Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
K
kernel-hardening-checker
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
fact-depend
kernel-hardening-checker
Graph
92270e09d9338c34a28dc0e5b66af7be0ea07910
Switch branch/tag
You can move around the graph by using the arrow keys.
Begin with the selected commit
Created with Raphaël 2.2.0
13
Oct
12
10
9
7
2
25
Sep
18
2
23
Aug
20
17
15
14
13
21
Jul
17
11
10
9
20
Jun
19
9
8
31
May
30
28
15
8
7
6
28
Apr
27
22
20
9
8
7
28
Mar
27
21
19
15
14
13
5
15
Feb
14
12
11
23
Jan
22
21
24
Dec
5
21
Nov
9
23
Sep
22
21
16
11
10
30
Aug
29
20
19
14
9
8
2
Jul
19
Jun
18
30
Oct
29
23
22
21
19
16
14
16
Jul
15
13
10
9
7
3
30
May
7
5
9
Apr
8
6
3
31
Mar
30
29
27
26
24
23
22
20
18
17
9
8
7
5
4
27
Feb
26
24
14
Jan
11
10
2
Dec
29
Nov
28
23
Aug
22
8
Jul
7
24
Jun
5
4
3
1
27
May
17
12
20
Mar
13
12
11
4
24
Jan
23
22
21
15
21
Dec
13
7
6
8
Aug
30
Jul
28
25
24
20
14
5
4
3
22
Jun
21
20
Update the UBSAN checks according to the KSPP recommendations
Update the security policy checks adopted by KSPP
Update the KSPP recommendations
Improve the README
Update the README
Drop some of my security policy recommendations
Check SECURITY_SELINUX_DEVELOP (recommended by Clip OS)
Check SECURITY_SELINUX_BOOTPARAM (recommended by Clip OS)
Improve the HW_RANDOM_TPM check
Check COREDUMP (recommended by Clip OS)
Check CONFIG_HW_RANDOM_TPM (recommended by Clip OS)
Check X86_MCE, X86_MCE_INTEL, X86_MCE_AMD (recommended by Clip OS)
Improve the README
Update the README
Also check 'nospectre_v2' with 'spectre_v2'
Change the reason for the 'nopti' check
Change the reason for the 'nokaslr' check
Add the 'spectre_v2' check
Add the 'nospectre_v2' check
Change the reason for the 'nosmep' and 'nosmap' checks
Add the 'nospectre_v1' check
Add the 'nopti' check
Add the comments: CC_IS_GCC and CC_IS_CLANG exist since v4.18
Add the UBSAN_LOCAL_BOUNDS check for Clang build
Update the links to AOSP and GKI
Update the README
Detect the compiler used for the kernel compilation
Don't use CONFIG_CC_IS_GCC in the checks (it was introduced only in v4.18)
Move get-nix-kconfig.py to kconfig_hardened_check/config_files/distros
Fix the X86_SMAP check: it is enabled by default since v5.19
Check the nosmap and nosmep cmdline parameters
Adapt the RANDSTRUCT checks to the changes in Linux 5.19
Fix the comment: SHADOW_CALL_STACK is now available for gcc (Linux 5.18)
Add the SECURITY_LANDLOCK recommendation by KSPP
Check the nokaslr cmdline parameter
Require GCC for the GCC plugins (part II)
Require GCC for the GCC plugins
Introduce cc_is_gcc and cc_is_clang
No, the 'page_alloc.shuffle' should be set anyway
Drop the comment about slub_debug=FZ