spectre-meltdown-checker

mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2025-07-13 22:35:26 +02:00

Author	SHA1	Message	Date
rrobgill	172c04a78a	32 bit kernel suggestions x86_32 PTI is still under development https://lkml.org/lkml/2018/4/16/561 , but is not yet available in the kernel. "How to fix" for users of 32 bit kernels suggests recompiling kernel with options that are not yet available. Added information for 32 bit kernel systems noting this, and suggesting investigating 64 bit kernels through their distro.	2018-04-30 20:31:24 +10:00
Onno Zweers	4acd0f647a	Suggestion to change VM to a CPU with IBRS capability	2018-04-20 20:35:12 +02:00
Stéphane Lesimple	fb52dbe7bf	set master branch to v0.37+	2018-04-20 20:34:42 +02:00
Stéphane Lesimple	edebe4dcd4	bump to v0.37 v0.37	2018-04-18 23:51:45 +02:00
Stéphane Lesimple	83ea78f523	fix: arm: also detect variant 1 mitigation when using native objdump	2018-04-17 18:50:32 +02:00
Stéphane Lesimple	602b68d493	fix(spectrev2): explain that retpoline is possible for Skylake+ if there is RSB filling, even if IBRS is still better	2018-04-16 09:27:28 +02:00
Stéphane Lesimple	97bccaa0d7	feat: rephrase IBPB warning when only retpoline is enabled in non-paranoid mode	2018-04-16 09:13:25 +02:00
Stéphane Lesimple	68e619b0d3	feat: show RSB filling capability for non-Skylake in verbose mode	2018-04-16 09:08:25 +02:00
Stéphane Lesimple	a6f4475cee	feat: make IBRS_FW blue instead of green	2018-04-16 09:07:54 +02:00
Stéphane Lesimple	223f5028df	feat: add --paranoid to choose whether we require IBPB	2018-04-15 23:05:30 +02:00
Stéphane Lesimple	c0108b9690	fix(spectre2): don't explain how to fix when NOT VULNERABLE	2018-04-15 20:55:55 +02:00
Stéphane Lesimple	a3016134bd	feat: make RSB filling support mandatory for Skylake+ CPUs	2018-04-15 20:55:31 +02:00
Stéphane Lesimple	59d85b39c9	feat: detect RSB filling capability in the kernel	2018-04-15 20:55:01 +02:00
Stéphane Lesimple	baaefb0c31	fix: remove shellcheck warnings	2018-04-11 22:24:03 +02:00
Igor Lubashev	d452aca03a	fix: invalid bash syntax when ibpb_enabled or ibrs_enabled are empty	2018-04-11 10:29:42 +02:00
Stéphane Lesimple	10b8d94724	feat: detect latest Red Hat kernels' RO ibpb_enabled knob	2018-04-10 22:51:45 +02:00
Stéphane Lesimple	8606e60ef7	refactor: no longer display the retoline-aware compiler test when we can't tell for sure	2018-04-10 22:51:45 +02:00
Stéphane Lesimple	6a48251647	fix: regression in 51aeae25, when retpoline & ibpb are enabled	2018-04-10 22:51:45 +02:00
Stéphane Lesimple	f4bf5e95ec	fix: typos	2018-04-10 22:51:45 +02:00
Stéphane Lesimple	60eac1ad43	feat: also do PTI performance check with (inv)pcid for BSD	2018-04-10 22:51:45 +02:00
Stéphane Lesimple	b3cc06a6ad	fix regression introduced by 82c25dc	2018-04-10 22:51:45 +02:00
Stéphane Lesimple	5553576e31	feat(amd/zen): re-introduce IBRS for AMD except ZEN family	2018-04-10 22:51:45 +02:00
Stéphane Lesimple	e16ad802da	feat(ibpb=2): add detection of SMT before concluding the system is not vulnerable	2018-04-10 22:51:45 +02:00
Stéphane Lesimple	29c294edff	feat(bsd): explain how to mitigate variant2	2018-04-10 22:51:45 +02:00
Stéphane Lesimple	59714011db	refactor: IBRS_ALL & RDCL_NO are Intel-only	2018-04-10 22:51:45 +02:00
Stéphane Lesimple	51e8261a32	refactor: separate hw checks for Intel & AMD	2018-04-10 22:49:28 +02:00
Stéphane Lesimple	2a4bfad835	refactor: add is_amd and is_intel funcs	2018-04-10 22:49:28 +02:00
Stéphane Lesimple	7e52cea66e	feat(spectre2): refined how status of this vuln is decided and more precise explanations on how to fix	2018-04-10 22:49:28 +02:00
Benjamin Bouvier	417d7aab91	Fix trailing whitespace and mixed indent styles;	2018-04-10 22:42:47 +02:00
Sylvestre Ledru	67bf761029	Fix some user facing typos with codespell -w -q3 .	2018-04-08 18:44:13 +02:00
Stéphane Lesimple	0eabd266ad	refactor: decrease default verbosity for some tests	2018-04-05 22:20:16 +02:00
Stéphane Lesimple	b77fb0f226	fix: don't override ibrs/ibpb results with later tests	2018-04-05 22:04:20 +02:00
Stéphane Lesimple	89c2e0fb21	fix(amd): show cpuinfo and ucode details	2018-04-05 21:39:27 +02:00
Stéphane Lesimple	b88f32ed95	feat: print raw cpuid, and fetch ucode version under BSD	2018-04-05 00:07:12 +02:00
Stéphane Lesimple	7a4ebe8009	refactor: rewrite read_cpuid to get more common code parts between BSD and Linux	2018-04-05 00:06:24 +02:00
Stéphane Lesimple	0919f5c236	feat: add explanations of what to do when a vulnerability is not mitigated	2018-04-05 00:03:04 +02:00
Stéphane Lesimple	de02dad909	feat: rework Spectre V2 mitigations detection w/ latest vanilla & Red Hat 7 kernels	2018-04-05 00:01:54 +02:00
Stéphane Lesimple	07484d0ea7	add dump of variables at end of script in debug mode	2018-04-04 23:58:15 +02:00
Stéphane Lesimple	a8b557b9e2	fix(cpu): skip CPU checks if asked to (--no-hw) or if inspecting a kernel of another architecture	2018-04-03 19:36:28 +02:00
Stéphane Lesimple	619b2749d8	fix(sysfs): only check for sysfs for spectre2 when in live mode	2018-04-03 19:32:36 +02:00
Stéphane Lesimple	94857c983d	update readme	2018-04-03 16:00:36 +02:00
Stéphane Lesimple	056ed00baa	feat(arm): detect spectre variant 1 mitigation	2018-04-03 15:52:25 +02:00
Stéphane Lesimple	aef99d20f3	fix(pti): when PTI activation is unknown, don't say we're vulnerable	2018-04-03 12:45:17 +02:00
Stéphane Lesimple	e2d7ed2243	feat(arm): support for variant2 and meltdown mitigation detection	2018-04-01 17:50:18 +02:00
Stéphane Lesimple	eeaeff8ec3	set version to v0.36+ for master branch between releases	2018-04-01 17:45:01 +02:00
Stéphane Lesimple	f5269a362a	feat(bsd): add retpoline detection for BSD	2018-04-01 17:42:29 +02:00
Stéphane Lesimple	f3883a37a0	fix(xen): adjust message for DomUs w/ sysfs	2018-03-31 13:44:04 +02:00
Stéphane Lesimple	b6fd69a022	release: v0.36 v0.36	2018-03-27 23:08:38 +02:00
Stéphane Lesimple	7adb7661f3	enh: change colors and use red only to report vulnerability	2018-03-25 18:15:08 +02:00
Stéphane Lesimple	c7892e3399	update README.md	2018-03-25 14:18:39 +02:00

1 2 3 4 5 ...

285 Commits