peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-01 12:47:07 +02:00
Code Issues Projects Releases Wiki Activity
603 Commits 5 Branches 46 Tags
b4f4d111067b311c90fbe35c71163d8173b60e92
Commit Graph

603 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stéphane Lesimple
b4f4d11106 fix: CVE-2018-3620: false 'VULN' status on kernels reporting CPU as unaffected and RDCL_NO can't be parsed 2026-04-01 00:41:32 +02:00
Stéphane Lesimple
4738e8f0ad enh: draft rework of CVE-2017-5753 aka spectre v1 2026-04-01 00:22:07 +02:00
Stéphane Lesimple
b32f05b8d2 chore: readme: add a second table one about impact/mitigation, rework sections 2026-04-01 00:21:35 +02:00
Stéphane Lesimple
295324a545 chore: prepare for dev-build renaming to test-build 2026-03-31 19:49:39 +02:00
Stéphane Lesimple
efa07e7fd9 chore: set VERSION when building 2026-03-31 00:18:09 +02:00
Stéphane Lesimple
eabddf3d72 update dev docs and refactor CVE list in readme 2026-03-30 23:35:48 +02:00
Stéphane Lesimple
04221cf8c8 chore: add .gitignore 2026-03-30 23:07:59 +02:00
Stéphane Lesimple
a0032a44ef chore: adjust workflow for dev-build 2026-03-30 23:07:59 +02:00
Stéphane Lesimple
6eb70ab52d chore: move dist files to the dist/ subdir 2026-03-30 23:07:59 +02:00
Stéphane Lesimple
05e09bb7f4 feat: implement CVE-2024-36350 CVE-2024-36357 (Transient Scheduler Attack) 2026-03-30 23:07:59 +02:00
Stéphane Lesimple
5a0c391b06 doc: update development guidelines 2026-03-30 23:07:59 +02:00
Stéphane Lesimple
ebc9e91d78 chore: shfmt 2026-03-30 23:07:59 +02:00
Stéphane Lesimple
c2542e9940 dev-build workflow 2026-03-30 23:07:59 +02:00
Stéphane Lesimple
994608a90a use MSR names for read_msr for readability 2026-03-30 21:01:13 +02:00
Stéphane Lesimple
3d6acc460e fix: rework read_msr for values > INT32_MAX (#507) 2026-03-30 20:53:13 +02:00
Stéphane Lesimple
72824deea5 doc: add a note about the mandatory POSIX compliance of used tools 2026-03-30 20:48:10 +02:00
Stéphane Lesimple
a7cf525b6e POSIX compatibility fix: replace sort -V by a manual comparison 2026-03-30 20:39:05 +02:00
Stéphane Lesimple
70d531ba09 BSD compatibility fix: stat -f and date -r fallbacks 2026-03-30 20:30:29 +02:00
Stéphane Lesimple
cd79597e9a POSIX compatibility fix: sed -r => sed -E 2026-03-30 20:24:04 +02:00
Stéphane Lesimple
b8477d0e4d POSIX compatibility fix: cut -w => awk 2026-03-30 20:15:21 +02:00
Stéphane Lesimple
cebda01d05 split script in multiple files, reassembled through build.sh 2026-03-30 20:04:16 +02:00
Stéphane Lesimple
7e660812e9 standardize function naming and add doc headers to all of them 2026-03-30 19:55:15 +02:00
Stéphane Lesimple
45b26322c4 refactor functions that record/output results 2026-03-30 19:40:26 +02:00
Stéphane Lesimple
a74111bfcd use global readonly vars for common paths/basedirs 2026-03-30 19:31:22 +02:00
Stéphane Lesimple
5a3362a7ed factorize/standardize check_CVE_*() funcs 2026-03-30 19:22:57 +02:00
Stéphane Lesimple
76a6d476ae factorize CVE metadata into a single CVE_REGISTRY global var 2026-03-30 19:15:10 +02:00
Stéphane Lesimple
80a31d25cc second vars renaming pass 2026-03-30 07:13:45 +00:00
Stéphane Lesimple
34c7b221f0 chore: rename status_* to affected_* 2026-03-30 00:28:14 +00:00
Stéphane Lesimple
2029fe10ef chore: apply variables naming convention 2026-03-30 00:25:27 +00:00
Stéphane Lesimple
c34517dc99 chore: add variables naming convention documentation 2026-03-30 00:09:24 +00:00
speed47
61cc0f3a35 update: fwdb from v347+i20251110+615b to v349+i20260227+615b, 50 microcode changes 2026-03-28 01:52:17 +00:00
Stéphane Lesimple
a20641fbad fix: handle non-numeric ARM CPU architecture values 
Some old ARM processors (e.g., ARM926EJ-S) report CPU architecture
with suffix in /proc/cpuinfo (e.g., "5TEJ" for ARMv5TEJ).

This caused an "integer expression expected" error when comparing
against numeric values. Extract the numeric prefix before integer comparisons.

Fixes #505.
 2026-01-25 12:57:41 +01:00
Stéphane Lesimple
d550ea8c85 fix: harmless 'dmesg: write error' that could happen on some systems 
Fixes #519.
 2026-01-25 11:53:13 +01:00
Stéphane Lesimple
8e33a1dbf2 fix: set cpu_* vars to a default value 
On ARM64 systems, /proc/cpuinfo uses different field names (CPU implementer,
CPU variant, CPU part, CPU revision) instead of x86-style fields (cpu family,
model, stepping). This left these variables empty, causing printf to fail
with 'invalid number' errors when formatting them as hex values.

Fixes #520.
 2026-01-25 11:38:50 +01:00
speed47
68b4617fd4 update: fwdb from v345+i20251110+4df2 to v347+i20251110+615b, 2 microcode changes 2026-01-01 11:48:36 +01:00
speed47
9fed5ceb33 update: fwdb from v344+i20250811+1523 to v345+i20251110+4df2, 45 microcode changes 2025-11-23 12:38:27 +01:00
Stéphane Lesimple
72bce72fe8 chore: really fix autoupdate workflow to avoid useless PRs 2025-10-31 19:53:59 +01:00
Stéphane Lesimple
5f18e67f6f chore: fix autoupdate workflow 2025-10-30 23:57:05 +01:00
Gabriel Francisco
a8466b74fe fix CVE-2017-5715 reporting when IBRS_FW is enabled 2025-10-27 08:42:51 +01:00
speed47
b99be2363c update: fwdb from v296+i20240514+988c to v344+i20250811+1523, 128 microcode changes 2025-10-26 22:08:07 +01:00
Stéphane Lesimple
ee4cfd00b8 chore: add autoupdate workflow for fwdb 2025-10-25 20:48:38 +02:00
Stéphane Lesimple
c2c60e0161 chore: fix recent shellcheck warnings 2025-10-25 20:48:38 +02:00
Jörg Sommer
bae43d8370 Replace head -1 by head -n1 
The info page of GNU head says:

> For compatibility 'head' also supports an obsolete option syntax
> '-[NUM][bkm][cqv]', [...] Scripts intended for standard hosts should use
> '-c NUM' or '-n NUM' instead.

At least busybox's head does not support the `-NUM` syntax.
 2025-10-25 20:45:24 +02:00
Stéphane Lesimple
34c6095912 fix: Linux 6.9+ changed some config options names (#490) 
Issue #490 is about retpoline but other options have also changed,
as reported by a comment on the issue, this commit fixes these
other options:

Breno Leitao (10):
      x86/bugs: Rename CONFIG_GDS_FORCE_MITIGATION => CONFIG_MITIGATION_GDS_FORCE
      x86/bugs: Rename CONFIG_CPU_IBPB_ENTRY       => CONFIG_MITIGATION_IBPB_ENTRY
      x86/bugs: Rename CONFIG_CALL_DEPTH_TRACKING  => CONFIG_MITIGATION_CALL_DEPTH_TRACKING
      x86/bugs: Rename CONFIG_PAGE_TABLE_ISOLATION => CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
      x86/bugs: Rename CONFIG_RETPOLINE            => CONFIG_MITIGATION_RETPOLINE
      x86/bugs: Rename CONFIG_SLS                  => CONFIG_MITIGATION_SLS
      x86/bugs: Rename CONFIG_CPU_UNRET_ENTRY      => CONFIG_MITIGATION_UNRET_ENTRY
      x86/bugs: Rename CONFIG_CPU_IBRS_ENTRY       => CONFIG_MITIGATION_IBRS_ENTRY
      x86/bugs: Rename CONFIG_CPU_SRSO             => CONFIG_MITIGATION_SRSO
      x86/bugs: Rename CONFIG_RETHUNK              => CONFIG_MITIGATION_RETHUNK
 2024-08-04 15:15:45 +02:00
Stéphane Lesimple
e806e4bc41 chore: docker compose v2 
The `docker-compose` command has been replaced by `docker compose`.
The "version" tag has also been deprecated in docker-compose.yml.
 2024-08-04 13:53:36 +02:00
Ivan Zahariev
388d44edbd Fix Retpoline detection for Linux 6.9+ (issue #490) 2024-08-04 13:41:01 +02:00
Stéphane Lesimple
bd0c7c94b5 fix: typo introduced by #483, fixes #486 2024-05-18 13:01:48 +02:00
Stéphane Lesimple
d70e4c2974 fwdb: update to v296+i20240514+988c 2024-05-18 13:01:48 +02:00
Stéphane Lesimple
4e29fb5a21 fix: ucode_platformid_mask is hexa (fixes #485) 2024-02-15 17:27:12 +01:00
Stephane Lesimple
0f2edb1a71 feat: blacklist some more microcodes (fixes #475) 2024-01-09 18:54:39 +01:00