peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-01 12:47:07 +02:00
Code Issues Projects Releases Wiki Activity
581 Commits 5 Branches 46 Tags
f373e5217f07c4855b4a4bac6ddf13cdcf0cb014
Commit Graph

581 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stéphane Lesimple
f373e5217f refactor functions that record/output results 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
fd9d0999af use global readonly vars for common paths/basedirs 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
2b2478b8ef factorize/standardize check_CVE_*() funcs 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
7cd9323681 factorize CVE metadata into a single CVE_REGISTRY global var 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
caa1a025b9 second vars renaming pass 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
f05b5f0fae chore: rename status_* to affected_* 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
7663161edb chore: apply variables naming convention 2026-03-31 20:16:47 +00:00
Stéphane Lesimple
30ef15441d chore: add variables naming convention documentation 2026-03-31 20:16:47 +00:00
speed47
61cc0f3a35 update: fwdb from v347+i20251110+615b to v349+i20260227+615b, 50 microcode changes 2026-03-28 01:52:17 +00:00
Stéphane Lesimple
a20641fbad fix: handle non-numeric ARM CPU architecture values 
Some old ARM processors (e.g., ARM926EJ-S) report CPU architecture
with suffix in /proc/cpuinfo (e.g., "5TEJ" for ARMv5TEJ).

This caused an "integer expression expected" error when comparing
against numeric values. Extract the numeric prefix before integer comparisons.

Fixes #505.
 2026-01-25 12:57:41 +01:00
Stéphane Lesimple
d550ea8c85 fix: harmless 'dmesg: write error' that could happen on some systems 
Fixes #519.
 2026-01-25 11:53:13 +01:00
Stéphane Lesimple
8e33a1dbf2 fix: set cpu_* vars to a default value 
On ARM64 systems, /proc/cpuinfo uses different field names (CPU implementer,
CPU variant, CPU part, CPU revision) instead of x86-style fields (cpu family,
model, stepping). This left these variables empty, causing printf to fail
with 'invalid number' errors when formatting them as hex values.

Fixes #520.
 2026-01-25 11:38:50 +01:00
speed47
68b4617fd4 update: fwdb from v345+i20251110+4df2 to v347+i20251110+615b, 2 microcode changes 2026-01-01 11:48:36 +01:00
speed47
9fed5ceb33 update: fwdb from v344+i20250811+1523 to v345+i20251110+4df2, 45 microcode changes 2025-11-23 12:38:27 +01:00
Stéphane Lesimple
72bce72fe8 chore: really fix autoupdate workflow to avoid useless PRs 2025-10-31 19:53:59 +01:00
Stéphane Lesimple
5f18e67f6f chore: fix autoupdate workflow 2025-10-30 23:57:05 +01:00
Gabriel Francisco
a8466b74fe fix CVE-2017-5715 reporting when IBRS_FW is enabled 2025-10-27 08:42:51 +01:00
speed47
b99be2363c update: fwdb from v296+i20240514+988c to v344+i20250811+1523, 128 microcode changes 2025-10-26 22:08:07 +01:00
Stéphane Lesimple
ee4cfd00b8 chore: add autoupdate workflow for fwdb 2025-10-25 20:48:38 +02:00
Stéphane Lesimple
c2c60e0161 chore: fix recent shellcheck warnings 2025-10-25 20:48:38 +02:00
Jörg Sommer
bae43d8370 Replace head -1 by head -n1 
The info page of GNU head says:

> For compatibility 'head' also supports an obsolete option syntax
> '-[NUM][bkm][cqv]', [...] Scripts intended for standard hosts should use
> '-c NUM' or '-n NUM' instead.

At least busybox's head does not support the `-NUM` syntax.
 2025-10-25 20:45:24 +02:00
Stéphane Lesimple
34c6095912 fix: Linux 6.9+ changed some config options names (#490) 
Issue #490 is about retpoline but other options have also changed,
as reported by a comment on the issue, this commit fixes these
other options:

Breno Leitao (10):
      x86/bugs: Rename CONFIG_GDS_FORCE_MITIGATION => CONFIG_MITIGATION_GDS_FORCE
      x86/bugs: Rename CONFIG_CPU_IBPB_ENTRY       => CONFIG_MITIGATION_IBPB_ENTRY
      x86/bugs: Rename CONFIG_CALL_DEPTH_TRACKING  => CONFIG_MITIGATION_CALL_DEPTH_TRACKING
      x86/bugs: Rename CONFIG_PAGE_TABLE_ISOLATION => CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
      x86/bugs: Rename CONFIG_RETPOLINE            => CONFIG_MITIGATION_RETPOLINE
      x86/bugs: Rename CONFIG_SLS                  => CONFIG_MITIGATION_SLS
      x86/bugs: Rename CONFIG_CPU_UNRET_ENTRY      => CONFIG_MITIGATION_UNRET_ENTRY
      x86/bugs: Rename CONFIG_CPU_IBRS_ENTRY       => CONFIG_MITIGATION_IBRS_ENTRY
      x86/bugs: Rename CONFIG_CPU_SRSO             => CONFIG_MITIGATION_SRSO
      x86/bugs: Rename CONFIG_RETHUNK              => CONFIG_MITIGATION_RETHUNK
 2024-08-04 15:15:45 +02:00
Stéphane Lesimple
e806e4bc41 chore: docker compose v2 
The `docker-compose` command has been replaced by `docker compose`.
The "version" tag has also been deprecated in docker-compose.yml.
 2024-08-04 13:53:36 +02:00
Ivan Zahariev
388d44edbd Fix Retpoline detection for Linux 6.9+ (issue #490) 2024-08-04 13:41:01 +02:00
Stéphane Lesimple
bd0c7c94b5 fix: typo introduced by #483, fixes #486 2024-05-18 13:01:48 +02:00
Stéphane Lesimple
d70e4c2974 fwdb: update to v296+i20240514+988c 2024-05-18 13:01:48 +02:00
Stéphane Lesimple
4e29fb5a21 fix: ucode_platformid_mask is hexa (fixes #485) 2024-02-15 17:27:12 +01:00
Stephane Lesimple
0f2edb1a71 feat: blacklist some more microcodes (fixes #475) 2024-01-09 18:54:39 +01:00
Stephane Lesimple
8ac2539a2a fix: microcode check now supports pf_mask (fixes #482) 2024-01-09 17:05:18 +01:00
Stéphane Lesimple
97f4d5f2bc feat(reptar): add detection and mitigation of Reptar 2024-01-09 15:38:16 +01:00
Stéphane Lesimple
9b7b09ada3 fix(inception): continued mitigation detection 2023-08-25 18:50:53 +02:00
Sébastien Mériot
c94811e63d fix(inception): Zen1/2 results based on kernel mitigations 2023-08-25 18:50:53 +02:00
Sébastien Mériot
3e67047c73 feat(inception): README 2023-08-25 18:50:53 +02:00
Sébastien Mériot
ecee75716e feat(inception): kernel checks + sbpb support detection 2023-08-25 18:50:53 +02:00
Sébastien Mériot
fb6933dc64 feat(inception): Zen1/2 IBPB and SMT checks 2023-08-25 18:50:53 +02:00
Stéphane Lesimple
dc6921a1ac feat(inception): handle sysfs interface 2023-08-25 18:50:53 +02:00
Sébastien Mériot
3167762cfd feat(inception): start supporting AMD inception 2023-08-25 18:50:53 +02:00
Stéphane Lesimple
44223c5308 fix: bsd: kernel version detection 2023-08-11 18:41:35 +02:00
Stéphane Lesimple
dbe208fc48 enh: downfall: detect kernel mitigation without sysfs 2023-08-11 18:10:27 +02:00
Stéphane Lesimple
aca4e2a9b1 enh: move root warning to the bottom 2023-08-11 18:10:27 +02:00
Sébastien Mériot
c1c1ac4dbb feat(downfall): detection of the kernel mitigation relying on dmesg 2023-08-10 11:14:40 +02:00
Stéphane Lesimple
ba0daa6769 feat: downfall: add kernel soft mitigation support check 2023-08-10 11:14:40 +02:00
Sébastien Mériot
227c0aab1e feat(downfall): add downfall checks 2023-08-10 11:14:40 +02:00
Stéphane Lesimple
8ba3751cf7 fwdb: update to latest Intel ucode versions 2023-08-09 10:35:08 +02:00
Stéphane Lesimple
d013c0a7d2 doc: add kernel src as additional ucode version source 2023-08-01 10:22:15 +02:00
Stéphane Lesimple
cbe8ba10ce fix: inteldb: cpuid 0x00090660 and 0x000A0680 2023-07-30 13:21:38 +02:00
Stéphane Lesimple
9c2587bca5 enh: when CPUID can't be read, built it by ourselves 2023-07-30 12:21:12 +02:00
Stéphane Lesimple
2a5ddc87bf feat: add Intel known affected processors DB 2023-07-30 12:21:12 +02:00
Stéphane Lesimple
2ef6c1c80e enh: factorize file download func 2023-07-28 20:03:16 +02:00
Stéphane Lesimple
3c224018f4 chore: update disclaimer and FAQ 2023-07-28 20:03:16 +02:00