peter/spectre-meltdown-checker
peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2025-04-12 01:09:57 +02:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 297d890ce9 fix ucode version check regression introduced by fbbb19f under BSD Stéphane Lesimple 2018-09-23 15:00:39 +02:00
  • 0252e74f94 feat(bsd): implement CVE-2018-3620 and CVE-2018-3646 mitigation detection Stéphane Lesimple 2018-09-22 12:26:48 +02:00
  • fbbb19f244 Fix cases where a CPU ucode version is not found in $procfs/cpuinfo. (#246) Nicolas Sauzede 2018-09-19 22:00:59 +02:00
  • 1571a56ce2 feat: add L1D flush cpuid feature bit detection Stéphane Lesimple 2018-09-19 09:05:23 +02:00
  • 3cf9141601 fix: don't display summary if no CVE was tested (e.g. --hw-only) Stéphane Lesimple 2018-09-19 09:04:52 +02:00
  • bff38f1b26 BSD: add not-implemented-yet notice for Foreshadow-NG Stéphane Lesimple 2018-09-18 22:06:01 +02:00
  • b419fe7c63 feat(variant4): properly detect SSBD under BSD Stéphane Lesimple 2018-09-18 22:00:32 +02:00
  • f193484a4a chore: fix deprecated SPDX license identifier (#249) (#251) alexvong1995 2018-09-18 18:00:53 +00:00
  • 349d77b3b6 Fix kernel detection when /lib/kernel exists on a distro (#252) Laszlo Toth 2018-09-18 20:00:20 +02:00
  • e589ed7f02 fix: don't test SGX again in check_CVE_2018_3615, already done by is_cpu_vulnerable Stéphane Lesimple 2018-09-17 22:28:04 +02:00
  • ae1206288f fix: remove some harcoded /proc paths, use $procfs instead Stéphane Lesimple 2018-09-17 22:26:20 +02:00
  • b44d2b5470 chore: remove 'experimental' notice of Foreshadow from README Stéphane Lesimple 2018-09-17 21:48:20 +02:00
  • 7b72c20f89 feat(l1tf): explode L1TF in its 3 distinct CVEs Stéphane Lesimple 2018-09-17 21:44:22 +02:00
  • b48b2177b7 feat: Add Clear Linux Distro (#244) Luis Ponce 2018-09-15 08:51:49 -05:00
  • 8f31634df6 feat(batch): Add a batch short option for one line result (#243) Pierre Gaxatte 2018-09-15 15:45:10 +02:00
  • 96798b1932 chore: add SPDX GPL-3.0 license identifier (#245) Luis Ponce 2018-09-15 08:33:41 -05:00
  • 687ce1a7fa fix: load cpuid module if absent even when /dev/cpu/0/cpuid is there Stéphane Lesimple 2018-09-08 23:15:21 +02:00
  • 80e0db7cc4 fix: don't show erroneous ucode version when latest version is unknown (fixes #238) Stéphane Lesimple 2018-08-28 20:51:34 +02:00
  • e8890ffac6 feat(config): support for genkernel kernel config file (#239) David Guglielmi 2018-08-28 20:24:37 +02:00
  • b2f64e1132 fix README after merge Stéphane Lesimple 2018-08-18 12:09:34 +02:00
  • 42a3a61f1d Slightly improved Docker configuration (#230) unrealization 2018-08-18 12:06:16 +02:00
  • afb36c519d Fix typo: 'RBS filling' => 'RSB filling' (#237) Karsten Weiss 2018-08-18 12:05:17 +02:00
  • 0009c0d473 fix: --batch now implies --no-color to avoid colored warnings Stéphane Lesimple 2018-08-18 12:04:18 +02:00
  • dd67fd94d7 feat: add FLUSH_CMD MSR availability detection (part of L1TF mitigation) Stéphane Lesimple 2018-08-16 19:05:09 +02:00
  • 339ad31757 fix: add missing l1tf CPU vulnerability display in hw section Stéphane Lesimple 2018-08-16 15:19:29 +02:00
  • 794c5be1d2 feat: add optional git describe support to display inter-release version numbers Stéphane Lesimple 2018-08-16 15:18:47 +02:00
  • a7afc585a9 fix several incorrect ucode version numbers Stéphane Lesimple 2018-08-16 10:51:55 +02:00
  • fc1dffd09a feat: implement detection of latest known versions of intel microcodes Stéphane Lesimple 2018-08-15 12:53:49 +02:00
  • e942616189 feat: initial support for L1TF Stéphane Lesimple 2018-08-15 11:59:23 +02:00
  • 360be7b35f fix: hide arch_capabilities_msr_not_read warning under !intel v0.39 Stéphane Lesimple 2018-08-13 15:42:56 +02:00
  • 5f59257826 bump to v0.39 Stéphane Lesimple 2018-08-13 15:33:03 +02:00
  • 92d59cbdc1 chore: adjust some comments, add 2 missing inits Stéphane Lesimple 2018-08-11 10:31:10 +02:00
  • 4747b932e7 feat: add detection of RSBA feature bit and adjust logic accordingly Stéphane Lesimple 2018-08-09 21:03:58 +02:00
  • 860023a806 fix: ARCH MSR was not read correctly, preventing proper SSB_NO and RDCL_NO detection Stéphane Lesimple 2018-08-09 10:02:44 +02:00
  • ab67a9221d feat: read/write msr now supports msr-tools or perl as dd fallback Stéphane Lesimple 2018-08-08 16:52:31 +02:00
  • f4592bf3a8 Add Arch armv5/armv7 kernel image location (#227) 0x9fff00 2018-08-09 22:13:30 +02:00
  • be15e47671 chore: setting master to v0.38+ Stéphane Lesimple 2018-08-09 14:25:22 +02:00
  • d3481d9524 Add support for the kernel being within a btrfs subvolume (#226) Nathan Parsons 2018-08-09 13:00:35 +01:00
  • 21af561148 bump to v0.38 v0.38 Stéphane Lesimple 2018-08-07 10:55:50 +02:00
  • cb740397f3 feat(arm32): add spectrev1 mitigation detection Stéphane Lesimple 2018-08-01 21:30:13 +02:00
  • 84195689af change: default to --no-explain, use --explain to get detailed mitigation help Stéphane Lesimple 2018-08-04 16:31:41 +02:00
  • b637681fa8 fix: debug output: msg inaccuracy for ARM checks Stéphane Lesimple 2018-08-01 20:40:20 +02:00
  • 9316c30577 fix: armv8: models < 0xd07 are not vulnerable Stéphane Lesimple 2018-08-01 00:31:31 +02:00
  • f9dd9d8cb9 add guess for archlinuxarm aarch64 kernel image on raspberry pi 3 (#222) Lily Wilson 2018-07-31 18:15:52 -04:00
  • 0f0d103a89 fix: correctly init capabilities_ssb_no var in all cases Stéphane Lesimple 2018-07-26 10:18:14 +02:00
  • b262c40541 fix: remove spurious character after an else statement Stéphane Lesimple 2018-07-25 21:55:50 +02:00
  • cc2910fbbc fix: read_cpuid: don't use iflag=skip_bytes for compat with old dd versions Stéphane Lesimple 2018-07-22 20:07:44 +02:00
  • 30c4a1f6d2 arm64: cavium: Add CPU Implementer Cavium (#216) manish jaggi 2018-07-22 22:36:19 +05:30
  • cf06636a3f fix: prometheus output: use printf for proper \n interpretation (#204) Stéphane Lesimple 2018-06-21 23:35:51 +02:00
  • 60077c8d12 fix(arm): rewrite vuln logic from latest arm statement for Cortex A8 to A76 Stéphane Lesimple 2018-06-21 23:24:18 +02:00
  • c181978d7c fix(arm): Updated arm cortex status (#209) Rob Gill 2018-06-16 20:14:39 +10:00
  • 9a6406a9a2 chore: add docker support (#203) Jan 2018-06-14 20:25:35 +02:00
  • 5962d20ba7 fix(variant4): whitelist from common.c::cpu_no_spec_store_bypass (#202) Rob Gill 2018-05-27 23:14:29 +10:00
  • 17a3488505 fix(help): add missing references to variants 3a & 4 (#201) Rob Gill 2018-05-25 00:35:57 +10:00
  • e54e8b3e84 chore: remove warning in README, fix display indentation Stéphane Lesimple 2018-05-24 16:32:53 +02:00
  • 39c778e3ac fix(amd): AMD families 0x15-0x17 non-arch MSRs are a valid way to control SSB Stéphane Lesimple 2018-05-23 23:08:07 +02:00
  • 2cde6e4649 feat(ssbd): add detection of proper CPUID bits on AMD Stéphane Lesimple 2018-05-23 22:50:52 +02:00
  • f4d51e7e53 fix(variant4): add another detection way for Red Hat kernel Stéphane Lesimple 2018-05-23 22:47:54 +02:00
  • 85d46b2799 feat(variant4): add more detailed explanations Stéphane Lesimple 2018-05-23 21:08:58 +02:00
  • 61e02abd0c feat(variant3a): detect up to date microcode Stéphane Lesimple 2018-05-23 21:08:08 +02:00
  • 114756fab7 fix(amd): not vulnerable to variant3a Stéphane Lesimple 2018-05-23 20:38:43 +02:00
  • ea75969eb7 fix(help): Update variant options in usage message (#200) Rob Gill 2018-05-22 23:54:25 +10:00
  • ca391cbfc9 fix(variant2): correctly detect IBRS/IBPB in SLES kernels Stéphane Lesimple 2018-05-22 12:06:46 +02:00
  • 68af5c5f92 feat(variant4): detect SSBD-aware kernel Stéphane Lesimple 2018-05-22 12:05:46 +02:00
  • 19be8f79eb doc: update README with some info about variant3 and variant4 Stéphane Lesimple 2018-05-22 09:43:29 +02:00
  • f75cc0bb6f feat(variant4): add sysfs mitigation hint and some explanation about the vuln Stéphane Lesimple 2018-05-22 09:39:11 +02:00
  • f33d65ff71 feat(variant3a): add information about microcode-sufficient mitigation Stéphane Lesimple 2018-05-22 09:38:29 +02:00
  • 725eaa8bf5 feat(arm): adjust vulnerable ARM CPUs for variant3a and variant4 Stéphane Lesimple 2018-05-22 09:19:29 +02:00
  • c6ee0358d1 feat(variant4): report SSB_NO CPUs as not vulnerable Stéphane Lesimple 2018-05-22 09:18:30 +02:00
  • 22d0b203da fix(ssb_no): rename ssbd_no to ssb_no and fix shift Stéphane Lesimple 2018-05-22 00:38:31 +02:00
  • 3062a8416a fix(msg): add missing words Stéphane Lesimple 2018-05-22 00:10:08 +02:00
  • 6a4318addf feat(variant3a/4): initial support for 2 new CVEs Stéphane Lesimple 2018-05-21 22:01:27 +02:00
  • c19986188f fix(variant2): adjust detection for SLES kernels Stéphane Lesimple 2018-05-19 09:52:51 +02:00
  • 7e4899bcb8 ibrs can't be enabled on no ibrs cpu (#195) Rob Gill 2018-05-17 23:39:48 +10:00
  • 5cc77741af Update spectre-meltdown-checker.sh rrobgill 2018-05-04 07:30:54 +10:00
  • 1c0f6d9580 cpuid and msr module check rrobgill 2018-05-04 07:21:48 +10:00
  • 4acd0f647a Suggestion to change VM to a CPU with IBRS capability Onno Zweers 2018-04-20 11:37:34 +02:00
  • fb52dbe7bf set master branch to v0.37+ Stéphane Lesimple 2018-04-20 20:34:42 +02:00
  • edebe4dcd4 bump to v0.37 v0.37 Stéphane Lesimple 2018-04-18 23:51:45 +02:00
  • 83ea78f523 fix: arm: also detect variant 1 mitigation when using native objdump Stéphane Lesimple 2018-04-17 18:50:32 +02:00
  • 602b68d493 fix(spectrev2): explain that retpoline is possible for Skylake+ if there is RSB filling, even if IBRS is still better Stéphane Lesimple 2018-04-16 09:27:28 +02:00
  • 97bccaa0d7 feat: rephrase IBPB warning when only retpoline is enabled in non-paranoid mode Stéphane Lesimple 2018-04-16 09:13:04 +02:00
  • 68e619b0d3 feat: show RSB filling capability for non-Skylake in verbose mode Stéphane Lesimple 2018-04-16 09:08:25 +02:00
  • a6f4475cee feat: make IBRS_FW blue instead of green Stéphane Lesimple 2018-04-16 09:07:54 +02:00
  • 223f5028df feat: add --paranoid to choose whether we require IBPB Stéphane Lesimple 2018-04-15 23:05:30 +02:00
  • c0108b9690 fix(spectre2): don't explain how to fix when NOT VULNERABLE Stéphane Lesimple 2018-04-15 20:55:55 +02:00
  • a3016134bd feat: make RSB filling support mandatory for Skylake+ CPUs Stéphane Lesimple 2018-04-15 20:55:31 +02:00
  • 59d85b39c9 feat: detect RSB filling capability in the kernel Stéphane Lesimple 2018-04-15 20:55:01 +02:00
  • baaefb0c31 fix: remove shellcheck warnings Stéphane Lesimple 2018-04-11 22:24:03 +02:00
  • d452aca03a fix: invalid bash syntax when ibpb_enabled or ibrs_enabled are empty Igor Lubashev 2018-04-10 18:32:00 -04:00
  • 10b8d94724 feat: detect latest Red Hat kernels' RO ibpb_enabled knob Stéphane Lesimple 2018-04-10 22:09:38 +02:00
  • 8606e60ef7 refactor: no longer display the retoline-aware compiler test when we can't tell for sure Stéphane Lesimple 2018-04-09 20:56:20 +02:00
  • 6a48251647 fix: regression in 51aeae25, when retpoline & ibpb are enabled Stéphane Lesimple 2018-04-09 20:15:45 +02:00
  • f4bf5e95ec fix: typos Stéphane Lesimple 2018-04-08 20:07:43 +02:00
  • 60eac1ad43 feat: also do PTI performance check with (inv)pcid for BSD Stéphane Lesimple 2018-04-08 17:59:02 +02:00
  • b3cc06a6ad fix regression introduced by 82c25dc Stéphane Lesimple 2018-04-08 16:27:57 +02:00
  • 5553576e31 feat(amd/zen): re-introduce IBRS for AMD except ZEN family Stéphane Lesimple 2018-04-08 16:26:06 +02:00
  • e16ad802da feat(ibpb=2): add detection of SMT before concluding the system is not vulnerable Stéphane Lesimple 2018-04-08 16:24:43 +02:00
  • 29c294edff feat(bsd): explain how to mitigate variant2 Stéphane Lesimple 2018-04-08 15:38:58 +02:00
  • 59714011db refactor: IBRS_ALL & RDCL_NO are Intel-only Stéphane Lesimple 2018-04-08 15:08:21 +02:00