feat: add ARM64 silicon errata checks (issue #357)

Add detection for three speculation/security-relevant ARM64 errata families that are tracked by vendor erratum IDs rather than CVEs: Speculative AT TLB corruption (1165522/1319367/1319537/1530923), speculative unprivileged load (2966298/3117295), and MSR SSBS not self-synchronizing (3194386 and siblings). Reserves a new CVE-0001-NNNN placeholder range for vendor errata and adds a --errata <number> selector alongside --variant/--cve. CPU affection is determined per-core from (implementer, part, variant, revision) tuples read from /proc/cpuinfo, matching the kernel's MIDR ranges (including Kryo4xx Silver for erratum 1530923). Kernel mitigation detection uses the erratum-specific CONFIG_ARM64_ERRATUM_NNNN symbols, kernel image descriptor strings, and dmesg output (no sysfs for these)
2026-04-23 09:03:19 +02:00 · 2026-04-21 08:31:00 +02:00
parent 03b1787d69
commit 8a302b56e6
8 changed files with 380 additions and 7 deletions
--- a/src/libs/350_cpu_detect2.sh
+++ b/src/libs/350_cpu_detect2.sh
@@ -24,13 +24,22 @@ parse_cpu_details() {
        if grep -qw avx512 "$g_procfs/cpuinfo" 2>/dev/null; then cap_avx512=1; fi
        cpu_vendor=$(grep '^vendor_id' "$g_procfs/cpuinfo" | awk '{print $3}' | head -n1)
        cpu_friendly_name=$(grep '^model name' "$g_procfs/cpuinfo" | cut -d: -f2- | head -n1 | sed -e 's/^ *//')
-        # special case for ARM follows
-        if grep -qi 'CPU implementer[[:space:]]*:[[:space:]]*0x41' "$g_procfs/cpuinfo"; then
-            cpu_vendor='ARM'
-            # some devices (phones or other) have several ARMs and as such different part numbers,
-            # an example is "bigLITTLE", so we need to store the whole list, this is needed for is_cpu_affected
+        # ARM-style cpuinfo: parse per-core implementer/part/arch/variant/revision lists
+        # (big.LITTLE / heterogeneous systems have different values per core).
+        # cpu_variant_list and cpu_revision_list are consumed by ARM64 errata affection checks
+        # that need to match a specific revision range.
+        if grep -q 'CPU implementer' "$g_procfs/cpuinfo"; then
+            cpu_impl_list=$(awk '/CPU implementer/ {print $4}' "$g_procfs/cpuinfo")
            cpu_part_list=$(awk '/CPU part/         {print $4}' "$g_procfs/cpuinfo")
            cpu_arch_list=$(awk '/CPU architecture/ {print $3}' "$g_procfs/cpuinfo")
+            cpu_variant_list=$(awk '/CPU variant/   {print $4}' "$g_procfs/cpuinfo")
+            cpu_revision_list=$(awk '/CPU revision/ {print $4}' "$g_procfs/cpuinfo")
+        fi
+        # Map first-seen implementer to cpu_vendor; note that heterogeneous systems
+        # (e.g. DynamIQ with ARM+Kryo cores) would all map to one vendor here, but
+        # per-core vendor decisions are made via cpu_impl_list where needed.
+        if grep -qi 'CPU implementer[[:space:]]*:[[:space:]]*0x41' "$g_procfs/cpuinfo"; then
+            cpu_vendor='ARM'
            # take the first one to fill the friendly name, do NOT quote the vars below
            # shellcheck disable=SC2086
            arch=$(echo $cpu_arch_list | awk '{ print $1 }')