peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-01 12:47:07 +02:00
Code Issues Projects Releases Wiki Activity
598 Commits 5 Branches 46 Tags
8d1d680202c502daa4e99279985b6035024b1ec6
Commit Graph

598 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stéphane Lesimple
8d1d680202 update dev docs and refactor CVE list in readme 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
d8400c6c4d chore: add .gitignore 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
e451b383c1 chore: adjust workflow for dev-build 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
06a8b3e935 chore: move dist files to the dist/ subdir 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
3088a4f72f feat: implement CVE-2024-36350 CVE-2024-36357 (Transient Scheduler Attack) 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
ce4a019cee doc: update development guidelines 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
1e121086a8 chore: shfmt 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
9e511cd714 dev-build workflow 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
823f42dade use MSR names for read_msr for readability 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
41ab027f86 fix: rework read_msr for values > INT32_MAX (#507) 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
4e3cfc0a18 doc: add a note about the mandatory POSIX compliance of used tools 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
5b7923c957 POSIX compatibility fix: replace sort -V by a manual comparison 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
9dcb3249e9 BSD compatibility fix: stat -f and date -r fallbacks 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
e9f4956764 POSIX compatibility fix: sed -r => sed -E 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
9fca4b6895 POSIX compatibility fix: cut -w => awk 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
39e03373b6 split script in multiple files, reassembled through build.sh 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
63e80e7409 standardize function naming and add doc headers to all of them 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
f373e5217f refactor functions that record/output results 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
fd9d0999af use global readonly vars for common paths/basedirs 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
2b2478b8ef factorize/standardize check_CVE_*() funcs 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
7cd9323681 factorize CVE metadata into a single CVE_REGISTRY global var 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
caa1a025b9 second vars renaming pass 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
f05b5f0fae chore: rename status_* to affected_* 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
7663161edb chore: apply variables naming convention 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
30ef15441d chore: add variables naming convention documentation 2026-03-31 20:16:47 +00:00
speed47
61cc0f3a35 update: fwdb from v347+i20251110+615b to v349+i20260227+615b, 50 microcode changes 2026-03-28 01:52:17 +00:00
Stéphane Lesimple
a20641fbad fix: handle non-numeric ARM CPU architecture values 
Some old ARM processors (e.g., ARM926EJ-S) report CPU architecture
with suffix in /proc/cpuinfo (e.g., "5TEJ" for ARMv5TEJ).

This caused an "integer expression expected" error when comparing
against numeric values. Extract the numeric prefix before integer comparisons.

Fixes #505.
 2026-01-25 12:57:41 +01:00
Stéphane Lesimple
d550ea8c85 fix: harmless 'dmesg: write error' that could happen on some systems 
Fixes #519.
 2026-01-25 11:53:13 +01:00
Stéphane Lesimple
8e33a1dbf2 fix: set cpu_* vars to a default value 
On ARM64 systems, /proc/cpuinfo uses different field names (CPU implementer,
CPU variant, CPU part, CPU revision) instead of x86-style fields (cpu family,
model, stepping). This left these variables empty, causing printf to fail
with 'invalid number' errors when formatting them as hex values.

Fixes #520.
 2026-01-25 11:38:50 +01:00
speed47
68b4617fd4 update: fwdb from v345+i20251110+4df2 to v347+i20251110+615b, 2 microcode changes 2026-01-01 11:48:36 +01:00
speed47
9fed5ceb33 update: fwdb from v344+i20250811+1523 to v345+i20251110+4df2, 45 microcode changes 2025-11-23 12:38:27 +01:00
Stéphane Lesimple
72bce72fe8 chore: really fix autoupdate workflow to avoid useless PRs 2025-10-31 19:53:59 +01:00
Stéphane Lesimple
5f18e67f6f chore: fix autoupdate workflow 2025-10-30 23:57:05 +01:00
Gabriel Francisco
a8466b74fe fix CVE-2017-5715 reporting when IBRS_FW is enabled 2025-10-27 08:42:51 +01:00
speed47
b99be2363c update: fwdb from v296+i20240514+988c to v344+i20250811+1523, 128 microcode changes 2025-10-26 22:08:07 +01:00
Stéphane Lesimple
ee4cfd00b8 chore: add autoupdate workflow for fwdb 2025-10-25 20:48:38 +02:00
Stéphane Lesimple
c2c60e0161 chore: fix recent shellcheck warnings 2025-10-25 20:48:38 +02:00
Jörg Sommer
bae43d8370 Replace head -1 by head -n1 
The info page of GNU head says:

> For compatibility 'head' also supports an obsolete option syntax
> '-[NUM][bkm][cqv]', [...] Scripts intended for standard hosts should use
> '-c NUM' or '-n NUM' instead.

At least busybox's head does not support the `-NUM` syntax.
 2025-10-25 20:45:24 +02:00
Stéphane Lesimple
34c6095912 fix: Linux 6.9+ changed some config options names (#490) 
Issue #490 is about retpoline but other options have also changed,
as reported by a comment on the issue, this commit fixes these
other options:

Breno Leitao (10):
      x86/bugs: Rename CONFIG_GDS_FORCE_MITIGATION => CONFIG_MITIGATION_GDS_FORCE
      x86/bugs: Rename CONFIG_CPU_IBPB_ENTRY       => CONFIG_MITIGATION_IBPB_ENTRY
      x86/bugs: Rename CONFIG_CALL_DEPTH_TRACKING  => CONFIG_MITIGATION_CALL_DEPTH_TRACKING
      x86/bugs: Rename CONFIG_PAGE_TABLE_ISOLATION => CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
      x86/bugs: Rename CONFIG_RETPOLINE            => CONFIG_MITIGATION_RETPOLINE
      x86/bugs: Rename CONFIG_SLS                  => CONFIG_MITIGATION_SLS
      x86/bugs: Rename CONFIG_CPU_UNRET_ENTRY      => CONFIG_MITIGATION_UNRET_ENTRY
      x86/bugs: Rename CONFIG_CPU_IBRS_ENTRY       => CONFIG_MITIGATION_IBRS_ENTRY
      x86/bugs: Rename CONFIG_CPU_SRSO             => CONFIG_MITIGATION_SRSO
      x86/bugs: Rename CONFIG_RETHUNK              => CONFIG_MITIGATION_RETHUNK
 2024-08-04 15:15:45 +02:00
Stéphane Lesimple
e806e4bc41 chore: docker compose v2 
The `docker-compose` command has been replaced by `docker compose`.
The "version" tag has also been deprecated in docker-compose.yml.
 2024-08-04 13:53:36 +02:00
Ivan Zahariev
388d44edbd Fix Retpoline detection for Linux 6.9+ (issue #490) 2024-08-04 13:41:01 +02:00
Stéphane Lesimple
bd0c7c94b5 fix: typo introduced by #483, fixes #486 2024-05-18 13:01:48 +02:00
Stéphane Lesimple
d70e4c2974 fwdb: update to v296+i20240514+988c 2024-05-18 13:01:48 +02:00
Stéphane Lesimple
4e29fb5a21 fix: ucode_platformid_mask is hexa (fixes #485) 2024-02-15 17:27:12 +01:00
Stephane Lesimple
0f2edb1a71 feat: blacklist some more microcodes (fixes #475) 2024-01-09 18:54:39 +01:00
Stephane Lesimple
8ac2539a2a fix: microcode check now supports pf_mask (fixes #482) 2024-01-09 17:05:18 +01:00
Stéphane Lesimple
97f4d5f2bc feat(reptar): add detection and mitigation of Reptar 2024-01-09 15:38:16 +01:00
Stéphane Lesimple
9b7b09ada3 fix(inception): continued mitigation detection 2023-08-25 18:50:53 +02:00
Sébastien Mériot
c94811e63d fix(inception): Zen1/2 results based on kernel mitigations 2023-08-25 18:50:53 +02:00
Sébastien Mériot
3e67047c73 feat(inception): README 2023-08-25 18:50:53 +02:00