security-misc

mirror of https://github.com/Kicksecure/security-misc.git synced 2025-11-26 15:36:29 -05:00

Author	SHA1	Message	Date
raja-grewal	29176d2ed2	Remove the option to reduce the MCE tolerance level	2025-11-15 06:30:11 +00:00
raja-grewal	9f897c5ccd	Update docs on reducing the MCE tolerance level	2025-11-15 05:48:33 +00:00
raja-grewal	b6fe1a5a6e	Make panic related settings consistent Ensures the `sysctl` and boot parameters are equivalent in settings and in description. This should prevent future questions regarding having omitted boot parameters that were actually redundant.	2025-11-15 04:51:01 +00:00
raja-grewal	a46f678c7f	Update docs on latent entropy	2025-11-05 00:05:17 +00:00
raja-grewal	37b493826e	Spit distrusting entropy settings for clarity	2025-11-05 00:03:54 +00:00
raja-grewal	019a0cf72c	Update docs on entropy	2025-11-05 00:03:19 +00:00
raja-grewal	d175d1be52	Add doc on entropy related failure on AMD Zen 5 CPUs	2025-11-02 15:54:34 +11:00
raja-grewal	8f78269949	Add docs on slab_debug	2025-10-20 05:36:54 +00:00
raja-grewal	9f7480e20a	Make terminology consistent	2025-10-19 01:41:58 +00:00
raja-grewal	11d9b94038	Add docs on entropy	2025-10-17 01:01:28 +00:00
raja-grewal	708e1358df	Add docs relating `extra_latent_entropy`	2025-10-17 00:48:57 +00:00
Patrick Schleizer	28a88c7091	comment	2025-10-10 06:52:13 -04:00
raja-grewal	e89c7ae025	Update docs on `slab_debug` for future improvements	2025-10-08 02:39:20 +00:00
Patrick Schleizer	f70550d015	Split the `security-misc` into `security-misc-shared`, `security-misc-desktop` and `security-misc-server`: rename files https://github.com/Kicksecure/security-misc/issues/187	2025-09-17 14:49:28 -04:00
Patrick Schleizer	24424bcbc0	Merge pull request #318 from raja-grewal/vmscape Enable `vmscape=force`	2025-09-17 13:31:27 -04:00
raja-grewal	21c605e27e	Enable `vmscape=force`	2025-09-13 03:41:59 +00:00
raja-grewal	7b32e9339e	Update SRSO docs	2025-09-12 23:10:34 +10:00
raja-grewal	e48897cc44	Merge branch 'master' into panic_limits	2025-08-21 10:27:44 +10:00
raja-grewal	c0ad577793	Update docs on oops boot parameter	2025-08-19 11:01:06 +10:00
Aaron Rainbolt	37c0bc0c5d	Merge remote-tracking branch 'raja/block_32bit' into arraybolt3/trixie	2025-08-17 14:02:01 -05:00
Aaron Rainbolt	210aa97650	Merge remote-tracking branch 'raja/trixie_docs' into arraybolt3/trixie	2025-08-17 13:50:25 -05:00
raja-grewal	f175d1961e	Enable `ia32_emulation=0`	2025-08-17 07:08:08 +00:00
raja-grewal	e06b78a522	Temporarily revert IA32 doc updates	2025-08-17 07:05:32 +00:00
Aaron Rainbolt	7a8dfa528c	Merge remote-tracking branch 'raja/trixie_docs' into arraybolt3/trixie	2025-08-16 21:10:19 -05:00
raja-grewal	1f75426f07	Clarify docs for disabling 32-bit x86 support	2025-08-16 02:20:00 +00:00
Aaron Rainbolt	65afc31ba7	Merge branch 'kcfi' into arraybolt3/trixie	2025-08-15 16:31:50 -05:00
raja-grewal	4166d6d1e6	Update docs on recovery restrictions	2025-08-06 15:53:49 +10:00
raja-grewal	498551536c	Update docs	2025-08-06 03:12:06 +00:00
raja-grewal	1f7525722e	Enable `cfi=kcfi`	2025-08-06 01:48:47 +00:00
raja-grewal	6f9763f525	Enable `indirect_target_selection=force`	2025-07-19 05:19:27 +00:00
raja-grewal	72613203b9	Add reference	2025-06-06 13:07:52 +00:00
raja-grewal	35fa32e4ed	Reword	2025-05-17 15:06:49 +10:00
raja-grewal	a1bde21ccb	Set `erst_disable`	2025-05-17 04:41:06 +00:00
Patrick Schleizer	9f2836d2ba	Merge pull request #304 from raja-grewal/stop_pstore Disable PStore	2025-04-15 15:17:25 -04:00
Patrick Schleizer	163d51f32a	newline at the end	2025-04-09 09:47:52 -04:00
raja-grewal	df2fc2cf6b	Set `efi_pstore.pstore_disable=1`	2025-03-16 03:30:04 +00:00
Patrick Schleizer	7c150d116d	LANG=C str_replace: no longer requires LANG=C, therefore removed	2025-01-30 07:45:08 -05:00
raja-grewal	15d13a8571	Add info on DBX updates via the UEFI Revocation List	2025-01-21 12:36:04 +00:00
Patrick Schleizer	e9ef3602dd	Merge pull request #292 from raja-grewal/cpu_table Add link to tabular comparison of CPU mitigations	2025-01-10 10:30:34 -05:00
raja-grewal	538b312349	Add comment about microcode updates	2025-01-09 15:28:56 +11:00
Patrick Schleizer	33114f771a	copyright	2024-12-31 13:26:21 -05:00
raja-grewal	642b4eeedc	Add link to tabular comparison of CPU mitigations	2024-12-19 21:57:25 +11:00
raja-grewal	0dff2cd28f	Minor additions	2024-12-18 03:32:35 +00:00
raja-grewal	3e96fdd9cc	Enable `kvm.mitigate_smt_rsb=1`	2024-12-17 11:44:11 +00:00
raja-grewal	45355aabdc	Enable `kvm-intel.vmentry_l1d_flush=always`	2024-12-17 11:42:52 +00:00
raja-grewal	defba1f245	Refactor CPU mitigations	2024-12-17 11:42:03 +00:00
raja-grewal	943c421889	Minor refactoring	2024-12-17 11:40:38 +00:00
Aaron Rainbolt	439fa7f3be	Harden/disable recovery mode options	2024-12-08 03:42:54 -06:00
raja-grewal	8107782fa5	Enable `ssbd=force-on`	2024-11-08 15:36:04 +11:00
raja-grewal	09fe46adc9	Clarify KSPP compliance header for the undocumented case	2024-10-14 02:54:30 +00:00

1 2 3 4

189 commits