Commit Graph

  • 497efe6a82 fix(l1tf): RDCL_NO bit didn't take precedence for vulnerability check on some Intel CPUs Stéphane Lesimple 2019-05-23 14:23:11 +0200
  • aa49dda54b enh(mock): avoid reading the sysfs interface outside sys_interface_check() for higher mocking coverage #287 Stéphane Lesimple 2019-05-23 14:27:50 +0200
  • f38030dd76 feat(mock): add mocking functionality to help reproducing issues under specific CPUs Stéphane Lesimple 2019-05-23 14:26:40 +0200
  • 9aba9a2e2b fix(mds): check MDS_NO bit in is_cpu_mds_free() Stéphane Lesimple 2019-05-23 14:25:13 +0200
  • 09a30514b3 fix(l1tf): RDCL_NO bit didn't take precedence for vulnerability check on some Intel CPUs Stéphane Lesimple 2019-05-23 14:23:11 +0200
  • 62b46df4e7 fix(l1tf): remove libvirtd from hypervisor detection (#278) Stéphane Lesimple 2019-05-18 14:22:42 +0200
  • f5775e2317 Added support for MDS related vulnerabilities #362 #299 #282 Agata Gruza 2019-04-26 10:03:11 -0700
  • 7d1f269bed fix(mds): AMD confirms they're not vulnerable Stéphane Lesimple 2019-05-16 11:31:28 +0200
  • 4f9ca803c8 Fix help text (#285) Erich Ritz 2019-05-15 10:34:51 -0700
  • 034763062a Add new variants to error message #285 Erich Ritz 2019-05-15 08:56:54 -0700
  • 1a65a6dcfb fix --help message Erich Ritz 2019-05-15 08:43:43 -0700
  • 5788cec18b fix(mds): ARM and CAVIUM are not thought to be vulnerable Stéphane Lesimple 2019-05-15 10:56:49 +0200
  • ae56ec0bc5 bump to v0.41 v0.41 Stéphane Lesimple 2019-05-15 09:57:28 +0200
  • 871443c9db fix typos in README Stéphane Lesimple 2019-05-15 00:28:55 +0200
  • 8fd4e3ab01 fix(xen): remove xenbus and xenwatch as they also exist in domU Stéphane Lesimple 2019-05-15 00:23:05 +0200
  • de793a7204 feat(mds): more verbose info about kernel support and microcode support for mitigation Stéphane Lesimple 2019-05-15 00:21:08 +0200
  • 11790027d3 feat(mds): add alias ZombieLoad for CVE-2018-12130 Stéphane Lesimple 2019-05-14 21:42:36 +0200
  • 5939c38c5c update mcedb from v109 to v110 to better detect MDS microcodes Stéphane Lesimple 2019-05-14 20:31:27 +0200
  • db7d3206fd feat(mds): add detection of availability of MD_CLEAR instruction Stéphane Lesimple 2019-05-14 20:30:47 +0200
  • 1d13a423b8 adjust README Stéphane Lesimple 2019-05-14 20:16:01 +0200
  • 8e870db4f5 Added support for MDS related vulnerabilities (#282) Agata Gruza 2019-05-14 10:21:20 -0700
  • d547ce4ab4 fix(ssb): fix error when no process uses prctl to set ssb mitigation Stéphane Lesimple 2019-05-13 15:35:58 +0200
  • d187827841 enh(vmm): add Xen daemons detection Stéphane Lesimple 2019-05-08 20:44:54 +0200
  • 2e304ec617 enh(xen): improvements for xen systems (#270) Hans-Joachim Kliemeck 2019-05-07 20:35:52 +0200
  • fcc04437e8 update builtin MCEdb from v96 to v109 Stéphane Lesimple 2019-05-07 20:29:59 +0200
  • 31540c4912
    Merge branch 'master' into xen #270 Stéphane Lesimple 2019-05-07 20:23:29 +0200
  • d31a9810e6 enhance previous commit logic Stéphane Lesimple 2019-05-05 20:09:53 +0200
  • 4edb867def fix(vmm): revert to checking the running processes to detect a hypervisor Stéphane Lesimple 2019-05-05 19:57:59 +0200
  • 1264b1c7a3 chore: more shellcheck 0.6 fixes Stéphane Lesimple 2019-05-05 18:34:09 +0200
  • 7beca1ac50 fix: invalid names in json batch mode (fixes #279) Stéphane Lesimple 2019-05-05 18:15:41 +0200
  • 8ad10e15d3 chore: Comply with Shellcheck SC2209 (#280) David 2019-05-05 17:31:18 +0200
  • 73dfe81527 Comply with Shellcheck SC2209 #280 David Marzal 2019-05-05 11:39:35 +0200
  • bfa4de96e6 enh(l1tf): in paranoid mode, assume we're running a hypervisor unless stated otherwise Stéphane Lesimple 2019-04-21 14:03:48 +0200
  • b022b27a51 feat(ssbd): in live mode, report whether the mitigation is active (fix #210) Stéphane Lesimple 2019-04-20 20:27:45 +0200
  • c4bae6ee6a IBRS kernel reported active even if sysfs has "IBRS_FW" only (#275) (#276) Dario Faggioli 2019-04-20 14:04:29 +0200
  • 23e7db044e fix(bsd): load vmm if not already loaded, fixes #274 Stéphane Lesimple 2019-04-19 19:47:04 +0200
  • e1a2cae2c0 L1TF/Linux: detect SMT via sysfs #277 Dario Faggioli 2019-04-19 14:30:10 +0200
  • 26a5fe018a L1TF/Linux: fix Mitigtion 2 against `--sysfs` options Dario Faggioli 2019-04-18 18:18:40 +0200
  • 5e35f0a711 L1TF/Linux: fix EPT on/off detection against sysfs Dario Faggioli 2019-04-18 17:54:27 +0200
  • 0421aea53f L1TF/Linux: More fixes to /sys based hypervisor detection Dario Faggioli 2019-04-18 17:02:37 +0200
  • e819a27939 L1TF/Linux: detect "running an hypervisor" via lsmod Dario Faggioli 2019-04-19 15:05:00 +0200
  • 5e83e2cfa4 L1TF/Linux: Fix "running an hypervisor" detection via sysfs Dario Faggioli 2019-04-18 17:22:44 +0200
  • 2cfae92cb0 L1TF/Linux: remove dead code, fix --sysfs-only bug Dario Faggioli 2019-04-18 18:08:22 +0200
  • 9065624ea0 IBRS kernel reported active even if sysfs has "IBRS_FW" only (#275) #276 Dario Faggioli 2019-04-18 12:22:55 +0200
  • fc4981bb94 update MCEDB from v84 to v96 Stéphane Lesimple 2019-01-20 19:52:46 +0100
  • 419508758e add spectre and meltdown mitigation technologies checking for Hygon CPU (#271) Dajiang Zhong 2019-01-21 02:32:36 +0800
  • a910a94a30
    test for procfs before reading #272 Rob Gill 2018-12-27 12:43:09 +0000
  • 3bfab0f8dd update microarhitecture name for Hygon CPU family 24 with moksha #271 dajiang 2018-12-26 10:21:57 +0800
  • 1d02407a7f add spectre and meltdown mitigation technologies checking for Hygon CPU dajiang 2018-12-25 18:12:48 +0800
  • af3271df4c add xen support for meltdown Hans-Joachim Kliemeck 2018-12-16 22:08:40 +0100
  • 8b01194630 fix issue with empty result Hans-Joachim Kliemeck 2018-12-16 21:00:44 +0100
  • 486bab7a1e fix issue with empty result Hans-Joachim Kliemeck 2018-12-16 20:56:46 +0100
  • fd462040b3 add information for hardware mitigation Hans-Joachim Kliemeck 2018-12-16 19:46:08 +0100
  • ec44abf43c corrected colors for partial mitigation Hans-Joachim Kliemeck 2018-12-16 15:14:33 +0100
  • 42455a9424 different return value Hans-Joachim Kliemeck 2018-12-16 15:09:25 +0100
  • 4ee2230071 proper return value Hans-Joachim Kliemeck 2018-12-16 13:12:32 +0100
  • a266165bad add mitigation detection for l1tf for xen based systems Hans-Joachim Kliemeck 2018-12-15 20:45:37 +0100
  • d7d2e6934b fix: typo in bare metal detection (fixes #269) Stéphane Lesimple 2018-12-12 00:24:17 +0100
  • b0083d918e Remove unneeded volumes in Dockerfile (#266) Jan 2018-12-10 19:42:13 +0100
  • 904a83c675 Fix Arch kernel image detection (#268) Lily Wilson 2018-12-10 13:36:58 -0500
  • 906f54cf9d Improved hypervisor detection (#259) Rob Gill 2018-12-11 04:33:07 +1000
  • b946358124 Fix Arch kernel image detection #268 Lily Wilson 2018-12-09 08:58:54 -0500
  • 8014715e71 Remove unneeded volumes in Dockerfile #266 Jan Kunzmann 2018-11-30 11:51:27 +0100
  • c45a06f414 Warn on missing kernel info (#265) Brett T. Warden 2018-11-25 09:37:03 -0800
  • 4a6fa070a4 Fix misdetection of files under Clear Linux (#264) Brett T. Warden 2018-11-25 09:14:04 -0800
  • 954d0f6b24 Warn on missing kernel info #265 Brett T. Warden 2018-11-16 12:39:52 -0800
  • 44fb9119d1 Fix misdetection of files under Clear Linux #264 Brett T. Warden 2018-11-16 12:25:00 -0800
  • ace88aa7fe standart syntax Shell to 4 spaces not TAB spaces #262 Karen Lauren 2018-11-11 11:11:49 -0500
  • 00a42c8224
    typo #259 Rob Gill 2018-10-31 15:39:15 +1000
  • 2d3341f569
    chore: update readme with brief summary of L1tfs Rob Gill 2018-10-31 15:38:22 +1000
  • ad2b89c1f2
    Fix unset $l1d_mode Rob Gill 2018-10-31 10:12:03 +1000
  • 47f8f672a3
    Update Intel Atom 6 cpu names to align with kernel Rob Gill 2018-10-28 18:37:37 +1000
  • af84646b79 Set $l1d_mode to -1 in cases where cpu/vulnerabilities/l1tf is not available Rob Gill 2018-10-28 10:57:01 +1000
  • 36d31e5d73 formatting fix Rob Gill 2018-10-28 10:15:45 +1000
  • b53400f8ec Improved hypervisor detection Rob Gill 2018-10-28 10:10:59 +1000
  • 025855326e
    Merge pull request #2 from speed47/master Rob Gill 2018-10-28 07:51:12 +1000
  • c705afe764 bump to v0.40 v0.40 Stéphane Lesimple 2018-10-03 20:56:46 +0200
  • 401ccd4b14 Correct aarch64 KPTI dmesg message Stanislav Kholmanskikh 2018-08-29 05:40:52 -0700
  • 55120839dd Fix a typo in check_variant3_linux() Stanislav Kholmanskikh 2018-08-28 04:35:44 -0700
  • f5106b3c02 update MCEDB from v83 to v84 (no actual change) Stéphane Lesimple 2018-09-30 16:57:35 +0200
  • 68289dae1e feat: add --update-builtin-mcedb to update the DB inside the script Stéphane Lesimple 2018-09-30 16:56:58 +0200
  • 3b2d529654 feat(l1tf): read & report ARCH_CAPABILITIES bit 3 (SKIP_VMENTRY_L1DFLUSH) Stéphane Lesimple 2018-09-29 13:16:07 +0200
  • cbb18cb6b6 fix(l1tf): properly detect status under Red Hat/CentOS kernels Stéphane Lesimple 2018-09-29 13:00:42 +0200
  • 299103a3ae some fixes when script is not started as root Stéphane Lesimple 2018-09-24 20:25:52 +0200
  • dc5402b349 chore: speed optimization of hw check and indentation fixes Stéphane Lesimple 2018-09-24 20:05:41 +0200
  • 90c2ae5de2 feat: use the MCExtractor DB as the reference for the microcode versions Stéphane Lesimple 2018-09-23 17:29:14 +0200
  • 53d6a44754 Fix detection of CVE-2018-3615 (L1TF_SGX) (#253) Michael Lass 2018-09-29 11:35:10 +0200
  • 61ad5d56e7
    Code consistency Rob Gill 2018-09-29 15:44:29 +1000
  • 664fb7662f
    Merge pull request #1 from speed47/master Rob Gill 2018-09-29 14:12:54 +1000
  • be9a32bafe Fix detection of CVE-2018-3615 #253 Michael Laß 2018-09-26 22:44:46 +0200
  • 745a71c1bc Add another location of Arch Linux ARM kernel Michael Laß 2018-09-26 22:44:46 +0200
  • 297d890ce9 fix ucode version check regression introduced by fbbb19f under BSD Stéphane Lesimple 2018-09-23 15:00:39 +0200
  • 0252e74f94 feat(bsd): implement CVE-2018-3620 and CVE-2018-3646 mitigation detection Stéphane Lesimple 2018-09-22 12:26:48 +0200
  • fbbb19f244 Fix cases where a CPU ucode version is not found in $procfs/cpuinfo. (#246) Nicolas Sauzede 2018-09-19 22:00:59 +0200
  • ef1578283c Double quote to prevent globbing and word splitting. #246 Nicolas Sauzede 2018-09-19 10:14:53 +0200
  • c090439fe5 Fix cases where a CPU ucode version is not found in $procfs/cpuinfo. Nicolas Sauzede 2018-09-10 10:11:00 +0200
  • 1571a56ce2 feat: add L1D flush cpuid feature bit detection Stéphane Lesimple 2018-09-19 09:05:23 +0200
  • 3cf9141601 fix: don't display summary if no CVE was tested (e.g. --hw-only) Stéphane Lesimple 2018-09-19 09:04:52 +0200
  • bff38f1b26 BSD: add not-implemented-yet notice for Foreshadow-NG Stéphane Lesimple 2018-09-18 22:06:01 +0200
  • b419fe7c63 feat(variant4): properly detect SSBD under BSD Stéphane Lesimple 2018-09-18 22:00:32 +0200