdd kspp-recommendations/kspp-sysctl.txt
2023-10-17 Alexander PopovFix the reason for the nosmt check
2023-10-17 Alexander PopovUpdate kspp-cmdline-x86-64.txt
2023-10-17 Alexander PopovAdd the 'dev.tty.legacy_tiocsti' check
2023-10-17 Alexander PopovAdd the 'kernel.randomize_va_space' check
2023-10-17 Alexander PopovAdd the 'fs.suid_dumpable' check
2023-10-17 Alexander PopovChange the reason of the COREDUMP check
2023-10-17 Alexander PopovAdd the 'fs.protected_regular' check
2023-10-17 Alexander PopovAdd the 'fs.protected_fifos' check
2023-10-17 Alexander PopovAdd the 'fs.protected_hardlinks' check
2023-10-17 Alexander PopovAdd the 'fs.protected_symlinks' check
2023-10-17 Alexander PopovAdd the 'vm.unprivileged_userfaultfd' check
2023-10-17 Alexander PopovAdd the 'kernel.yama.ptrace_scope' check
2023-10-17 Alexander PopovAdd the 'kernel.kptr_restrict' check
2023-10-17 Alexander PopovImprove the slab_common.usercopy_fallback check
2023-10-17 Alexander Popovhardened_usercopy=1 is now officially recommended by...
2023-10-16 Alexander PopovEnabling page_alloc.shuffle is now recommended by KSPP
2023-10-16 Alexander Popov'mitigations=auto,nosmt' is now recommended by KSPP
2023-10-16 Alexander PopovDisabling X86_VSYSCALL_EMULATION is now recommended...
2023-10-16 Alexander PopovUse /usr/bin/env in shebangs (#90)
2023-10-05 Sandro JäckelUse /usr/bin/env in shebangs 90/head
2023-10-04 Alexander PopovDrop ZERO_CALL_USED_REGS in favour of backward-edge CFI
2023-09-18 Alexander PopovUpdate the README
2023-09-18 Alexander PopovRefactor the assertion in colorize_result() to improve...
2023-09-17 Alexander PopovUpdate the backup in issues.md
2023-09-17 Alexander PopovRename kconfig-hardened-check into kernel-hardening...
2023-09-17 Alexander PopovRenaming fixes renaming 85/head
2023-09-17 Alexander PopovDrop default.nix (it contains a wrong utility name...
2023-09-17 Alexander Popovkconfig-hardened-check -> kernel-hardening-checker
2023-09-17 Alexander Popovtest_engine: add test_complex_nested()
2023-09-17 Alexander Popovtest_engine: improve the output
2023-09-16 Alexander Popovtest_engine: improve the test_stdout()
2023-09-16 Alexander Popovtest_engine: refactor test_complex_or() and test_comple...
next