Commit Graph

474 Commits

Author SHA1 Message Date
Stéphane Lesimple
9041c5b6b7 feat: fwdb: add linux-firmware as AMD source, update fwdb accordingly 2023-07-26 13:55:19 +02:00
Stéphane Lesimple
e1e0504f0a chore: fix typo 2023-07-26 12:01:31 +02:00
Stéphane Lesimple
c5661f098f enh: add --explain text for Zenbleed 2023-07-26 10:56:45 +02:00
Stéphane Lesimple
6844c01242 enh: add zenbleed support to the --variant option 2023-07-26 10:46:38 +02:00
ShadowCurse
0811f28ac6 fix: arm is not affected by zenbleed 2023-07-25 19:59:59 +02:00
Stéphane Lesimple
9bb79a18eb feat: add Zenbleed (CVE-2023-20593) and update fwdb to v270+i20230614 2023-07-25 17:54:59 +02:00
George Cherian
0d93c6ffb4 feat: arm: add Neoverse-N2 and Neoverse-V2
Signed-off-by: George Cherian <george.cherian@marvell.com>
2023-06-18 12:19:02 +02:00
Stéphane Lesimple
6a61df200e update: fwdb to v266+i20230512 2023-05-13 10:27:03 +02:00
ShadowCurse
e4b313fe79 feat: arm: add Neoverse-V1 2023-04-22 11:17:06 +02:00
Hilton Chain
60c71ccb7a Add support for Guix System kernel. 2023-02-24 20:58:45 +01:00
Stéphane Lesimple
48abeb5950 fix: bad exitcode with --update-fwdb due to trap exit 2023-02-24 20:57:43 +01:00
Stéphane Lesimple
3c988cc73a fix: rewrite SQL to be sqlite3 >= 3.41 compatible
closes #443
2023-02-24 20:54:40 +01:00
glitsj16
bea5cfc3b8 Fix typo: /devnull file created in filesystem 2023-02-24 19:42:16 +01:00
Stéphane Lesimple
b68ebe67f2 fix: fwdb: ignore MCEdb versions where an official Intel version exists (fixes #430) 2022-03-30 09:10:55 +02:00
Stéphane Lesimple
a6c943d38f release v0.45 2022-03-27 12:41:17 +02:00
Stéphane Lesimple
dd162301ff chore: update fwdb to v222+i20220208 2022-03-27 12:38:44 +02:00
Stéphane Lesimple
5f6471d9a4 feat: set default TMPDIR for Android (#415) 2022-03-27 12:31:05 +02:00
Stéphane Lesimple
2a5b965b98 feat: add --allow-msr-write, no longer write by default (#385), detect when writing is denied 2022-03-24 12:37:19 +01:00
Stéphane Lesimple
ee266d43b7 chore: fix indentation 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
b61baa90df feat: bsd: for unimplemented CVEs, at least report when CPU is not affected 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
a98d92f8bc chore: wording: model not vulnerable -> model not affected 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
b7c8c4115a feat: implement detection for MCEPSC under BSD 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
4e7c52767d chore: update Intel Family 6 models 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
8473d9ba6b chore: ensure vars are set before being dereferenced (set -u compat) 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
0af4830224 fix: is_ucode_blacklisted: fix some model names 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
81a4329d71 feat: add --cpu, apply changes to (read|write)_msr, update fwdb to v221+i20220208 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
3679776f3c chore: only attempt to load msr and cpuid module once 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
ba131fcd2f chore: read_cpuid: use named constants 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
ae6bc31c2c feat: hw check: add IPRED, RRSBA, BHI features check 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
6d7a6b3666 feat: add subleaf != 0 support for read_cpuid 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
16f2160be5 chore: fwdb: update to v220+i20220208 2022-03-17 19:39:39 +01:00
Stéphane Lesimple
580549812a fix: retpoline: detection on 5.15.28+ (#420) 2022-03-17 19:25:24 +01:00
Stéphane Lesimple
05d862709d fix: has_vmm false positive with pcp
Fix by matching the full procname with pgrep (-x),
so that the 'pmdakvm' process doesn't match.

Closes #394
2021-05-25 12:31:07 +02:00
Stéphane Lesimple
3846913899 fix: refuse to run under MacOS and ESXi 2021-05-24 22:42:23 +02:00
Stéphane Lesimple
0ba71a443e fix: mcedb: v191 changed the MCE table format
Also update the builtin db to v191+i20210217

Closes #400
2021-05-24 12:55:44 +02:00
Stéphane Lesimple
3a486e9985 arm64: variant 4: detect ssbd mitigation from kernel img, system.map or kconfig 2021-04-02 15:38:31 +02:00
Stéphane Lesimple
23564cda5d fix: variant4: added case where prctl ssbd status is tagged as 'unknown' 2021-04-02 15:38:31 +02:00
Stéphane Lesimple
0ea21d09bd fix: extract_kernel: don't overwrite kernel_err if already set
Fixes #395
2021-04-02 15:33:02 +02:00
Zhiyuan Dai
6d35e780f4 arm64: phytium: Add CPU Implementer Phytium
This patch adds 0x70 check for phytium implementer id in function
parse_cpu_details. Also adds that Phytium Soc is not vulnerable to variant 3/3a
2021-01-13 19:14:09 +01:00
Stéphane Lesimple
4ec3154be0 chore: replace 'Vulnerable to' by 'Affected by' in the hw section
This seems to be less confusing, suggested by #356
2020-11-10 18:56:25 +01:00
Stéphane Lesimple
843f26630d feat: arm: add Cortex A77 and Neoverse-N1 (fixes #371) 2020-11-10 18:36:42 +01:00
Stéphane Lesimple
7fc2ec65b9 bump to v0.44 2020-11-09 18:41:43 +01:00
Stéphane Lesimple
c8cdfd54da chore: fwdb: update to v165.20201021+i20200616 2020-11-08 21:25:18 +01:00
Stéphane Lesimple
f0c33c7a32 fix: fwdb: use the commit date as the intel fwdb version
fixes #379
2020-11-08 21:25:18 +01:00
Stéphane Lesimple
9e874397da chore: fwdb: update to v163.20200930+i20200904 2020-10-05 20:06:49 +02:00
Stéphane Lesimple
76cb73f3cb fix: fwdb: update Intel's repository URL 2020-10-05 20:06:49 +02:00
Stéphane Lesimple
90f23d286e chore: update fwdb to v160.20200912+i20200722 2020-09-14 21:45:09 +02:00
Stéphane Lesimple
e41e311a7f feat: add zstd kernel decompression (#370) 2020-09-14 21:42:55 +02:00
Stéphane Lesimple
1f75f01630 fwdb: update MCEdb to v148 & Intel firmwares to 2020-04-27 2020-06-13 18:11:12 +02:00
Stéphane Lesimple
d8f0ddd7a5 chore: fix indentation 2020-06-10 00:07:14 +02:00