peter/spectre-meltdown-checker
peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2025-04-12 01:09:57 +02:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 51e8261a32 refactor: separate hw checks for Intel & AMD Stéphane Lesimple 2018-04-08 14:41:08 +02:00
  • 2a4bfad835 refactor: add is_amd and is_intel funcs Stéphane Lesimple 2018-04-08 13:02:43 +02:00
  • 7e52cea66e feat(spectre2): refined how status of this vuln is decided and more precise explanations on how to fix Stéphane Lesimple 2018-04-07 18:04:06 +02:00
  • 417d7aab91 Fix trailing whitespace and mixed indent styles; Benjamin Bouvier 2018-04-08 21:14:18 +02:00
  • 67bf761029 Fix some user facing typos with codespell -w -q3 . Sylvestre Ledru 2018-04-08 17:56:55 +02:00
  • 0eabd266ad refactor: decrease default verbosity for some tests Stéphane Lesimple 2018-04-05 22:20:16 +02:00
  • b77fb0f226 fix: don't override ibrs/ibpb results with later tests Stéphane Lesimple 2018-04-05 22:04:20 +02:00
  • 89c2e0fb21 fix(amd): show cpuinfo and ucode details Stéphane Lesimple 2018-04-05 21:39:27 +02:00
  • b88f32ed95 feat: print raw cpuid, and fetch ucode version under BSD Stéphane Lesimple 2018-04-05 00:07:12 +02:00
  • 7a4ebe8009 refactor: rewrite read_cpuid to get more common code parts between BSD and Linux Stéphane Lesimple 2018-04-05 00:06:24 +02:00
  • 0919f5c236 feat: add explanations of what to do when a vulnerability is not mitigated Stéphane Lesimple 2018-04-05 00:03:04 +02:00
  • de02dad909 feat: rework Spectre V2 mitigations detection w/ latest vanilla & Red Hat 7 kernels Stéphane Lesimple 2018-04-05 00:00:07 +02:00
  • 07484d0ea7 add dump of variables at end of script in debug mode Stéphane Lesimple 2018-04-04 23:58:15 +02:00
  • a8b557b9e2 fix(cpu): skip CPU checks if asked to (--no-hw) or if inspecting a kernel of another architecture Stéphane Lesimple 2018-04-03 19:34:24 +02:00
  • 619b2749d8 fix(sysfs): only check for sysfs for spectre2 when in live mode Stéphane Lesimple 2018-04-03 19:32:36 +02:00
  • 94857c983d update readme Stéphane Lesimple 2018-04-03 14:48:47 +02:00
  • 056ed00baa feat(arm): detect spectre variant 1 mitigation Stéphane Lesimple 2018-04-03 15:52:25 +02:00
  • aef99d20f3 fix(pti): when PTI activation is unknown, don't say we're vulnerable Stéphane Lesimple 2018-04-03 12:45:17 +02:00
  • e2d7ed2243 feat(arm): support for variant2 and meltdown mitigation detection Stéphane Lesimple 2018-03-27 20:55:13 +02:00
  • eeaeff8ec3 set version to v0.36+ for master branch between releases Stéphane Lesimple 2018-04-01 17:45:01 +02:00
  • f5269a362a feat(bsd): add retpoline detection for BSD Stéphane Lesimple 2018-04-01 17:29:12 +02:00
  • f3883a37a0 fix(xen): adjust message for DomUs w/ sysfs Stéphane Lesimple 2018-03-31 13:44:04 +02:00
  • b6fd69a022 release: v0.36 v0.36 Stéphane Lesimple 2018-03-27 23:08:38 +02:00
  • 7adb7661f3 enh: change colors and use red only to report vulnerability Stéphane Lesimple 2018-03-25 18:13:02 +02:00
  • c7892e3399 update README.md Stéphane Lesimple 2018-03-25 14:17:21 +02:00
  • aa74315df4 feat: speed up kernel version detection Stéphane Lesimple 2018-03-25 13:42:06 +02:00
  • 0b8a09ec70 fix: mis adjustments for BSD compat Stéphane Lesimple 2018-03-25 13:26:00 +02:00
  • b42d8f2f27 fix(write_msr): use /dev/zero instead of manually echoing zeroes Stéphane Lesimple 2018-03-25 12:53:50 +02:00
  • f191ec7884 feat: add --hw-only to only show CPU microcode/cpuid/msr details Stéphane Lesimple 2018-03-25 12:48:37 +02:00
  • 28da7a0103 misc: message clarifications Stéphane Lesimple 2018-03-25 12:27:40 +02:00
  • ece25b98a1 feat: implement support for NetBSD/FreeBSD/DragonFlyBSD Stéphane Lesimple 2018-03-25 12:23:46 +02:00
  • 889172dbb1 feat: add special extract_vmlinux mode for old RHEL kernels Stéphane Lesimple 2018-03-24 23:58:13 +01:00
  • 37ce032888 fix: bypass MSR/CPUID checks for non-x86 CPUs Stéphane Lesimple 2018-03-17 16:13:37 +01:00
  • 701cf882ad feat: more robust validation of extracted kernel image Stéphane Lesimple 2018-03-17 16:02:11 +01:00
  • 6a94c3f158 feat(extract_vmlinux): look for ELF magic in decompressed blob and cut at found offset Stéphane Lesimple 2018-03-17 13:34:53 +01:00
  • 2d993812ab feat: add --prefix-arch for cross-arch kernel inspection Stéphane Lesimple 2018-03-17 13:17:10 +01:00
  • 4961f8327f fix(ucode): fix blacklist detection for some ucode versions Stéphane Lesimple 2018-03-16 14:33:52 +01:00
  • ecdc448531 Check MSR in each CPU/Thread (#136) Alex 2018-03-17 09:17:15 -07:00
  • 12ea49fe0c fix(kvm): properly detect PVHVM mode (fixes #163) Stéphane Lesimple 2018-03-16 18:29:58 +01:00
  • 053f1613de fix(doc): use https:// URLs in the script comment header Stéphane Lesimple 2018-03-16 18:24:59 +01:00
  • bda18d04a0 fix: pine64: re-add vmlinuz location and some error checks Stéphane Lesimple 2018-03-10 16:02:44 +01:00
  • 2551295541 doc: use https URLs Stéphane Lesimple 2018-03-10 15:20:07 +01:00
  • d5832dc1dc feat: add ELF magic detection on kernel image blob for some arm64 systems Stéphane Lesimple 2018-03-10 14:57:01 +01:00
  • d2f46740e9 feat: enhance kernel image version detection for some old kernels Stéphane Lesimple 2018-03-10 14:56:10 +01:00
  • 2f6a6554a2 Produce output for consumption by prometheus-node-exporter Sam Morris 2018-02-25 15:51:42 +00:00
  • 30842dd9c0 release: bump to v0.35 v0.35 Stéphane Lesimple 2018-02-16 10:35:49 +01:00
  • b4ac5fcbe3 feat(variant2): better explanation when kernel supports IBRS but CPU does not Stéphane Lesimple 2018-02-16 10:34:01 +01:00
  • fef380d66f feat(readme): add quick run section Stéphane Lesimple 2018-02-15 20:50:37 +01:00
  • 55a6fd3911 feat(variant1): better detection for Red Hat/Ubuntu patch Stéphane Lesimple 2018-02-13 21:25:14 +01:00
  • 35c8a63de6 Remove the color in the title Sylvestre Ledru 2018-02-12 18:13:44 +01:00
  • 5f914e555e fix(xen): declare Xen's PTI patch as a valid mitigation for variant3 Stéphane Lesimple 2018-02-14 14:24:55 +01:00
  • 66dce2c158 fix(ucode): update blacklisted ucodes list from latest Intel info Stéphane Lesimple 2018-02-14 14:13:59 +01:00
  • 155cac2102 Teach checker how to find kernels installed by systemd kernel-install Calvin Walton 2018-02-09 20:01:23 -05:00
  • 22cae605e1 fix(retpoline): remove the "retpoline enabled" test Stéphane Lesimple 2018-02-09 20:12:33 +01:00
  • eb75e51975 fix(ucode): update list of blacklisted ucodes from 2018-02-08 Intel document Stéphane Lesimple 2018-02-09 19:54:34 +01:00
  • 253e180807 Update spectre-meltdown-checker.sh 積丹尼 Dan Jacobson 2018-02-05 00:01:35 +08:00
  • 5d6102a00e enh: show kernel version in offline mode Stéphane Lesimple 2018-02-02 11:27:04 +01:00
  • a2dfca671e feat: detect disrepancy between found kernel image and running kernel Stéphane Lesimple 2018-02-02 11:13:54 +01:00
  • 36bd80d75f enh: speedup by not decompressing kernel on --sysfs-only Stéphane Lesimple 2018-02-02 11:13:31 +01:00
  • 1834dd6201 feat: add skylake era cpu detection routine Stéphane Lesimple 2018-02-02 11:12:10 +01:00
  • 3d765bc703 enh: lazy loading of cpu informations Stéphane Lesimple 2018-02-02 11:10:36 +01:00
  • 07afd95b63 feat: better cleanup routine on exit & interrupt Stéphane Lesimple 2018-02-02 11:09:36 +01:00
  • b7a10126d1 fix: ARM CPU display name & detection Stéphane Lesimple 2018-02-02 11:00:23 +01:00
  • 6346a0deaa fix: --no-color workaround for android's sed Stéphane Lesimple 2018-02-02 10:59:49 +01:00
  • 8106f91981 release: bump to v0.34 v0.34 Stéphane Lesimple 2018-01-31 16:28:54 +01:00
  • b1fdf88f28 enh: display ucode info even when not blacklisted Stéphane Lesimple 2018-01-31 16:21:32 +01:00
  • 4d29607630 cleanup: shellcheck pass Stéphane Lesimple 2018-01-31 14:58:54 +01:00
  • 0267659adc cleanup: remove superseded atom detection code Stéphane Lesimple 2018-01-31 14:55:58 +01:00
  • 247b176882 feat: detect known speculative-execution free CPUs Stéphane Lesimple 2018-01-31 14:21:29 +01:00
  • bcae8824ec refacto: create a dedicated func to read cpuid bits Stéphane Lesimple 2018-01-31 13:54:59 +01:00
  • 71e7109c22 refacto: move cpu discovery bits to a dedicated function Stéphane Lesimple 2018-01-31 13:00:58 +01:00
  • aa18b51e1c fix(variant1): smarter lfence check Stéphane Lesimple 2018-01-30 22:59:44 +01:00
  • b738ac4bd7 fix: regression introduced by previous commit Stéphane Lesimple 2018-01-31 12:13:50 +01:00
  • 799ce3eb30 update blacklisted ucode list from kernel source Stéphane Lesimple 2018-01-31 11:23:30 +01:00
  • f1e18c136f doc(disclaimer): Spectre affects all software Stéphane Lesimple 2018-01-30 14:33:30 +01:00
  • e05ec5c85f feat(variant1): detect vanilla mitigation Stéphane Lesimple 2018-01-30 12:13:39 +01:00
  • 6e544d6055 fix(cpu): Pentium Exxxx are vulnerable to Meltdown Stéphane Lesimple 2018-01-29 11:18:15 +01:00
  • 90a65965ff adjust: show how to enable IBRS/IBPB in -v only Stéphane Lesimple 2018-01-29 11:06:15 +01:00
  • 9b53635eda refacto: fix shellcheck warnings for better compat Stéphane Lesimple 2018-01-29 10:29:48 +01:00
  • 7404929661 Fix printing of microcode to use cpuinfo values Joseph Mulloy 2018-01-26 10:44:44 -05:00
  • bf46fd5d9b update: new screenshots for README.md Stéphane Lesimple 2018-01-26 15:13:07 +01:00
  • 0798bd4c5b fix: report arch_capabilities as NO when no MSR Stéphane Lesimple 2018-01-26 14:55:01 +01:00
  • 42094c4f8b release: v0.33 v0.33 Stéphane Lesimple 2018-01-26 14:20:29 +01:00
  • 03d2dfe008 feat: add blacklisted Intel ucode detection Stéphane Lesimple 2018-01-26 12:58:07 +01:00
  • 9f00ffa5af fix: fallback to UNKNOWN when we get -EACCES Stéphane Lesimple 2018-01-26 14:16:34 +01:00
  • 7f0d80b305 xen: detect if the host is a Xen Dom0 or PV DomU (fixes #83) Matthieu Cerda 2018-01-24 17:14:04 +01:00
  • d1c1f0f0f0 fix(batch): fix regression introduced by acf12a6 Stéphane Lesimple 2018-01-24 17:55:36 +01:00
  • acf12a6d2d feat(cpu) add STIBP, RDCL_NO, IBRS_ALL checks Stéphane Lesimple 2018-01-24 14:44:16 +01:00
  • b45e40bec8 feat(stibp): add STIBP cpuid feature check Stéphane Lesimple 2018-01-24 12:19:02 +01:00
  • 3c1d452c99 fix(cpuid): fix off-by-one SPEC_CTRL bit check Stéphane Lesimple 2018-01-24 12:18:56 +01:00
  • 53b9eda040 fix: don't make IBPB mandatory when it's not there Stéphane Lesimple 2018-01-24 08:53:33 +01:00
  • 3b0ec998b1 fix(cosmetic): tiny msg fixes Stéphane Lesimple 2018-01-23 20:25:24 +01:00
  • d55bafde19 fix(cpu): trust is_cpu_vulnerable even w/ debugfs Stéphane Lesimple 2018-01-22 11:00:54 +01:00
  • 147462c0ab fix(variant3): do our checks even if sysfs is here Stéphane Lesimple 2018-01-22 10:56:24 +01:00
  • ddc7197b86 fix(retpoline): retpoline-compiler detection Stéphane Lesimple 2018-01-22 10:48:48 +01:00
  • e7aa3b9d16 feat(retpoline): check if retpoline is enabled Stéphane Lesimple 2018-01-21 18:07:25 +01:00
  • ff5c92fa6f feat(sysfs): print details even with sysfs Stéphane Lesimple 2018-01-21 18:02:11 +01:00
  • 443d9a2ae9 feat(ibpb): now also check for IBPB on variant 2 Stéphane Lesimple 2018-01-21 13:48:05 +01:00
  • 3e454f1817 fix(offline): report unknown when too few info Stéphane Lesimple 2018-01-23 22:20:34 +01:00
  • c8a25c5d97 feat: detect invalid kconfig files Stéphane Lesimple 2018-01-23 21:48:19 +01:00