Commit Graph

  • 592e25e1d0
    Merge ea304a14c2 into 34c6095912 Thomas Merz 2024-08-27 16:05:09 +0200
  • 34c6095912 fix: Linux 6.9+ changed some config options names (#490) master Stéphane Lesimple 2024-08-04 14:13:52 +0200
  • 6fe8da171b fix: Linux 6.9+ changed some config options names (#490) Stéphane Lesimple 2024-08-04 14:13:52 +0200
  • e806e4bc41 chore: docker compose v2 Stéphane Lesimple 2024-08-04 13:45:29 +0200
  • 30349cae4f chore: docker compose v2 Stéphane Lesimple 2024-08-04 13:45:29 +0200
  • 388d44edbd Fix Retpoline detection for Linux 6.9+ (issue #490) Ivan Zahariev 2024-07-26 14:12:57 +0300
  • 04b8a0700f Fix Retpoline detection for Linux 6.9+ (issue #490) Ivan Zahariev 2024-07-26 14:12:57 +0300
  • bd0c7c94b5 fix: typo introduced by #483, fixes #486 Stéphane Lesimple 2024-05-18 12:56:07 +0200
  • d70e4c2974 fwdb: update to v296+i20240514+988c Stéphane Lesimple 2024-05-18 12:55:43 +0200
  • 106bd89089 fix: typo introduced by #483, fixes #486 Stéphane Lesimple 2024-05-18 12:56:07 +0200
  • 545a782ac2 fwdb: update to v296+i20240514+988c Stéphane Lesimple 2024-05-18 12:55:43 +0200
  • 4e29fb5a21 fix: ucode_platformid_mask is hexa (fixes #485) Stéphane Lesimple 2024-01-17 16:55:24 +0100
  • d376f77a2d fix: ucode_platformid_mask is hexa (fixes #485) Stéphane Lesimple 2024-01-17 16:55:24 +0100
  • 0f2edb1a71 feat: blacklist some more microcodes (fixes #475) Stephane Lesimple 2024-01-09 18:50:26 +0100
  • bdadb65efe feat: blacklist some more microcodes (fixes #475) Stephane Lesimple 2024-01-09 18:50:26 +0100
  • 8ac2539a2a fix: microcode check now supports pf_mask (fixes #482) Stephane Lesimple 2024-01-09 16:56:16 +0100
  • 7016421bee fix: microcode check now supports pf_mask (fixes #482) Stephane Lesimple 2024-01-09 16:56:16 +0100
  • 97f4d5f2bc feat(reptar): add detection and mitigation of Reptar Stéphane Lesimple 2023-11-17 12:17:12 +0100
  • 9fc845399c feat(reptar): add detection and mitigation of Reptar Stéphane Lesimple 2023-11-17 12:17:12 +0100
  • ea304a14c2
    👷 use latest major version for actions/checkout Thomas Merz 2023-12-22 14:38:53 +0100
  • 9b7b09ada3 fix(inception): continued mitigation detection Stéphane Lesimple 2023-08-25 11:42:57 +0200
  • c94811e63d fix(inception): Zen1/2 results based on kernel mitigations Sébastien Mériot 2023-08-16 15:54:13 +0000
  • 3e67047c73 feat(inception): README Sébastien Mériot 2023-08-14 16:43:10 +0000
  • ecee75716e feat(inception): kernel checks + sbpb support detection Sébastien Mériot 2023-08-14 16:37:51 +0000
  • fb6933dc64 feat(inception): Zen1/2 IBPB and SMT checks Sébastien Mériot 2023-08-14 09:34:48 +0000
  • dc6921a1ac feat(inception): handle sysfs interface Stéphane Lesimple 2023-08-12 11:32:32 +0200
  • 3167762cfd feat(inception): start supporting AMD inception Sébastien Mériot 2023-08-11 17:21:01 +0000
  • 3ffdca1736 fix(inception): continued mitigation detection Stéphane Lesimple 2023-08-25 11:42:57 +0200
  • 9ceb46c94c fix(inception): Zen1/2 results based on kernel mitigations Sébastien Mériot 2023-08-16 15:54:13 +0000
  • a55378d439 feat(inception): README Sébastien Mériot 2023-08-14 16:43:10 +0000
  • 637de90bd9 feat(inception): kernel checks + sbpb support detection Sébastien Mériot 2023-08-14 16:37:51 +0000
  • 0b70d8da79 feat(inception): Zen1/2 IBPB and SMT checks Sébastien Mériot 2023-08-14 09:34:48 +0000
  • 23f720cc82 feat(inception): handle sysfs interface Stéphane Lesimple 2023-08-12 11:32:32 +0200
  • 444876f8ec feat(inception): start supporting AMD inception Sébastien Mériot 2023-08-11 17:21:01 +0000
  • 44223c5308 fix: bsd: kernel version detection Stéphane Lesimple 2023-08-11 17:49:36 +0200
  • dbe208fc48 enh: downfall: detect kernel mitigation without sysfs Stéphane Lesimple 2023-08-11 17:17:06 +0200
  • aca4e2a9b1 enh: move root warning to the bottom Stéphane Lesimple 2023-08-11 17:10:35 +0200
  • b1fe7d0668 fix: bsd: kernel version detection Stéphane Lesimple 2023-08-11 17:49:36 +0200
  • 3043a42029 enh: downfall: detect kernel mitigation without sysfs Stéphane Lesimple 2023-08-11 17:17:06 +0200
  • 3bfecc9d73 enh: move root warning to the bottom Stéphane Lesimple 2023-08-11 17:10:35 +0200
  • c1c1ac4dbb feat(downfall): detection of the kernel mitigation relying on dmesg Sébastien Mériot 2023-08-10 09:05:44 +0000
  • ba0daa6769 feat: downfall: add kernel soft mitigation support check Stéphane Lesimple 2023-08-10 02:00:47 +0200
  • 227c0aab1e feat(downfall): add downfall checks Sébastien Mériot 2023-08-09 14:50:22 +0000
  • 93c94db1c3 feat(downfall): detection of the kernel mitigation relying on dmesg Sébastien Mériot 2023-08-10 09:05:44 +0000
  • 32c04e501c feat: downfall: add kernel soft mitigation support check Stéphane Lesimple 2023-08-10 02:00:47 +0200
  • 1d1f91cca8 feat(downfall): add downfall checks Sébastien Mériot 2023-08-09 14:50:22 +0000
  • 8ba3751cf7 fwdb: update to latest Intel ucode versions Stéphane Lesimple 2023-08-09 10:30:00 +0200
  • 655029e00c fwdb: update to latest Intel ucode versions Stéphane Lesimple 2023-08-09 10:30:00 +0200
  • d013c0a7d2 doc: add kernel src as additional ucode version source Stéphane Lesimple 2023-08-01 10:21:20 +0200
  • c0b33bffdb doc: add kernel src as additional ucode version source Stéphane Lesimple 2023-08-01 10:21:20 +0200
  • cbe8ba10ce fix: inteldb: cpuid 0x00090660 and 0x000A0680 Stéphane Lesimple 2023-07-30 13:19:04 +0200
  • e3a4494afa fix: inteldb: cpuid 0x00090660 and 0x000A0680 Stéphane Lesimple 2023-07-30 13:19:04 +0200
  • 9c2587bca5 enh: when CPUID can't be read, built it by ourselves Stéphane Lesimple 2023-07-30 11:55:12 +0200
  • 2a5ddc87bf feat: add Intel known affected processors DB Stéphane Lesimple 2023-07-30 11:53:59 +0200
  • a361907bd8 enh: when CPUID can't be read, built it by ourselves Stéphane Lesimple 2023-07-30 11:55:12 +0200
  • 5084a2d9b0 feat: add Intel known affected processors DB Stéphane Lesimple 2023-07-30 11:53:59 +0200
  • 2ef6c1c80e enh: factorize file download func Stéphane Lesimple 2023-07-28 19:45:07 +0200
  • 3c224018f4 chore: update disclaimer and FAQ Stéphane Lesimple 2023-07-28 19:43:40 +0200
  • 39dd25cd82 enh: factorize file download func Stéphane Lesimple 2023-07-28 19:45:07 +0200
  • 2d932fdc8a chore: update disclaimer and FAQ Stéphane Lesimple 2023-07-28 19:43:40 +0200
  • b8f8c81d51 release v0.46 v0.46 Stéphane Lesimple 2023-07-26 18:04:47 +0200
  • 4c9a326448 release v0.46 Stéphane Lesimple 2023-07-26 18:04:47 +0200
  • f34dd5fa7b enh: assume CPU is immune to Zenbleed regardless of vendor except AMD Stéphane Lesimple 2023-07-26 17:52:33 +0200
  • ec3a0cd28f enh: assume CPU is immune to Zenbleed regardless of vendor except AMD Stéphane Lesimple 2023-07-26 17:52:33 +0200
  • c0869d7341 enh: zenbleed: give a manual mitigation in --explain Stéphane Lesimple 2023-07-26 16:30:20 +0200
  • f134ec3812 enh: zenbleed: give a manual mitigation in --explain Stéphane Lesimple 2023-07-26 16:30:20 +0200
  • e99a548dcc fix: fms2cpuid was incorrect for families > 0xF Stéphane Lesimple 2023-07-26 14:17:36 +0200
  • 8587c8b10b fix: fms2cpuid was incorrect for families > 0xF Stéphane Lesimple 2023-07-26 14:17:36 +0200
  • 3d475dfaec feat: fwdb: add linux-firmware as AMD source, update fwdb accordingly Stéphane Lesimple 2023-07-26 13:55:19 +0200
  • cba5010c2a chore: fix typo Stéphane Lesimple 2023-07-26 11:59:33 +0200
  • 9041c5b6b7 feat: fwdb: add linux-firmware as AMD source, update fwdb accordingly Stéphane Lesimple 2023-07-26 13:55:19 +0200
  • e1e0504f0a chore: fix typo Stéphane Lesimple 2023-07-26 11:59:33 +0200
  • c5661f098f enh: add --explain text for Zenbleed Stéphane Lesimple 2023-07-26 10:46:34 +0200
  • d08e4810a4 enh: add --explain text for Zenbleed Stéphane Lesimple 2023-07-26 10:46:34 +0200
  • 6844c01242 enh: add zenbleed support to the --variant option Stéphane Lesimple 2023-07-26 10:35:07 +0200
  • 2d08d7a3da enh: add zenbleed support to the --variant option Stéphane Lesimple 2023-07-26 10:35:07 +0200
  • 0811f28ac6 fix: arm is not affected by zenbleed ShadowCurse 2023-07-25 18:45:35 +0100
  • d591d0aa3e fix: arm is not affected by zenbleed ShadowCurse 2023-07-25 18:45:35 +0100
  • 9bb79a18eb feat: add Zenbleed (CVE-2023-20593) and update fwdb to v270+i20230614 Stéphane Lesimple 2023-07-25 12:09:05 +0200
  • 9b062ac45b feat: add Zenbleed (CVE-2023-20593) and update fwdb to v270+i20230614 Stéphane Lesimple 2023-07-25 12:09:05 +0200
  • 0d93c6ffb4 feat: arm: add Neoverse-N2 and Neoverse-V2 George Cherian 2023-06-09 16:33:29 +0530
  • 64548deac0 feat: arm: add Neoverse-N2 and Neoverse-V2 George Cherian 2023-06-09 16:33:29 +0530
  • 555acb37be
    Merge 8a745070a7 into 6a61df200e Rob Gill 2023-05-14 13:59:20 -0700
  • 6a61df200e update: fwdb to v266+i20230512 Stéphane Lesimple 2023-05-13 10:18:36 +0200
  • 8cd707a2e8 update: fwdb to v266+i20230512 Stéphane Lesimple 2023-05-13 10:18:36 +0200
  • e4b313fe79 feat: arm: add Neoverse-V1 ShadowCurse 2023-02-25 16:18:56 +0000
  • 8a745070a7 report no system interface available for cve 2021 26341 Rob Gill 2023-03-19 04:30:38 +1000
  • eb53c24093 CVE-2021-26341 Straight-line Speculation (SLS) detection of mitigation The ability to mitigate against this vulnerability was added to the kernel in Jan 2022 (https://lore.kernel.org/lkml/Yd8o%2FhxM%2FOH3mdQR@zn.tnic/) Detection is via kernel .config, as this mitigation is not reported in /sys SLS affects AMD CPUs from Athlon XP through to Ryzen 5000 and EPYC server processors (https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1026) Rob Gill 2023-03-19 04:17:45 +1000
  • f4c674c5cf feat: arm: add Neoverse-V1 ShadowCurse 2023-02-25 16:18:56 +0000
  • a2843575be fix: docker: adding missing utils (fixes #433) Stéphane Lesimple 2022-03-30 13:07:21 +0200
  • 60c71ccb7a Add support for Guix System kernel. Hilton Chain 2022-11-05 23:22:31 +0800
  • 48abeb5950 fix: bad exitcode with --update-fwdb due to trap exit Stéphane Lesimple 2023-02-24 20:55:41 +0100
  • 224a63702c fix: bad exitcode with --update-fwdb due to trap exit Stéphane Lesimple 2023-02-24 20:55:41 +0100
  • 3c988cc73a fix: rewrite SQL to be sqlite3 >= 3.41 compatible Stéphane Lesimple 2023-02-24 20:36:37 +0100
  • a2b4bbef5e fix: rewrite SQL to be sqlite3 >= 3.41 compatible Stéphane Lesimple 2023-02-24 20:36:37 +0100
  • bea5cfc3b8 Fix typo: /devnull file created in filesystem glitsj16 2022-12-21 00:52:51 +0000
  • f1d7e487c8 fix: Neoverse V1 isn't vulnerable to Spectre 3a Ali Saidi 2023-02-23 10:24:03 -0600
  • 9afec3141d
    Fix typo: /devnull file created in filesystem glitsj16 2022-12-21 00:52:51 +0000
  • 5b757d930e
    Add support for Guix System kernel. Hilton Chain 2022-11-05 23:22:31 +0800
  • 3c4f5e4d8e Check the status of the mitigations indicated by the 'Branch History Injection and Intra-mode Branch Target Injection: https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/branch-history-injection.html Gomez Iglesias, Antonio 2022-03-08 10:14:22 -0800