mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-07-13 01:09:16 +07:00
Code Issues Packages Projects Releases Wiki Activity
NaN Commits 4 Branches 456 Tags
f653b94e7747436323e2083d416ab86560e3cd71
Commit Graph

23 Commits

Author SHA1 Message Date
Patrick Schleizer
ede536913d no longer hardcode amd64 2019-12-24 06:00:41 -05:00
Patrick Schleizer
ac49c55d1f Merge pull request #49 from madaidan/kver 
Detect kernel upgrades
 2019-12-24 10:55:03 +00:00
madaidan
98e88d1456 Detect kernel upgrades 2019-12-23 19:57:43 +00:00
madaidan
d1a0650fd9 Use only one slub_debug parameter 2019-12-23 19:44:52 +00:00
Patrick Schleizer
3e131174d5 comments 2019-12-23 05:00:35 -05:00
Patrick Schleizer
9f072ce4f9 comment 2019-12-23 03:46:02 -05:00
Patrick Schleizer
26fe9394ff disable lockdown for now due to module loading 2019-12-23 03:41:54 -05:00
madaidan
535c258b83 More kernel hardening 2019-12-23 03:35:07 -05:00
Patrick Schleizer
0c25a96b59 description / comments 2019-12-03 02:18:32 -05:00
madaidan
5da2a27bf0 Distrust the CPU for initial entropy 2019-12-02 16:43:00 +00:00
Patrick Schleizer
94d40c68d4 do not set kernel boot parameter page_poison=1 in Qubes since does not work 
https://github.com/QubesOS/qubes-issues/issues/5212#issuecomment-533873012
 2019-11-05 10:02:55 -05:00
Patrick Schleizer
f57702c158 comments; copyright 2019-11-05 09:55:43 -05:00
madaidan
60db7e6294 fix typo 2019-09-07 20:08:56 +00:00
Patrick Schleizer
661bcd8603 allow loading unsigned modules due to issues 
https://forums.whonix.org/t/allow-loading-signed-kernel-modules-by-default-disallow-kernel-module-loading-by-default/7880/23
 2019-09-07 05:39:56 +00:00
Patrick Schleizer
cb8170fd80 comment 2019-09-06 11:44:56 +00:00
madaidan
9a49b8ecbb Create 40_only_allow_signed_modules.cfg 
Require all loaded kernel modules to be signed with a valid key.
 2019-08-13 13:33:07 +00:00
Patrick Schleizer
7e12e16dc0 Merge pull request #11 from madaidan/patch-7 
Protect against DMA attacks
 2019-06-28 06:57:42 +00:00
Patrick Schleizer
2a6289980e syntax fix 
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX mds=full,nosmt"

https://forums.whonix.org/t/kernel-hardening/7296/70
 2019-06-23 18:46:52 +00:00
madaidan
641407c8e9 Enable IOMMU 2019-06-23 18:38:50 +00:00
madaidan
2178fb37a8 Add more kernel hardening parameters 2019-06-23 17:54:34 +00:00
Patrick Schleizer
f917c27a19 remove trailing spaces 2019-05-06 05:51:14 -04:00
madaidan
02e8888b0b Update 40_kernel_hardening.cfg 2019-05-05 20:17:33 +00:00
madaidan
3695d7491e Create 40_kernel_hardening.cfg 2019-05-05 14:42:03 +00:00