spectre-meltdown-checker

mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-06-07 15:13:02 +02:00

Author	SHA1	Message	Date
Stéphane Lesimple	1e33f40f0a	mds/mmio/taa: don't claim "disable SMT" inside a VM guest (#343 ) Inside a Xen PVH domU (and any guest where the kernel sets X86_FEATURE_HYPERVISOR), the kernel appends "; SMT Host state unknown" to the MDS/MMIO sysfs vuln string: the host controls SMT scheduling and the guest genuinely can't see it. The "SMT is either mitigated or disabled" check only matched 'SMT (disabled\|mitigated)', so this read as "not mitigated" and --paranoid flipped the verdict to a misleading VULN "you must disable SMT (Hyper-Threading)". Make *_smt_mitigated a tri-state: 1 (disabled/mitigated), 0 (vulnerable), and 2 (host state unknown). In paranoid mode, when the in-guest mitigation is active but SMT host state is unknown, report UNK with an explanation that cross-thread protection depends on the hypervisor host's SMT/core-scheduling config, instead of VULN. PV DomUs (kernel reports "SMT vulnerable", no HYPERVISOR bit) are unchanged and still flagged.	2026-06-06 16:13:52 +02:00
Stéphane Lesimple	e67c9e4265	enh: use g_mode to explicitly save/load the current running mode	2026-04-10 19:28:10 +02:00
Stéphane Lesimple	f7ba617e16	enh: guard x86/arm specific checks in kernel/cpu for the proper arch	2026-04-10 19:28:10 +02:00
Stéphane Lesimple	b9c203120b	enh: --no-runtime and --no-hw modes replacing --live and implicit 'offline' mode	2026-04-08 22:35:53 +02:00
Stéphane Lesimple	6332fc3405	fix: CVE-2019-11135 (TAA) detect new 0x10F MSR for TSX-disabled CPUs (#414 )	2026-04-08 22:35:53 +02:00
Stéphane Lesimple	3ea8e213ec	chore: add proper header to all src/vulns/* files	2026-04-02 21:03:29 +02:00
Stéphane Lesimple	2b603c68ce	feat: add CVE-2019-11135 (TAA) mitigation detection under BSD	2026-04-01 21:12:23 +02:00
Stéphane Lesimple	cebda01d05	split script in multiple files, reassembled through build.sh	2026-03-30 20:04:16 +02:00

8 Commits