projects / kconfig-hardened-check.git / shortlog
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
kconfig-hardened-check.git
2020-03-24 Alexander PopovVersion 0.5.5 (supports Linux kernel v5.5) v0.5.5 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-24 Alexander PopovUpdate the README commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-24 Alexander PopovCLIP OS recommends disabling Intel TSX commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-24 Alexander PopovSmall syctl cleanup commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-23 Alexander PopovMerge pull request #34 from madaidan/grapheneos commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-22 madaidanGrapheneOS is the continuation of CopperheadOS 34/head commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-20 Alexander PopovCopperheadOS disables the kernel's CONFIG_AIO feature commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-20 Alexander PopovKSPP now recommends PAGE_TABLE_ISOLATION for X86_32 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-20 Alexander PopovUpdate KSPP recommendations commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-18 Alexander PopovINTEL_IOMMU is available for X86_32 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-18 Alexander PopovMove VMSPLIT_3G to 'userspace_hardening' commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-18 Alexander PopovStyle fix commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-18 Alexander PopovIOMMU_SUPPORT is needed for all architectures commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-18 Alexander PopovSECURITY_WRITABLE_HOOKS and SECURITY_SELINUX_DISABLE... commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-18 Alexander PopovAdd CLIP OS recommendation about X86_CPUID commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-18 Alexander PopovFix RANDOM_TRUST_BOOTLOADER check commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-18 Alexander PopovLOCKDOWN update - part II commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-18 Alexander PopovLOCKDOWN update - part I commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-18 Alexander PopovDon't restrict arch for "is not set" checks commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-17 Alexander PopovSECURITY_LOCKDOWN_LSM is recommended by CLIP OS commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-08 Alexander PopovAdd CONFIG_INTEGRITY for userspace hardening commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-08 Alexander PopovFix the comments commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-08 Alexander PopovDon't show all checks from all supported platforms... commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-07 Alexander PopovImprove 'dunno' report in debug_mode commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-06 Alexander PopovAdd SECURITY_LOADPIN_ENFORCE check commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-06 Alexander PopovUpdate CLIP OS kernel security documentation commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-06 Alexander PopovAdd CLIP OS recommendation about CONFIG_STAGING commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-06 Alexander PopovAdd CLIP OS recommendation about CONFIG_RANDOM_TRUST_BO... commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-06 Alexander PopovUpdate the README commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-06 Alexander PopovImprove debug_mode a lot commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-06 Alexander PopovImprove the table header commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-06 Alexander PopovDrop unused OptCheck printing commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-05 Alexander PopovUpdate 'decision' for new KSPP recommendations commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-05 Alexander PopovUpdate KSPP recommendations commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-05 Alexander PopovUpdate the README commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-05 Alexander PopovLDISC_AUTOLOAD can be disabled since v5.1 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-05 Alexander PopovREFCOUNT_FULL is enabled by default since v5.5 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-05 Alexander PopovAdd kernel version checks for complex checks with logic... commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-05 Alexander PopovAdd kernel version detection commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-05 Alexander PopovSimplify perform_checks() commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-04 Alexander PopovFix versions in KSPP recommendations commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-04 Alexander PopovFix the name for ClearLinux config commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-04 Alexander PopovSTACKPROTECTOR_PER_TASK is now default for ARM commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-04 Alexander PopovSECURITY_WRITABLE_HOOKS is not disabled by default commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-04 Alexander PopovInclude GCC_PLUGINS to defconfig commit | commitdiff | tree | snapshot (zip tar.gz)
2020-03-04 Alexander PopovUpdate defconfigs (v5.5) commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-27 Alexander PopovMerge branch 'config-updates-from-hackurx' commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-26 LoïcUpdate of the kconfig-hardened-check.py part 31/head commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-26 LoïcAdd link for clearlinux commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-26 LoïcAdd clearlinux-master commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to 5.3.0-28-generic (LTS HWE) commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcRemove debian-stretch.config commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcAdd link for amazonlinux2 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to 4.14.165-133.209.amzn2.x86_64 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to 5.4.21 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to openSUSE-15.1 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to 5.3.16 (SLE15-SP2) commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to SLE15-SP2 and openSUSE-15.1 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to 5.4.21 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to 5.5.5-pentoo commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate of some links commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to 5.4.1 (uek6) commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to 4.18.0-147.5.1.el8_1.x86_64 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-02-24 LoïcUpdate to config-4.19.0-8-amd64 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-01-14 Alexander PopovFix INIT_ON_FREE_DEFAULT_ON vs PAGE_POISONING issue #28 commit | commitdiff | tree | snapshot (zip tar.gz)
2020-01-14 Alexander PopovAnswer the question about CONFIG_PANIC_ON_OOPS commit | commitdiff | tree | snapshot (zip tar.gz)
2020-01-11 Alexander PopovRecommend disabling VIDEO_VIVID commit | commitdiff | tree | snapshot (zip tar.gz)
2020-01-10 Alexander PopovTake some ideas from NixOS/nixpkgs hardened kernel... commit | commitdiff | tree | snapshot (zip tar.gz)
2019-12-02 Alexander PopovPretty printing commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-29 Alexander PopovVersion 0.5.3 (supports Linux kernel v5.3) v0.5.3 commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-29 Alexander PopovAdd the link to Linux Kernel Defence Map commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-29 Alexander PopovUpdate the README commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-29 Alexander PopovUpdate defconfigs commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-29 Alexander PopovRANDOMIZE_BASE is now enabled by default on arm64 commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander Popovx86_32: INTEL_IOMMU is not enabled by default - fix... commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovX86_INTEL_UMIP is now X86_UMIP commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander Popovx86_64: more hardening options are enabled by default... commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovImprove the list of the kernel parameters in TODO commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovAdd CLIP OS links commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovUpdate the column width commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovSome of my recommendations are used by CLIP OS, change... commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovDon't recommend disabling IKCONFIG anymore commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovSave more hardening sysctls for TODO commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovUpdate CLIP OS doc commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovGroup security policies together commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovAdd INIT_ON_ALLOC_DEFAULT_ON and INIT_ON_FREE_DEFAULT_O... commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovAdd RODATA_FULL_DEFAULT_ENABLED for ARM64 commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovAdd info about Debian and AOSP kernel configs to links.txt commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovAdd Debian Buster kernel config commit | commitdiff | tree | snapshot (zip tar.gz)
2019-11-28 Alexander PopovAdd AOSP kernel config for Pixel 3a commit | commitdiff | tree | snapshot (zip tar.gz)
2019-08-23 Alexander PopovIntroduce the versioning v0.5.2 commit | commitdiff | tree | snapshot (zip tar.gz)
2019-08-23 Alexander PopovUpdate the script output in the README commit | commitdiff | tree | snapshot (zip tar.gz)
2019-08-23 Alexander PopovAdd HARDEN_BRANCH_PREDICTOR and HARDEN_EL2_VECTORS commit | commitdiff | tree | snapshot (zip tar.gz)
2019-08-23 Alexander PopovBring more order to the offsets (style fix) commit | commitdiff | tree | snapshot (zip tar.gz)
2019-08-22 Alexander PopovAdd INIT_STACK_ALL as an alternative to GCC_PLUGIN_STRU... commit | commitdiff | tree | snapshot (zip tar.gz)
2019-08-22 Alexander PopovAdd SHUFFLE_PAGE_ALLOCATOR from v5.2 commit | commitdiff | tree | snapshot (zip tar.gz)
2019-08-22 Alexander PopovAdd some new sysctls (to remember them) commit | commitdiff | tree | snapshot (zip tar.gz)
2019-07-08 Alexander PopovMerge pull request #22 from adrianopol/master commit | commitdiff | tree | snapshot (zip tar.gz)
2019-07-07 Andrew Petelin#20 fix: use right quotes in json output 22/head commit | commitdiff | tree | snapshot (zip tar.gz)
2019-06-24 Alexander PopovDo code refactoring without changing the functionality commit | commitdiff | tree | snapshot (zip tar.gz)
next
kconfig-hardened-check