peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-06-04 13:43:05 +02:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • a343bccb49 bump to v0.43 v0.43 Stéphane Lesimple 2019-12-08 15:25:20 +01:00
  • 1f604c119b fix var typo Stéphane Lesimple 2019-12-08 15:25:54 +01:00
  • bfed3187a6 fix: variant3a: Silvermont CPUs are not vulnerable to variant 3a Stéphane Lesimple 2019-11-24 20:19:21 +01:00
  • 0cd7e1164f feat: detect vanilla 5.4+ locked down mode Stéphane Lesimple 2019-12-06 23:03:36 +01:00
  • 71129d6b48 fix: tsx: rtm feature bit is in EBX(11) Stéphane Lesimple 2019-12-02 19:07:10 +01:00
  • 6e799e8b01 fix: mcepsc: fix logic error on non-speculative CPUs that prevented detection of MCEPSC immunity Stéphane Lesimple 2019-11-25 23:03:04 +01:00
  • 4993b04922 fix: taa: CPUs having TAA_NO bit set are not vulnerable Stéphane Lesimple 2019-11-25 21:14:54 +01:00
  • 4fc2afe1bc feat: add TSX_CTRL MSR detection in hardware info Stéphane Lesimple 2019-11-25 20:58:49 +01:00
  • bd47275501 feat: add detection of iTLB Multihit vuln/mitigation (CVE-2018-12207) Stéphane Lesimple 2019-11-24 19:25:56 +01:00
  • 8ddf6b2d6d enh: replace shell wildcard by a find to avoid potiental error (list of args too long) Stéphane Lesimple 2019-11-24 16:47:53 +01:00
  • 16b6490ffc chore: avoid ${var:-]} syntax, badly confusing vim's syntax highlighter Stéphane Lesimple 2019-11-23 16:02:00 +01:00
  • 18df38fae6 fix: sgx: on locked down kernels, fallback to CPUID bit for detection Stéphane Lesimple 2019-11-24 17:21:20 +01:00
  • a306757c22 fix: detect Red Hat locked down kernels (impacts MSR writes) Stéphane Lesimple 2019-09-22 00:45:02 +02:00
  • e01f97ee75 fix: fwdb: don't use local db if it's older than our builtin version Stéphane Lesimple 2019-11-23 22:02:49 +01:00
  • fa7f814f4f chore: rename mcedb cmdline parameters to fwdb Stéphane Lesimple 2019-11-23 13:39:51 +01:00
  • bb32a16a86 update fwdb to v130.20191104+i20191027 Stéphane Lesimple 2019-11-23 13:33:55 +01:00
  • 8c84c0ba17 enh: fwdb: use both Intel GitHub repo and MCEdb to build our database Stéphane Lesimple 2019-11-23 12:39:59 +01:00
  • 6abe1bc62b enh: kernel decompression: better tolerance over missing tools Stéphane Lesimple 2019-11-23 16:28:08 +01:00
  • 5ca7fe91ff fix: pteinv: don't check kernel image if not available Stéphane Lesimple 2019-11-23 14:01:56 +01:00
  • 4ba68fba74 fix: silence useless error from grep (fixes #322) Stéphane Lesimple 2019-11-23 13:51:00 +01:00
  • 59ad312773 fix: msr: fix msr module detection under Ubuntu 19.10 (fixes #316) Stéphane Lesimple 2019-11-19 22:35:08 +01:00
  • 418533c47e chore: remove LICENSE file, SPDX id is enough Stéphane Lesimple 2019-11-18 20:26:38 +01:00
  • 3e757b6177 chore: add github check workflow Stéphane Lesimple 2019-11-18 10:48:52 -08:00
  • f724f94085 enh: kernel: autodetect customized arch kernels from cmdline Stéphane Lesimple 2019-11-17 18:36:57 +01:00
  • dcf540888d enh: mock: implement reading from /proc/cmdline Stéphane Lesimple 2019-11-17 18:36:08 +01:00
  • 9911c243b2 feat: use --live with --kernel/--config/--map to override file detection in live mode Stéphane Lesimple 2019-11-17 14:29:32 +01:00
  • cb279a49ec enh(taa): more complete version Stéphane Lesimple 2019-11-13 01:07:10 +01:00
  • c100ce4c0d mcedb: update from v112 to v130 Stéphane Lesimple 2019-11-12 21:19:03 +01:00
  • 4741b06160 fix: batch mode for TAA Stéphane Lesimple 2019-11-12 21:16:21 +01:00
  • e0a1c2ec77 fix shellcheck warnings Stéphane Lesimple 2019-11-12 20:06:12 +01:00
  • c18b88d745 Fixing typo Agata Gruza 2019-11-12 09:34:43 -08:00
  • d623524342 Added support for TAA related vulnerabilities Agata Gruza 2019-11-12 09:30:36 -08:00
  • f5ec320fe5 enh: rework the vuln logic of MDS with --paranoid (fixes #307) Stéphane Lesimple 2019-09-22 04:02:22 +02:00
  • cc224c0522 fix: mocking value for read_msr Stéphane Lesimple 2019-09-21 18:50:08 +02:00
  • 0518604fe6 Use kernel_err to avoid misreporting missing Linux kernel image Corey Wright 2019-06-29 19:56:11 -05:00
  • d57fecec91 spectre-meltdown-checker.sh: fix typos Erik Zettel 2019-09-19 12:06:04 +02:00
  • f835f4d07d Explain that Enhanced IBRS is better for performance than classic IBRS Stéphane Lesimple 2019-08-14 12:42:27 +02:00
  • 482d6c200a Enhanced IBRS capabilities There are two flavors of IBRS: plain and enhanced. This patch tells which flavor of IBRS is in use. Agata Gruza 2019-07-29 16:56:54 -07:00
  • 91d0699029 update MCEdb from v111 to v112 David Guglielmi 2019-05-29 14:55:08 +02:00
  • fcc4ff4de2 update MCEdb from v110 to v111, bump to v0.42 v0.42 Stéphane Lesimple 2019-05-24 22:49:45 +02:00
  • 0bd38ddda0 enh: -v -v now implies --dump-mock-data Stéphane Lesimple 2019-05-24 11:36:39 +02:00
  • e83dc818cd feat(mds): implement FreeBSD mitigation detection Stéphane Lesimple 2019-05-15 20:45:28 +02:00
  • d69ea67101 feat(mock): add --dump-mock-data Stéphane Lesimple 2019-05-24 10:15:02 +02:00
  • dfe0d10f2a fix(mds): remove useless display of MD_CLEAR info in non-hw section Stéphane Lesimple 2019-05-24 10:20:48 +02:00
  • 58a5acfdbb fix(bsd): read_msr returned data in an incorrect format Stéphane Lesimple 2019-05-24 09:33:42 +02:00
  • ccb4dbef7c enh(mock): avoid reading the sysfs interface outside sys_interface_check() for higher mocking coverage Stéphane Lesimple 2019-05-23 14:27:50 +02:00
  • afbb26277f feat(mock): add mocking functionality to help reproducing issues under specific CPUs Stéphane Lesimple 2019-05-23 14:26:40 +02:00
  • 77b34d48c6 fix(mds): check MDS_NO bit in is_cpu_mds_free() Stéphane Lesimple 2019-05-23 14:25:13 +02:00
  • 497efe6a82 fix(l1tf): RDCL_NO bit didn't take precedence for vulnerability check on some Intel CPUs Stéphane Lesimple 2019-05-23 14:23:11 +02:00
  • 62b46df4e7 fix(l1tf): remove libvirtd from hypervisor detection (#278) Stéphane Lesimple 2019-05-18 14:22:42 +02:00
  • 7d1f269bed fix(mds): AMD confirms they're not vulnerable Stéphane Lesimple 2019-05-16 11:31:28 +02:00
  • 4f9ca803c8 Fix help text (#285) Erich Ritz 2019-05-15 10:34:51 -07:00
  • 5788cec18b fix(mds): ARM and CAVIUM are not thought to be vulnerable Stéphane Lesimple 2019-05-15 10:56:49 +02:00
  • ae56ec0bc5 bump to v0.41 v0.41 Stéphane Lesimple 2019-05-15 09:57:28 +02:00
  • 871443c9db fix typos in README Stéphane Lesimple 2019-05-15 00:28:55 +02:00
  • 8fd4e3ab01 fix(xen): remove xenbus and xenwatch as they also exist in domU Stéphane Lesimple 2019-05-15 00:23:05 +02:00
  • de793a7204 feat(mds): more verbose info about kernel support and microcode support for mitigation Stéphane Lesimple 2019-05-15 00:21:08 +02:00
  • 11790027d3 feat(mds): add alias ZombieLoad for CVE-2018-12130 Stéphane Lesimple 2019-05-14 21:42:36 +02:00
  • 5939c38c5c update mcedb from v109 to v110 to better detect MDS microcodes Stéphane Lesimple 2019-05-14 20:31:27 +02:00
  • db7d3206fd feat(mds): add detection of availability of MD_CLEAR instruction Stéphane Lesimple 2019-05-14 20:30:47 +02:00
  • 1d13a423b8 adjust README Stéphane Lesimple 2019-05-14 20:16:01 +02:00
  • 8e870db4f5 Added support for MDS related vulnerabilities (#282) Agata Gruza 2019-05-14 10:21:20 -07:00
  • d547ce4ab4 fix(ssb): fix error when no process uses prctl to set ssb mitigation Stéphane Lesimple 2019-05-13 15:35:58 +02:00
  • d187827841 enh(vmm): add Xen daemons detection Stéphane Lesimple 2019-05-08 20:44:54 +02:00
  • 2e304ec617 enh(xen): improvements for xen systems (#270) Hans-Joachim Kliemeck 2019-05-07 20:35:52 +02:00
  • fcc04437e8 update builtin MCEdb from v96 to v109 Stéphane Lesimple 2019-05-07 20:29:59 +02:00
  • d31a9810e6 enhance previous commit logic Stéphane Lesimple 2019-05-05 20:09:53 +02:00
  • 4edb867def fix(vmm): revert to checking the running processes to detect a hypervisor Stéphane Lesimple 2019-05-05 19:57:59 +02:00
  • 1264b1c7a3 chore: more shellcheck 0.6 fixes Stéphane Lesimple 2019-05-05 18:34:09 +02:00
  • 7beca1ac50 fix: invalid names in json batch mode (fixes #279) Stéphane Lesimple 2019-05-05 18:15:41 +02:00
  • 8ad10e15d3 chore: Comply with Shellcheck SC2209 (#280) David 2019-05-05 17:31:18 +02:00
  • bfa4de96e6 enh(l1tf): in paranoid mode, assume we're running a hypervisor unless stated otherwise Stéphane Lesimple 2019-04-21 14:03:48 +02:00
  • b022b27a51 feat(ssbd): in live mode, report whether the mitigation is active (fix #210) Stéphane Lesimple 2019-04-20 20:27:45 +02:00
  • c4bae6ee6a IBRS kernel reported active even if sysfs has "IBRS_FW" only (#275) (#276) Dario Faggioli 2019-04-20 14:04:29 +02:00
  • 23e7db044e fix(bsd): load vmm if not already loaded, fixes #274 Stéphane Lesimple 2019-04-19 19:47:04 +02:00
  • fc4981bb94 update MCEDB from v84 to v96 Stéphane Lesimple 2019-01-20 19:52:46 +01:00
  • 419508758e add spectre and meltdown mitigation technologies checking for Hygon CPU (#271) Dajiang Zhong 2019-01-21 02:32:36 +08:00
  • d7d2e6934b fix: typo in bare metal detection (fixes #269) Stéphane Lesimple 2018-12-12 00:24:17 +01:00
  • b0083d918e Remove unneeded volumes in Dockerfile (#266) Jan 2018-12-10 19:42:13 +01:00
  • 904a83c675 Fix Arch kernel image detection (#268) Lily Wilson 2018-12-10 13:36:58 -05:00
  • 906f54cf9d Improved hypervisor detection (#259) Rob Gill 2018-12-11 04:33:07 +10:00
  • c45a06f414 Warn on missing kernel info (#265) Brett T. Warden 2018-11-25 09:37:03 -08:00
  • 4a6fa070a4 Fix misdetection of files under Clear Linux (#264) Brett T. Warden 2018-11-25 09:14:04 -08:00
  • c705afe764 bump to v0.40 v0.40 Stéphane Lesimple 2018-10-03 20:56:46 +02:00
  • 401ccd4b14 Correct aarch64 KPTI dmesg message Stanislav Kholmanskikh 2018-08-29 05:40:52 -07:00
  • 55120839dd Fix a typo in check_variant3_linux() Stanislav Kholmanskikh 2018-08-28 04:35:44 -07:00
  • f5106b3c02 update MCEDB from v83 to v84 (no actual change) Stéphane Lesimple 2018-09-30 16:57:35 +02:00
  • 68289dae1e feat: add --update-builtin-mcedb to update the DB inside the script Stéphane Lesimple 2018-09-30 16:56:58 +02:00
  • 3b2d529654 feat(l1tf): read & report ARCH_CAPABILITIES bit 3 (SKIP_VMENTRY_L1DFLUSH) Stéphane Lesimple 2018-09-29 13:16:07 +02:00
  • cbb18cb6b6 fix(l1tf): properly detect status under Red Hat/CentOS kernels Stéphane Lesimple 2018-09-29 13:00:42 +02:00
  • 299103a3ae some fixes when script is not started as root Stéphane Lesimple 2018-09-24 20:25:52 +02:00
  • dc5402b349 chore: speed optimization of hw check and indentation fixes Stéphane Lesimple 2018-09-24 20:05:41 +02:00
  • 90c2ae5de2 feat: use the MCExtractor DB as the reference for the microcode versions Stéphane Lesimple 2018-09-23 17:29:14 +02:00
  • 53d6a44754 Fix detection of CVE-2018-3615 (L1TF_SGX) (#253) Michael Lass 2018-09-29 11:35:10 +02:00
  • 297d890ce9 fix ucode version check regression introduced by fbbb19f under BSD Stéphane Lesimple 2018-09-23 15:00:39 +02:00
  • 0252e74f94 feat(bsd): implement CVE-2018-3620 and CVE-2018-3646 mitigation detection Stéphane Lesimple 2018-09-22 12:26:48 +02:00
  • fbbb19f244 Fix cases where a CPU ucode version is not found in $procfs/cpuinfo. (#246) Nicolas Sauzede 2018-09-19 22:00:59 +02:00
  • 1571a56ce2 feat: add L1D flush cpuid feature bit detection Stéphane Lesimple 2018-09-19 09:05:23 +02:00
  • 3cf9141601 fix: don't display summary if no CVE was tested (e.g. --hw-only) Stéphane Lesimple 2018-09-19 09:04:52 +02:00
  • bff38f1b26 BSD: add not-implemented-yet notice for Foreshadow-NG Stéphane Lesimple 2018-09-18 22:06:01 +02:00