enh: --no-runtime and --no-hw modes replacing --live and implicit 'offline' mode

2026-04-11 11:13:21 +02:00 · 2026-04-08 20:53:00 +02:00
parent 3f7e0a11f7
commit b9c203120b
23 changed files with 135 additions and 118 deletions
--- a/src/vulns/CVE-2020-0543.sh
+++ b/src/vulns/CVE-2020-0543.sh
@@ -32,7 +32,7 @@ check_CVE_2020_0543_linux() {
            pstatus yellow NO
        fi
        pr_info_nol "* SRBDS mitigation control is enabled and active: "
-        if [ "$opt_live" = 1 ]; then
+        if [ "$opt_runtime" = 1 ]; then
            if [ -n "$ret_sys_interface_check_fullmsg" ]; then
                if echo "$ret_sys_interface_check_fullmsg" | grep -qE '^Mitigation'; then
                    pstatus green YES "$ret_sys_interface_check_fullmsg"
@@ -43,7 +43,7 @@ check_CVE_2020_0543_linux() {
                pstatus yellow NO "SRBDS not found in sysfs hierarchy"
            fi
        else
-            pstatus blue N/A "not testable in offline mode"
+            pstatus blue N/A "not testable in no-runtime mode"
        fi
    elif [ "$sys_interface_available" = 0 ]; then
        # we have no sysfs but were asked to use it only!
@@ -61,7 +61,7 @@ check_CVE_2020_0543_linux() {
                    # SRBDS mitigation control is enabled
                    if [ -z "$msg" ]; then
                        # if msg is empty, sysfs check didn't fill it, rely on our own test
-                        if [ "$opt_live" = 1 ]; then
+                        if [ "$opt_runtime" = 1 ]; then
                            # if we're in live mode and $msg is empty, sysfs file is not there so kernel is too old
                            pvulnstatus "$cve" OK "Your microcode is up to date for SRBDS mitigation control. The kernel needs to be updated"
                        fi
@@ -75,7 +75,7 @@ check_CVE_2020_0543_linux() {
                elif [ "$cap_srbds_on" = 0 ]; then
                    # SRBDS mitigation control is disabled
                    if [ -z "$msg" ]; then
-                        if [ "$opt_live" = 1 ]; then
+                        if [ "$opt_runtime" = 1 ]; then
                            # if we're in live mode and $msg is empty, sysfs file is not there so kernel is too old
                            pvulnstatus "$cve" VULN "Your microcode is up to date for SRBDS mitigation control. The kernel needs to be updated. Mitigation is disabled"
                        fi