User contributions
Jump to navigation
Jump to search
- 19:42, 1 May 2024 diff hist −13 Kernel Self Protection Project/Recommended Settings need to disable fineibt with a boot param, there's no way to disable it with Kconfig yet current
- 22:22, 26 April 2024 diff hist +44 Kernel Self Protection Project/Recommended Settings →CONFIGs: CONFIG_SECURITY_SELINUX_DEBUG
- 21:54, 26 April 2024 diff hist +39 Kernel Self Protection Project/Recommended Settings →CONFIGs: CONFIG_MODULE_FORCE_LOAD
- 21:53, 26 April 2024 diff hist +223 Kernel Self Protection Project/Recommended Settings →sysctls: kernel.modules_disabled
- 21:50, 26 April 2024 diff hist +50 m Kernel Self Protection Project/Recommended Settings →CONFIGs
- 21:49, 26 April 2024 diff hist +37 m Kernel Self Protection Project/Recommended Settings →kernel command line options
- 21:49, 26 April 2024 diff hist +156 Kernel Self Protection Project/Recommended Settings →CONFIGs: CONFIG_SLAB_MERGE_DEFAULT
- 21:46, 26 April 2024 diff hist +35 Kernel Self Protection Project/Recommended Settings →CONFIGs: CONFIG_KFENCE_SAMPLE_INTERVAL
- 21:44, 26 April 2024 diff hist +98 m Kernel Self Protection Project/Recommended Settings →sysctls
- 21:42, 26 April 2024 diff hist +130 Kernel Self Protection Project/Recommended Settings →sysctls: warn_limit and oops_limit
- 21:31, 26 April 2024 diff hist +5 Kernel Self Protection Project/Recommended Settings →sysctls: update comment for randomize_va_space
- 21:29, 26 April 2024 diff hist +96 Kernel Self Protection Project/Recommended Settings →arm64: CONFIG_UNWIND_PATCH_PAC_INTO_SCS
- 21:17, 26 April 2024 diff hist +81 Kernel Self Protection Project/Recommended Settings →x86_64: CONFIG_FINEIBT
- 21:15, 26 April 2024 diff hist +96 Kernel Self Protection Project/Recommended Settings →x86_64: CONFIG_X86_KERNEL_IBT
- 21:10, 26 April 2024 diff hist −11 Kernel Self Protection Project/Recommended Settings →sysctls: clarify userfaultfd, fix typo
- 21:08, 26 April 2024 diff hist +177 Kernel Self Protection Project/Recommended Settings →CONFIGs: CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE
- 21:02, 26 April 2024 diff hist +24 Kernel Self Protection Project/Recommended Settings →CONFIGs: CONFIG_LIST_HARDENED
- 21:01, 26 April 2024 diff hist +32 Kernel Self Protection Project/Recommended Settings →CONFIGs: CONFIG_RANDOM_KMALLOC_CACHES
- 21:00, 26 April 2024 diff hist +14 m Kernel Self Protection Project/Recommended Settings →CONFIGs
- 20:58, 26 April 2024 diff hist +72 Kernel Self Protection Project/Recommended Settings →x86_64: CONFIG_X86_USER_SHADOW_STACK
- 20:57, 26 April 2024 diff hist +111 Kernel Self Protection Project/Recommended Settings →CONFIGs: CONFIG_PAGE_TABLE_CHECK
- 19:04, 20 October 2023 diff hist +4 Kernel Self Protection Project/Recommended Settings Update kernel hardening checker URL (and name).
- 19:03, 20 October 2023 diff hist +145 Kernel Self Protection Project/Recommended Settings →CONFIGs
- 18:51, 20 October 2023 diff hist −19 Kernel Self Protection Project/Recommended Settings →kernel command line options
- 18:50, 20 October 2023 diff hist +89 Kernel Self Protection Project/Recommended Settings →CONFIGs
- 18:48, 20 October 2023 diff hist −1 m Kernel Self Protection Project/Recommended Settings →x86_64: typo noticed by Alexander Popov
- 23:09, 30 September 2023 diff hist +921 Kernel Self Protection Project/Recommended Settings →sysctls: From Alexander Popov: lock down things even harder.
- 22:55, 30 September 2023 diff hist +127 Kernel Self Protection Project/Recommended Settings →kernel command line options: From Alexander Popov, adding options for maybe missing CONFIGs
- 22:45, 30 September 2023 diff hist +11 m Kernel Self Protection Project/Recommended Settings →kernel command line options
- 22:44, 30 September 2023 diff hist +105 Kernel Self Protection Project/Recommended Settings →kernel command line options: From Alexander Popov: enable page shuffling in case CONFIG is unset.
- 22:42, 30 September 2023 diff hist +97 Kernel Self Protection Project/Recommended Settings →kernel command line options: From Alexander Popov: disable smt when needed
- 22:38, 30 September 2023 diff hist +45 Kernel Self Protection Project/Recommended Settings →x86_64: compile out vsyscall by default
- 00:31, 10 February 2023 diff hist +26 m Kernel Self Protection Project/Get Involved add TZ to calendar link current
- 19:46, 25 January 2023 diff hist 0 Kernel Self Protection Project/Get Involved
- 19:45, 25 January 2023 diff hist +223 Kernel Self Protection Project/Get Involved add calendar
- 22:50, 1 November 2022 diff hist +37 Kernel Self Protection Project/Recommended Settings →x86_64
- 22:50, 1 November 2022 diff hist +88 Kernel Self Protection Project/Recommended Settings →arm64
- 22:48, 1 November 2022 diff hist +33 Kernel Self Protection Project/Recommended Settings →x86_64
- 16:50, 28 October 2022 diff hist +56 Kernel Self Protection Project →Principles current
- 03:17, 15 October 2022 diff hist +102 Kernel Self Protection Project/Recommended Settings →sysctls
- 03:16, 15 October 2022 diff hist +102 Kernel Self Protection Project/Recommended Settings →CONFIGs
- 02:25, 14 October 2022 diff hist +97 Kernel Self Protection Project/Recommended Settings →x86_32: iommu
- 15:17, 13 October 2022 diff hist +375 Kernel Self Protection Project/Recommended Settings →CONFIGs
- 14:49, 13 October 2022 diff hist +104 Kernel Self Protection Project/Recommended Settings →x86_64: CFI
- 20:12, 11 October 2022 diff hist +19 Kernel Self Protection Project/Recommended Settings →CONFIGs
- 03:00, 10 October 2022 diff hist +67 Kernel Self Protection Project/Recommended Settings →CONFIGs: Alexander recommendation
- 02:58, 10 October 2022 diff hist +45 Kernel Self Protection Project/Recommended Settings →x86_64
- 02:57, 10 October 2022 diff hist +568 Kernel Self Protection Project/Recommended Settings →arm64: arm64 CFI and things, thanks to Alexander for the ping
- 02:41, 10 October 2022 diff hist +740 Kernel Self Protection Project/Recommended Settings →CONFIGs: next chunk from Alexander. RNG trust source setting are my recommendation, though.
- 02:29, 10 October 2022 diff hist +944 Kernel Self Protection Project/Recommended Settings →CONFIGs: add settings for recent kernels, thanks to Alexander Popov for the prodding and specific suggestions.
- 21:56, 19 August 2022 diff hist +240 Kernel Self Protection Project/Recommended Settings →CONFIGs: add note about Landlock thanks to Mickaël Salaün
- 08:18, 8 May 2022 diff hist +178 Kernel Self Protection Project →Documentation: add Samsung analysis
- 22:03, 30 March 2022 diff hist +134 Kernel Self Protection Project/Recommended Settings →CONFIGs: CONFIG_SCHED_CORE
- 21:57, 30 March 2022 diff hist +138 Kernel Self Protection Project/Recommended Settings →CONFIGs: add kfence
- 21:55, 30 March 2022 diff hist −193 Kernel Self Protection Project/Recommended Settings move randomized kstack to all archs, since it's only missing on arm. fix name of trivial-auto-var-init feature enablement
- 21:52, 30 March 2022 diff hist +33 Kernel Self Protection Project/Recommended Settings Ah, koffset_default was already there. Add iommu default boot param too.
- 21:49, 30 March 2022 diff hist +1 m Kernel Self Protection Project/Recommended Settings →CONFIGs
- 21:49, 30 March 2022 diff hist +560 Kernel Self Protection Project/Recommended Settings →CONFIGs: add various bits noted as missing by Peter Böhm
- 23:39, 24 March 2022 diff hist +1 m Kernel Self Protection Project/Patch Tracking →Process: fix "in next" link current
- 20:29, 14 February 2022 diff hist −18 Kernel Self Protection Project →Documentation
- 20:28, 14 February 2022 diff hist −32 Kernel Self Protection Project →Details: don't make these sections of their own, just a list so the Contents links aren't confusing.
- 22:50, 26 October 2021 diff hist +585 Kernel Self Protection Project/Patch Tracking →Process: adjust process for "Needs ACK"
- 15:20, 21 October 2021 diff hist −30 m Kernel Self Protection Project/Patch Tracking swap "Awaiting Upstream" for "In Next"
- 22:11, 20 October 2021 diff hist +13 m Kernel Self Protection Project/Patch Tracking fix formatting
- 22:07, 20 October 2021 diff hist +2,654 N Kernel Self Protection Project/Patch Tracking process overview
- 21:27, 20 October 2021 diff hist +10 m Kernel Self Protection Project →Details
- 21:27, 20 October 2021 diff hist +65 Kernel Self Protection Project →Details: adding a link to patch tracking process
- 18:10, 12 August 2021 diff hist +44 N KSPP add shortened redirect page current Tag: New redirect
- 05:35, 27 May 2021 diff hist +2 Kernel Self Protection Project/Get Involved ditch freenode
- 23:14, 5 April 2021 diff hist +74 Kernel Self Protection Project/Recommended Settings →x86_32
- 23:14, 5 April 2021 diff hist +74 Kernel Self Protection Project/Recommended Settings →x86_64
- 11:00, 9 November 2020 diff hist +2 m Kernel Self Protection Project/Recommended Settings →kernel command line options
- 17:47, 18 October 2020 diff hist +202 Kernel Self Protection Project/Recommended Settings →sysctls: add notes about sysctl to CONFIG mappings
- 17:37, 18 October 2020 diff hist +142 Kernel Self Protection Project/Recommended Settings →CONFIGs: suggest the CONFIG form of kernel.dmesg_restrict sysctl
- 17:29, 18 October 2020 diff hist +279 Kernel Self Protection Project/Recommended Settings →kernel command line options: add some more ideas from Simon Ruderich
- 17:23, 18 October 2020 diff hist +6 m Kernel Self Protection Project/Get Involved →Pick something to work on
- 22:22, 5 October 2020 diff hist +309 Kernel Self Protection Project/Get Involved moar cleanup
- 22:13, 5 October 2020 diff hist +236 Kernel Self Protection Project/Get Involved more cleanup
- 22:09, 5 October 2020 diff hist 0 m Kernel Self Protection Project/Get Involved
- 22:08, 5 October 2020 diff hist +528 Kernel Self Protection Project/Get Involved update list descriptions, tweak capitalization, and split up contribution guildeline better
- 17:18, 29 September 2020 diff hist +173 Kernel Self Protection Project/Get Involved update mailing list
- 18:41, 10 August 2020 diff hist −2,674 Kernel Self Protection Project/Work the issue track is canonical now current
- 01:46, 19 March 2020 diff hist −2 m Kernel Self Protection Project/Recommended Settings
- 01:45, 19 March 2020 diff hist +191 Kernel Self Protection Project/Recommended Settings
- 22:28, 18 March 2020 diff hist +2 m Kernel Self Protection Project/Recommended Settings →arm
- 22:28, 18 March 2020 diff hist +113 Kernel Self Protection Project/Recommended Settings →x86_32
- 22:26, 18 March 2020 diff hist 0 Kernel Self Protection Project/Recommended Settings re-arrange arch sections
- 22:25, 18 March 2020 diff hist +128 Kernel Self Protection Project/Recommended Settings →x86_32
- 18:33, 5 March 2020 diff hist 0 m Kernel Self Protection Project/Recommended Settings →kernel command line options
- 18:33, 5 March 2020 diff hist 0 m Kernel Self Protection Project/Recommended Settings →CONFIGs: swap some "=1" to the correct "=y"
- 17:42, 4 March 2020 diff hist +970 Kernel Self Protection Project/Recommended Settings update for v5.4
- 17:43, 20 November 2019 diff hist +128 Kernel Self Protection Project/Work →Specific TODO Items: add github tracker
- 21:47, 11 April 2019 diff hist +468 Kernel Self Protection Project/Work →Specific TODO Items
- 00:29, 10 January 2019 diff hist +93 Kernel Self Protection Project/Recommended Settings →CONFIGs: Rename stack protector configs since v4.18
- 22:25, 31 October 2018 diff hist +90 Kernel Self Protection Project/Work →Specific TODO Items
- 08:37, 25 October 2018 diff hist +11 m Kernel Self Protection Project/Get Involved
- 08:33, 25 October 2018 diff hist +73 Kernel Self Protection Project/Get Involved whoops, forgot the IRC
- 23:05, 21 June 2018 diff hist +61 Kernel Self Protection Project/Recommended Settings →CONFIGs
- 19:43, 8 May 2018 diff hist 0 m Kernel Self Protection Project/Recommended Settings →kernel command line options
- 22:06, 4 May 2018 diff hist +162 Kernel Self Protection Project/Recommended Settings →sysctls
- 18:41, 23 April 2018 diff hist +56 m Kernel Self Protection Project/Recommended Settings →arm64
- 18:41, 23 April 2018 diff hist +128 Kernel Self Protection Project/Recommended Settings →x86_64
- 18:39, 23 April 2018 diff hist +105 Kernel Self Protection Project/Recommended Settings →kernel command line options
- 18:38, 23 April 2018 diff hist +71 Kernel Self Protection Project/Recommended Settings →arm64
- 18:38, 23 April 2018 diff hist +107 Kernel Self Protection Project/Recommended Settings →CONFIGs
- 02:42, 22 February 2018 diff hist +9 Kernel Self Protection Project/Recommended Settings →CONFIGs
- 19:03, 7 December 2017 diff hist +792 Kernel Self Protection Project/Recommended Settings →CONFIGs
- 22:27, 18 September 2017 diff hist +41 Kernel Self Protection Project/Recommended Settings
- 20:28, 10 August 2017 diff hist +140 Kernel Self Protection Project/Recommended Settings →CONFIGs: CONFIG_SECURITY_SELINUX_DISABLE
- 05:20, 4 August 2017 diff hist −5 m Kernel Self Protection Project →Documentation
- 05:20, 4 August 2017 diff hist +47 m Kernel Protections/refcount t →Reference Counting API current
- 05:19, 4 August 2017 diff hist +3 m Kernel Protections/refcount t →Summary
- 05:18, 4 August 2017 diff hist +43 N Kernel Protections/HARDENED ATOMIC KeesCook moved page Kernel Protections/HARDENED ATOMIC to Kernel Protections/refcount t current
- 05:18, 4 August 2017 diff hist 0 m Kernel Protections/refcount t KeesCook moved page Kernel Protections/HARDENED ATOMIC to Kernel Protections/refcount t
- 05:18, 4 August 2017 diff hist −20 m Kernel Self Protection Project →Documentation
- 03:35, 25 July 2017 diff hist +32 Kernel Self Protection Project/Recommended Settings →CONFIGs
- 19:13, 23 June 2017 diff hist +91 Kernel Self Protection Project/Recommended Settings →kernel command line options
- 23:47, 5 June 2017 diff hist −2 m Kernel Self Protection Project/Recommended Settings →CONFIGs