-
## Description
I'm not sure if there's a dedicated repository for the kernel used on the SecureDrop servers anymore, so let me know where to put this. But this is a continuation of some prior updat…
ageis updated
2 years ago
-
The KSPP guidelines suggest using `kernel.kptr_restrict = 2`. Looks like we use `kernel.kptr_restrict = 1`.
I'm not sure what the implications are here just yet but wanted to point this out as we c…
-
https://tails.net/contribute/design/kernel_hardening/
https://gitlab.tails.boum.org/tails/tails/-/issues/19613
https://kspp.github.io/Recommended_Settings
slub_debug is not apparently used in Kic…
-
I think the defaults that KCC checks projects against are a bit outdated.
If you check the list here, it has many more items:
https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project/Recom…
-
uBPF jitter is should have option to apply constant blinding
Code generated by the uBPF jitter is susceptible to JIT spray attacks. See: https://www.usenix.org/sites/default/files/conference/protec…
-
Update checkpatch.pl to check for instances of vzalloc()/vmalloc() that could be replaced with their 2-factor multiplication argument form vcalloc()/vmalloc_array (). So, they can be caught before new…
-
Hi bitbouncer,
I saw the librdkafka have Full Exactly-Once-Semantics (EOS) support.
And I can not find any transaction code in kspp.
So do you have any plan to involve the feature ?
-
This is just a placeholder to have a distinct entry in the KSPP tracker too, but the main bug is here:
https://github.com/ClangBuiltLinux/linux/issues/378
-
I downloaded this mod and put it in the Gamedata folder using winrar. When i loaded up KSP (64 bit)
it didnt load clouds. Here are my screenshots http://i.imgur.com/ss5WNRl.png
http://imgur.com/kPoM…
ghost updated
7 years ago
-
__ro_after_init is a relatively new annotation, it should be used more often. Particularly things like ops tables are important to be RO protected at runtime if possible. ppc_md comes to mind, but the…