issues
search
intel
/
ccc-linux-guest-hardening
Linux Security Hardening for Confidential Compute
https://intel.github.io/ccc-linux-guest-hardening-docs
MIT License
63
stars
13
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
build(deps): bump jinja2 from 3.1.3 to 3.1.4 in /deploy
#156
dependabot[bot]
closed
1 month ago
0
add required SECURITY.md file for OSSF Scorecard compliance
#155
rdower
opened
2 months ago
0
build(deps): bump tqdm from 4.64.1 to 4.66.3 in /bkc/kafl
#154
dependabot[bot]
closed
1 month ago
0
[Hardening aspect] CoCo guest interrupt handling
#153
ereshetova
opened
3 months ago
1
[Hardening issues] Security implications from KVM PV features
#152
ereshetova
closed
3 months ago
6
[Hardening aspect] Missing IPIs can go undetected in CoCo Linux guest
#151
ereshetova
opened
3 months ago
0
[Hardening aspect] ACPI hardening
#150
ereshetova
opened
3 months ago
0
[Hardening aspect] Minimal required set of PIO for a CoCo guest
#149
ereshetova
opened
3 months ago
0
[Hardening aspect] EFI boot stub audit & hardening
#148
ereshetova
opened
3 months ago
0
[Hardening aspect] Overall PCI subsystem hardening
#147
ereshetova
opened
3 months ago
0
[Hardening aspect] Spectre v1 analysis/mitigations for CoCo guest attack surface
#146
ereshetova
opened
3 months ago
0
[Hardening aspect] Ensure minimal set of ioremaped areas are shared with the host/VMM
#145
ereshetova
opened
3 months ago
0
[Hardening aspect] Disabling not required device drivers
#144
ereshetova
opened
3 months ago
0
[Hardening aspect] Rollback attack on CoCo guest private memory via swap
#143
ereshetova
opened
3 months ago
0
[Hardening aspect] Prevent multiplication overflow in kernel timekeeping
#142
ereshetova
opened
3 months ago
0
[Hardening aspect] PCI/MSI hardening
#141
ereshetova
opened
3 months ago
3
[Hardening aspect] Security of Linux RNG in a CoCo guest
#140
ereshetova
closed
3 months ago
2
build(deps): bump cryptography from 42.0.2 to 42.0.4 in /deploy
#139
dependabot[bot]
closed
4 months ago
0
build(deps): bump cryptography from 42.0.0 to 42.0.2 in /deploy
#138
dependabot[bot]
closed
4 months ago
0
Update ci.yml to include permissions
#137
ereshetova
closed
4 months ago
0
build(deps): bump cryptography from 41.0.6 to 42.0.0 in /deploy
#136
dependabot[bot]
closed
4 months ago
0
build(deps): bump jinja2 from 3.1.2 to 3.1.3 in /deploy
#135
dependabot[bot]
closed
5 months ago
0
build(deps): bump ansible from 7.1.0 to 8.5.0 in /deploy
#134
dependabot[bot]
closed
6 months ago
0
Update README.md to match lastest suite ingredients
#133
laifryiee
closed
6 months ago
0
build(deps): bump cryptography from 41.0.4 to 41.0.6 in /deploy
#132
dependabot[bot]
closed
7 months ago
0
Fix fuzzing of BPH_HANDLE_CONTROL_MESSAGE harness
#131
ereshetova
closed
6 months ago
2
build(deps): bump cryptography from 41.0.3 to 41.0.4 in /deploy
#130
dependabot[bot]
closed
8 months ago
0
ci: deprecate node12 based actions
#129
Wenzel
closed
9 months ago
0
Update fast matcher dependencies, fix clippy issues, migrate to Clap 4
#128
novafacing
closed
8 months ago
14
align docs in https://intel.github.io/ccc-linux-guest-hardening-docs/tdx-guest-hardening.html
#127
ereshetova
opened
10 months ago
0
build(deps): bump cryptography from 41.0.2 to 41.0.3 in /deploy
#126
dependabot[bot]
closed
10 months ago
0
build(deps): bump cryptography from 41.0.0 to 41.0.2 in /deploy
#125
dependabot[bot]
closed
11 months ago
0
parsl: fix typechecker issue by upgrading to v2023.06.19
#124
Wenzel
closed
1 year ago
0
Parsl: typeguard.TypeCheckError: argument "storage_access" (None) is not a list
#123
Wenzel
closed
1 year ago
0
build(deps): bump cryptography from 39.0.1 to 41.0.0 in /deploy
#122
dependabot[bot]
closed
1 year ago
0
[doc] Add guest_kernel_changes.md
#121
tz0
closed
1 year ago
0
Upgrade to 6.3 guest-kernel
#120
ereshetova
closed
1 year ago
0
ci: ignore ansible-lint error
#119
Wenzel
closed
1 year ago
1
ci: bump ansible-lint to 6.16.0
#118
Wenzel
closed
1 year ago
3
Upgrade to 6.1 sdv host kernel
#117
ereshetova
closed
1 year ago
1
init_harness: correct virtio-console init function
#116
ereshetova
closed
1 year ago
0
Add instructions to build smatch cross-function database
#115
ereshetova
closed
1 year ago
0
Upgrade ansible to 7.1.0
#114
ereshetova
closed
1 year ago
0
CI: upgrade python to 3.9
#113
ereshetova
closed
1 year ago
0
[doc update] in getting_started.md for how to get more verbose issue #105
#112
tz0
closed
1 year ago
1
Move to next version of 6.0 guest kernel (rng and port IO fixes)
#111
ereshetova
closed
1 year ago
1
deploy: use master branch for kAFL collection
#110
Wenzel
opened
1 year ago
0
Default configs for fuzzing harnesses do not follow kafl reccomendations
#109
ereshetova
opened
1 year ago
3
Upgrade to the latest kafl/sdv-5.6-rc1 (v3)
#108
ereshetova
closed
1 year ago
1
bkc: set KVM module parameters for ccc
#107
Wenzel
closed
1 year ago
1
Next