kconfig-hardened-check -> kernel-hardening-checker

.github/workflows/engine_unit-test.yml

@@ -34,7 +34,7 @@ jobs:
 
     - name: Run unit-tests and collect coverage
       run: |
-        coverage run --include=kconfig_hardened_check/engine.py,kconfig_hardened_check/test_engine.py -m unittest -v -b
+        coverage run --include=kernel_hardening_checker/engine.py,kernel_hardening_checker/test_engine.py -m unittest -v -b
         coverage xml -i -o coverage_unittest.xml
 
     - name: Handle coverage

.github/workflows/functional_test.yml

@@ -29,9 +29,9 @@ jobs:
       run: |
         python -m pip install --upgrade pip
         echo "Install the package via pip..."
-        pip --verbose install git+https://github.com/a13xp0p0v/kconfig-hardened-check
+        pip --verbose install git+https://github.com/a13xp0p0v/kernel-hardening-checker
         echo "Run the installed tool..."
-        kconfig-hardened-check
+        kernel-hardening-checker
 
     - name: Check all configs with the installed tool
       run: |
@@ -44,7 +44,7 @@ jobs:
         do
                 COUNT=$(expr $COUNT + 1)
                 echo -e "\n>>>>> checking kconfig number $COUNT <<<<<"
-                kconfig-hardened-check -c $C -l /proc/cmdline -s /tmp/sysctls
+                kernel-hardening-checker -c $C -l /proc/cmdline -s /tmp/sysctls
         done
         echo -e "\nHave checked $COUNT kconfigs"
 

.woodpecker/engine_unit-test.yml

@@ -8,6 +8,6 @@ steps:
       - python --version
       - pip install --no-cache-dir coverage
       - echo "Run unit-tests and collect coverage..."
-      - coverage run --include=kconfig_hardened_check/engine.py,kconfig_hardened_check/test_engine.py -m unittest -v -b
+      - coverage run --include=kernel_hardening_checker/engine.py,kernel_hardening_checker/test_engine.py -m unittest -v -b
       - echo "Show the coverage report..."
       - coverage report

.woodpecker/functional_test.yml

@@ -10,16 +10,16 @@ steps:
       - ls -la
       - python --version
       - echo "Install the package via pip..."
-      - pip --verbose install --no-cache-dir git+https://github.com/a13xp0p0v/kconfig-hardened-check
+      - pip --verbose install --no-cache-dir git+https://github.com/a13xp0p0v/kernel-hardening-checker
       - echo "Run the installed tool..."
-      - which kconfig-hardened-check
-      - kconfig-hardened-check
+      - which kernel-hardening-checker
+      - kernel-hardening-checker
       - echo "Check all configs with the installed tool..."
       - sysctl -a > /tmp/sysctls
       - CONFIG_DIR=`find /usr/local/lib/ -name config_files`
       - KCONFIGS=`find $CONFIG_DIR -type f | grep -e "\.config" -e "\.gz"`
       - COUNT=0
-      - for C in $KCONFIGS; do COUNT=$(expr $COUNT + 1); echo ">>>>> checking kconfig number $COUNT <<<<<"; kconfig-hardened-check -c $C -l /proc/cmdline -s /tmp/sysctls; done
+      - for C in $KCONFIGS; do COUNT=$(expr $COUNT + 1); echo ">>>>> checking kconfig number $COUNT <<<<<"; kernel-hardening-checker -c $C -l /proc/cmdline -s /tmp/sysctls; done
       - echo "Have checked $COUNT kconfigs"
   functional-test-with-coverage:
     image: python:3

MANIFEST.in

 include README.md
 include LICENSE.txt
-recursive-include kconfig_hardened_check *
+recursive-include kernel_hardening_checker *

README.md

-# kconfig-hardened-check
+# kernel-hardening-checker (formerly kconfig-hardened-check)
 
-[![GitHub tag (latest by date)](https://img.shields.io/github/v/tag/a13xp0p0v/kconfig-hardened-check?label=release)](https://github.com/a13xp0p0v/kconfig-hardened-check/tags)<br />
-[![functional test](https://github.com/a13xp0p0v/kconfig-hardened-check/workflows/functional%20test/badge.svg)](https://github.com/a13xp0p0v/kconfig-hardened-check/actions/workflows/functional_test.yml)
-[![functional test coverage](https://codecov.io/gh/a13xp0p0v/kconfig-hardened-check/graph/badge.svg?flag=functional_test)](https://codecov.io/gh/a13xp0p0v/kconfig-hardened-check)<br />
-[![engine unit-test](https://github.com/a13xp0p0v/kconfig-hardened-check/workflows/engine%20unit-test/badge.svg)](https://github.com/a13xp0p0v/kconfig-hardened-check/actions/workflows/engine_unit-test.yml)
-[![unit-test coverage](https://codecov.io/gh/a13xp0p0v/kconfig-hardened-check/graph/badge.svg?flag=engine_unit-test)](https://codecov.io/gh/a13xp0p0v/kconfig-hardened-check)
+[![GitHub tag (latest by date)](https://img.shields.io/github/v/tag/a13xp0p0v/kernel-hardening-checker?label=release)](https://github.com/a13xp0p0v/kernel-hardening-checker/tags)<br />
+[![functional test](https://github.com/a13xp0p0v/kernel-hardening-checker/workflows/functional%20test/badge.svg)](https://github.com/a13xp0p0v/kernel-hardening-checker/actions/workflows/functional_test.yml)
+[![functional test coverage](https://codecov.io/gh/a13xp0p0v/kernel-hardening-checker/graph/badge.svg?flag=functional_test)](https://codecov.io/gh/a13xp0p0v/kernel-hardening-checker)<br />
+[![engine unit-test](https://github.com/a13xp0p0v/kernel-hardening-checker/workflows/engine%20unit-test/badge.svg)](https://github.com/a13xp0p0v/kernel-hardening-checker/actions/workflows/engine_unit-test.yml)
+[![unit-test coverage](https://codecov.io/gh/a13xp0p0v/kernel-hardening-checker/graph/badge.svg?flag=engine_unit-test)](https://codecov.io/gh/a13xp0p0v/kernel-hardening-checker)
 
 ## Motivation
 
@@ -14,7 +14,7 @@ make our systems more secure.
 
 But nobody likes checking configs manually. So let the computers do their job!
 
-__kconfig-hardened-check__ is a tool for checking the security hardening options of the Linux kernel. It supports checking:
+__kernel-hardening-checker__ is a tool for checking the security hardening options of the Linux kernel. It supports checking:
 
   - Kconfig options (compile-time)
   - Kernel cmdline arguments (boot-time)
@@ -39,9 +39,9 @@ of its typical workload.
 
 ## Repositories
 
- - Main at GitHub <https://github.com/a13xp0p0v/kconfig-hardened-check>
- - Mirror at Codeberg: <https://codeberg.org/a13xp0p0v/kconfig-hardened-check>
- - Mirror at GitFlic: <https://gitflic.ru/project/a13xp0p0v/kconfig-hardened-check>
+ - Main at GitHub <https://github.com/a13xp0p0v/kernel-hardening-checker>
+ - Mirror at Codeberg: <https://codeberg.org/a13xp0p0v/kernel-hardening-checker>
+ - Mirror at GitFlic: <https://gitflic.ru/project/a13xp0p0v/kernel-hardening-checker>
 
 ## Supported microarchitectures
 
@@ -57,16 +57,16 @@ TODO: RISC-V (issue [#56][22])
 You can install the package:
 
 ```
-pip install git+https://github.com/a13xp0p0v/kconfig-hardened-check
+pip install git+https://github.com/a13xp0p0v/kernel-hardening-checker
 ```
 
-or simply run `./bin/kconfig-hardened-check` from the cloned repository.
+or simply run `./bin/kernel-hardening-checker` from the cloned repository.
 
-Some Linux distributions also provide `kconfig-hardened-check` as a package.
+Some Linux distributions also provide `kernel-hardening-checker` as a package.
 
 ## Usage
 ```
-usage: kconfig-hardened-check [-h] [--version] [-m {verbose,json,show_ok,show_fail}]
+usage: kernel-hardening-checker [-h] [--version] [-m {verbose,json,show_ok,show_fail}]
                               [-c CONFIG] [-l CMDLINE] [-s SYSCTL]
                               [-p {X86_64,X86_32,ARM64,ARM}]
                               [-g {X86_64,X86_32,ARM64,ARM}]
@@ -110,14 +110,14 @@ CONFIG_DEVMEM                           |kconfig| is not set |   kspp   |cut_att
 ```
   - `-m show_fail` for showing only the failed checks
   - `-m show_ok` for showing only the successful checks
-  - `-m json` for printing the results in JSON format (for combining `kconfig-hardened-check` with other tools)
+  - `-m json` for printing the results in JSON format (for combining `kernel-hardening-checker` with other tools)
 
 ## Example output for `Fedora 38` kernel configuration
 ```
-$ ./bin/kconfig-hardened-check -c kconfig_hardened_check/config_files/distros/fedora_38.config -l /proc/cmdline -s kconfig_hardened_check/config_files/distros/example_sysctls.txt 
-[+] Kconfig file to check: kconfig_hardened_check/config_files/distros/fedora_38.config
+$ ./bin/kernel-hardening-checker -c kernel_hardening_checker/config_files/distros/fedora_38.config -l /proc/cmdline -s kernel_hardening_checker/config_files/distros/example_sysctls.txt 
+[+] Kconfig file to check: kernel_hardening_checker/config_files/distros/fedora_38.config
 [+] Kernel cmdline file to check: /proc/cmdline
-[+] Sysctl output file to check: kconfig_hardened_check/config_files/distros/example_sysctls.txt
+[+] Sysctl output file to check: kernel_hardening_checker/config_files/distros/example_sysctls.txt
 [+] Detected microarchitecture: X86_64
 [+] Detected kernel version: 6.3
 [+] Detected compiler: GCC 130101
@@ -374,7 +374,7 @@ With the `-g` argument, the tool generates a Kconfig fragment with the security
 
 This Kconfig fragment can be merged with the existing Linux kernel config:
 ```
-$ ./bin/kconfig-hardened-check -g X86_64 > /tmp/fragment
+$ ./bin/kernel-hardening-checker -g X86_64 > /tmp/fragment
 $ cd ~/linux-src/
 $ ./scripts/kconfig/merge_config.sh .config /tmp/fragment
 Using .config as base
@@ -389,7 +389,7 @@ New value: CONFIG_BUG_ON_DATA_CORRUPTION=y
 
 __Q:__ How all these kernel parameters influence the Linux kernel security?
 
-__A:__ To answer this question, you can use the `kconfig-hardened-check` [sources of recommendations][24]
+__A:__ To answer this question, you can use the `kernel-hardening-checker` [sources of recommendations][24]
 and the [Linux Kernel Defence Map][4] with its references.
 
 <br />
@@ -463,7 +463,7 @@ try to install `gcc-7-plugin-dev` package, it should help.
 [3]: https://grsecurity.net/
 [4]: https://github.com/a13xp0p0v/linux-kernel-defence-map
 [5]: https://lwn.net/Articles/791863/
-[6]: https://github.com/a13xp0p0v/kconfig-hardened-check/issues/38
+[6]: https://github.com/a13xp0p0v/kernel-hardening-checker/issues/38
 [7]: https://github.com/BlackIkeEagle
 [8]: https://blog.herecura.eu/blog/2020-05-30-kconfig-hardening-tests/
 [9]: https://googleprojectzero.blogspot.com/2018/09/a-cache-invalidation-bug-in-linux.html
@@ -472,13 +472,13 @@ try to install `gcc-7-plugin-dev` package, it should help.
 [12]: https://github.com/tych0
 [13]: https://github.com/speed47/spectre-meltdown-checker
 [14]: https://github.com/speed47
-[15]: https://github.com/a13xp0p0v/kconfig-hardened-check/issues/53
-[16]: https://github.com/a13xp0p0v/kconfig-hardened-check/pull/54
-[17]: https://github.com/a13xp0p0v/kconfig-hardened-check/pull/62
+[15]: https://github.com/a13xp0p0v/kernel-hardening-checker/issues/53
+[16]: https://github.com/a13xp0p0v/kernel-hardening-checker/pull/54
+[17]: https://github.com/a13xp0p0v/kernel-hardening-checker/pull/62
 [18]: https://cateee.net/lkddb/web-lkddb/
 [19]: https://github.com/cateee/lkddb
 [20]: https://kernel.org/
-[21]: https://github.com/a13xp0p0v/kconfig-hardened-check/issues/66
-[22]: https://github.com/a13xp0p0v/kconfig-hardened-check/issues/56
-[23]: https://github.com/a13xp0p0v/kconfig-hardened-check/issues?q=label%3Akernel_maintainer_feedback
-[24]: https://github.com/a13xp0p0v/kconfig-hardened-check#motivation
+[21]: https://github.com/a13xp0p0v/kernel-hardening-checker/issues/66
+[22]: https://github.com/a13xp0p0v/kernel-hardening-checker/issues/56
+[23]: https://github.com/a13xp0p0v/kernel-hardening-checker/issues?q=label%3Akernel_maintainer_feedback
+[24]: https://github.com/a13xp0p0v/kernel-hardening-checker#motivation

bin/kconfig-hardened-check → bin/kernel-hardening-checker

@@ -10,6 +10,6 @@ current_dir = os.path.dirname(os.path.abspath(inspect.getfile(inspect.currentfra
 parent_dir = os.path.dirname(current_dir)
 sys.path.insert(0, parent_dir)
 
-import kconfig_hardened_check
+import kernel_hardening_checker
 
-kconfig_hardened_check.main()
+kernel_hardening_checker.main()

kconfig_hardened_check/__init__.py → kernel_hardening_checker/__init__.py

@@ -230,7 +230,7 @@ def main():
     #   * json mode for printing the results in JSON format
     report_modes = ['verbose', 'json', 'show_ok', 'show_fail']
     supported_archs = ['X86_64', 'X86_32', 'ARM64', 'ARM']
-    parser = ArgumentParser(prog='kconfig-hardened-check',
+    parser = ArgumentParser(prog='kernel-hardening-checker',
                             description='A tool for checking the security hardening options of the Linux kernel')
     parser.add_argument('--version', action='version', version='%(prog)s ' + __version__)
     parser.add_argument('-m', '--mode', choices=report_modes,

kconfig_hardened_check/test_engine.py → kernel_hardening_checker/test_engine.py

@@ -5,7 +5,7 @@ This tool is for checking the security hardening options of the Linux kernel.
 
 Author: Alexander Popov <alex.popov@linux.com>
 
-This module performs unit-testing of the kconfig-hardened-check engine.
+This module performs unit-testing of the kernel-hardening-checker engine.
 """
 
 # pylint: disable=missing-function-docstring,line-too-long

setup.cfg

 [metadata]
-name = kconfig-hardened-check
+name = kernel-hardening-checker
 author = Alexander Popov
 author_email = alex.popov@linux.com
-home_page = https://github.com/a13xp0p0v/kconfig-hardened-check
+home_page = https://github.com/a13xp0p0v/kernel-hardening-checker
 description = A tool for checking the security hardening options of the Linux kernel
 long_description = file: README.md
 license = GNU General Public License v3 (GPLv3)
@@ -18,14 +18,14 @@ classifiers =
 [options]
 setup_requires = setuptools
 packages =
-	kconfig_hardened_check
-	kconfig_hardened_check.config_files
-	kconfig_hardened_check.config_files.defconfigs
-	kconfig_hardened_check.config_files.distros
-	kconfig_hardened_check.config_files.kspp-recommendations
+	kernel_hardening_checker
+	kernel_hardening_checker.config_files
+	kernel_hardening_checker.config_files.defconfigs
+	kernel_hardening_checker.config_files.distros
+	kernel_hardening_checker.config_files.kspp-recommendations
 include_package_data = true
 
 [options.entry_points]
 console_scripts =
-	kconfig-hardened-check = kconfig_hardened_check:main
+	kernel-hardening-checker = kernel_hardening_checker:main
 

setup.py

@@ -3,7 +3,7 @@
 from setuptools import setup
 
 about = {}
-with open("kconfig_hardened_check/__about__.py") as f:
+with open("kernel_hardening_checker/__about__.py") as f:
     exec(f.read(), about)
 
 print('v: "{}"'.format(about['__version__']))