peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-16 21:53:25 +02:00
Code Issues Projects Releases Wiki Activity

Commit Graph

  • 5939c38c5c update mcedb from v109 to v110 to better detect MDS microcodes Stéphane Lesimple 2019-05-14 20:31:27 +02:00
  • db7d3206fd feat(mds): add detection of availability of MD_CLEAR instruction Stéphane Lesimple 2019-05-14 20:30:47 +02:00
  • 1d13a423b8 adjust README Stéphane Lesimple 2019-05-14 20:16:01 +02:00
  • 8e870db4f5 Added support for MDS related vulnerabilities (#282) Agata Gruza 2019-05-14 10:21:20 -07:00
  • d547ce4ab4 fix(ssb): fix error when no process uses prctl to set ssb mitigation Stéphane Lesimple 2019-05-13 15:35:58 +02:00
  • d187827841 enh(vmm): add Xen daemons detection Stéphane Lesimple 2019-05-08 20:44:54 +02:00
  • 2e304ec617 enh(xen): improvements for xen systems (#270) Hans-Joachim Kliemeck 2019-05-07 20:35:52 +02:00
  • fcc04437e8 update builtin MCEdb from v96 to v109 Stéphane Lesimple 2019-05-07 20:29:59 +02:00
  • d31a9810e6 enhance previous commit logic Stéphane Lesimple 2019-05-05 20:09:53 +02:00
  • 4edb867def fix(vmm): revert to checking the running processes to detect a hypervisor Stéphane Lesimple 2019-05-05 19:57:59 +02:00
  • 1264b1c7a3 chore: more shellcheck 0.6 fixes Stéphane Lesimple 2019-05-05 18:34:09 +02:00
  • 7beca1ac50 fix: invalid names in json batch mode (fixes #279) Stéphane Lesimple 2019-05-05 18:15:41 +02:00
  • 8ad10e15d3 chore: Comply with Shellcheck SC2209 (#280) David 2019-05-05 17:31:18 +02:00
  • bfa4de96e6 enh(l1tf): in paranoid mode, assume we're running a hypervisor unless stated otherwise Stéphane Lesimple 2019-04-21 14:03:48 +02:00
  • b022b27a51 feat(ssbd): in live mode, report whether the mitigation is active (fix #210) Stéphane Lesimple 2019-04-20 20:27:45 +02:00
  • c4bae6ee6a IBRS kernel reported active even if sysfs has "IBRS_FW" only (#275) (#276) Dario Faggioli 2019-04-20 14:04:29 +02:00
  • 23e7db044e fix(bsd): load vmm if not already loaded, fixes #274 Stéphane Lesimple 2019-04-19 19:47:04 +02:00
  • fc4981bb94 update MCEDB from v84 to v96 Stéphane Lesimple 2019-01-20 19:52:46 +01:00
  • 419508758e add spectre and meltdown mitigation technologies checking for Hygon CPU (#271) Dajiang Zhong 2019-01-21 02:32:36 +08:00
  • d7d2e6934b fix: typo in bare metal detection (fixes #269) Stéphane Lesimple 2018-12-12 00:24:17 +01:00
  • b0083d918e Remove unneeded volumes in Dockerfile (#266) Jan 2018-12-10 19:42:13 +01:00
  • 904a83c675 Fix Arch kernel image detection (#268) Lily Wilson 2018-12-10 13:36:58 -05:00
  • 906f54cf9d Improved hypervisor detection (#259) Rob Gill 2018-12-11 04:33:07 +10:00
  • c45a06f414 Warn on missing kernel info (#265) Brett T. Warden 2018-11-25 09:37:03 -08:00
  • 4a6fa070a4 Fix misdetection of files under Clear Linux (#264) Brett T. Warden 2018-11-25 09:14:04 -08:00
  • c705afe764 bump to v0.40 v0.40 Stéphane Lesimple 2018-10-03 20:56:46 +02:00
  • 401ccd4b14 Correct aarch64 KPTI dmesg message Stanislav Kholmanskikh 2018-08-29 05:40:52 -07:00
  • 55120839dd Fix a typo in check_variant3_linux() Stanislav Kholmanskikh 2018-08-28 04:35:44 -07:00
  • f5106b3c02 update MCEDB from v83 to v84 (no actual change) Stéphane Lesimple 2018-09-30 16:57:35 +02:00
  • 68289dae1e feat: add --update-builtin-mcedb to update the DB inside the script Stéphane Lesimple 2018-09-30 16:56:58 +02:00
  • 3b2d529654 feat(l1tf): read & report ARCH_CAPABILITIES bit 3 (SKIP_VMENTRY_L1DFLUSH) Stéphane Lesimple 2018-09-29 13:16:07 +02:00
  • cbb18cb6b6 fix(l1tf): properly detect status under Red Hat/CentOS kernels Stéphane Lesimple 2018-09-29 13:00:42 +02:00
  • 299103a3ae some fixes when script is not started as root Stéphane Lesimple 2018-09-24 20:25:52 +02:00
  • dc5402b349 chore: speed optimization of hw check and indentation fixes Stéphane Lesimple 2018-09-24 20:05:41 +02:00
  • 90c2ae5de2 feat: use the MCExtractor DB as the reference for the microcode versions Stéphane Lesimple 2018-09-23 17:29:14 +02:00
  • 53d6a44754 Fix detection of CVE-2018-3615 (L1TF_SGX) (#253) Michael Lass 2018-09-29 11:35:10 +02:00
  • 297d890ce9 fix ucode version check regression introduced by fbbb19f under BSD Stéphane Lesimple 2018-09-23 15:00:39 +02:00
  • 0252e74f94 feat(bsd): implement CVE-2018-3620 and CVE-2018-3646 mitigation detection Stéphane Lesimple 2018-09-22 12:26:48 +02:00
  • fbbb19f244 Fix cases where a CPU ucode version is not found in $procfs/cpuinfo. (#246) Nicolas Sauzede 2018-09-19 22:00:59 +02:00
  • 1571a56ce2 feat: add L1D flush cpuid feature bit detection Stéphane Lesimple 2018-09-19 09:05:23 +02:00
  • 3cf9141601 fix: don't display summary if no CVE was tested (e.g. --hw-only) Stéphane Lesimple 2018-09-19 09:04:52 +02:00
  • bff38f1b26 BSD: add not-implemented-yet notice for Foreshadow-NG Stéphane Lesimple 2018-09-18 22:06:01 +02:00
  • b419fe7c63 feat(variant4): properly detect SSBD under BSD Stéphane Lesimple 2018-09-18 22:00:32 +02:00
  • f193484a4a chore: fix deprecated SPDX license identifier (#249) (#251) alexvong1995 2018-09-18 18:00:53 +00:00
  • 349d77b3b6 Fix kernel detection when /lib/kernel exists on a distro (#252) Laszlo Toth 2018-09-18 20:00:20 +02:00
  • e589ed7f02 fix: don't test SGX again in check_CVE_2018_3615, already done by is_cpu_vulnerable Stéphane Lesimple 2018-09-17 22:28:04 +02:00
  • ae1206288f fix: remove some harcoded /proc paths, use $procfs instead Stéphane Lesimple 2018-09-17 22:26:20 +02:00
  • b44d2b5470 chore: remove 'experimental' notice of Foreshadow from README Stéphane Lesimple 2018-09-17 21:48:20 +02:00
  • 7b72c20f89 feat(l1tf): explode L1TF in its 3 distinct CVEs Stéphane Lesimple 2018-09-17 21:44:22 +02:00
  • b48b2177b7 feat: Add Clear Linux Distro (#244) Luis Ponce 2018-09-15 08:51:49 -05:00
  • 8f31634df6 feat(batch): Add a batch short option for one line result (#243) Pierre Gaxatte 2018-09-15 15:45:10 +02:00
  • 96798b1932 chore: add SPDX GPL-3.0 license identifier (#245) Luis Ponce 2018-09-15 08:33:41 -05:00
  • 687ce1a7fa fix: load cpuid module if absent even when /dev/cpu/0/cpuid is there Stéphane Lesimple 2018-09-08 23:15:21 +02:00
  • 80e0db7cc4 fix: don't show erroneous ucode version when latest version is unknown (fixes #238) Stéphane Lesimple 2018-08-28 20:51:34 +02:00
  • e8890ffac6 feat(config): support for genkernel kernel config file (#239) David Guglielmi 2018-08-28 20:24:37 +02:00
  • b2f64e1132 fix README after merge Stéphane Lesimple 2018-08-18 12:09:34 +02:00
  • 42a3a61f1d Slightly improved Docker configuration (#230) unrealization 2018-08-18 12:06:16 +02:00
  • afb36c519d Fix typo: 'RBS filling' => 'RSB filling' (#237) Karsten Weiss 2018-08-18 12:05:17 +02:00
  • 0009c0d473 fix: --batch now implies --no-color to avoid colored warnings Stéphane Lesimple 2018-08-18 12:04:18 +02:00
  • dd67fd94d7 feat: add FLUSH_CMD MSR availability detection (part of L1TF mitigation) Stéphane Lesimple 2018-08-16 19:05:09 +02:00
  • 339ad31757 fix: add missing l1tf CPU vulnerability display in hw section Stéphane Lesimple 2018-08-16 15:19:29 +02:00
  • 794c5be1d2 feat: add optional git describe support to display inter-release version numbers Stéphane Lesimple 2018-08-16 15:18:47 +02:00
  • a7afc585a9 fix several incorrect ucode version numbers Stéphane Lesimple 2018-08-16 10:51:55 +02:00
  • fc1dffd09a feat: implement detection of latest known versions of intel microcodes Stéphane Lesimple 2018-08-15 12:53:49 +02:00
  • e942616189 feat: initial support for L1TF Stéphane Lesimple 2018-08-15 11:59:23 +02:00
  • 360be7b35f fix: hide arch_capabilities_msr_not_read warning under !intel v0.39 Stéphane Lesimple 2018-08-13 15:42:56 +02:00
  • 5f59257826 bump to v0.39 Stéphane Lesimple 2018-08-13 15:33:03 +02:00
  • 92d59cbdc1 chore: adjust some comments, add 2 missing inits Stéphane Lesimple 2018-08-11 10:31:10 +02:00
  • 4747b932e7 feat: add detection of RSBA feature bit and adjust logic accordingly Stéphane Lesimple 2018-08-09 21:03:58 +02:00
  • 860023a806 fix: ARCH MSR was not read correctly, preventing proper SSB_NO and RDCL_NO detection Stéphane Lesimple 2018-08-09 10:02:44 +02:00
  • ab67a9221d feat: read/write msr now supports msr-tools or perl as dd fallback Stéphane Lesimple 2018-08-08 16:52:31 +02:00
  • f4592bf3a8 Add Arch armv5/armv7 kernel image location (#227) 0x9fff00 2018-08-09 22:13:30 +02:00
  • be15e47671 chore: setting master to v0.38+ Stéphane Lesimple 2018-08-09 14:25:22 +02:00
  • d3481d9524 Add support for the kernel being within a btrfs subvolume (#226) Nathan Parsons 2018-08-09 13:00:35 +01:00
  • 21af561148 bump to v0.38 v0.38 Stéphane Lesimple 2018-08-07 10:55:50 +02:00
  • cb740397f3 feat(arm32): add spectrev1 mitigation detection Stéphane Lesimple 2018-08-01 21:30:13 +02:00
  • 84195689af change: default to --no-explain, use --explain to get detailed mitigation help Stéphane Lesimple 2018-08-04 16:31:41 +02:00
  • b637681fa8 fix: debug output: msg inaccuracy for ARM checks Stéphane Lesimple 2018-08-01 20:40:20 +02:00
  • 9316c30577 fix: armv8: models < 0xd07 are not vulnerable Stéphane Lesimple 2018-08-01 00:31:31 +02:00
  • f9dd9d8cb9 add guess for archlinuxarm aarch64 kernel image on raspberry pi 3 (#222) Lily Wilson 2018-07-31 18:15:52 -04:00
  • 0f0d103a89 fix: correctly init capabilities_ssb_no var in all cases Stéphane Lesimple 2018-07-26 10:18:14 +02:00
  • b262c40541 fix: remove spurious character after an else statement Stéphane Lesimple 2018-07-25 21:55:50 +02:00
  • cc2910fbbc fix: read_cpuid: don't use iflag=skip_bytes for compat with old dd versions Stéphane Lesimple 2018-07-22 20:07:44 +02:00
  • 30c4a1f6d2 arm64: cavium: Add CPU Implementer Cavium (#216) manish jaggi 2018-07-22 22:36:19 +05:30
  • cf06636a3f fix: prometheus output: use printf for proper \n interpretation (#204) Stéphane Lesimple 2018-06-21 23:35:51 +02:00
  • 60077c8d12 fix(arm): rewrite vuln logic from latest arm statement for Cortex A8 to A76 Stéphane Lesimple 2018-06-21 23:24:18 +02:00
  • c181978d7c fix(arm): Updated arm cortex status (#209) Rob Gill 2018-06-16 20:14:39 +10:00
  • 9a6406a9a2 chore: add docker support (#203) Jan 2018-06-14 20:25:35 +02:00
  • 5962d20ba7 fix(variant4): whitelist from common.c::cpu_no_spec_store_bypass (#202) Rob Gill 2018-05-27 23:14:29 +10:00
  • 17a3488505 fix(help): add missing references to variants 3a & 4 (#201) Rob Gill 2018-05-25 00:35:57 +10:00
  • e54e8b3e84 chore: remove warning in README, fix display indentation Stéphane Lesimple 2018-05-24 16:32:53 +02:00
  • 39c778e3ac fix(amd): AMD families 0x15-0x17 non-arch MSRs are a valid way to control SSB Stéphane Lesimple 2018-05-23 23:08:07 +02:00
  • 2cde6e4649 feat(ssbd): add detection of proper CPUID bits on AMD Stéphane Lesimple 2018-05-23 22:50:52 +02:00
  • f4d51e7e53 fix(variant4): add another detection way for Red Hat kernel Stéphane Lesimple 2018-05-23 22:47:54 +02:00
  • 85d46b2799 feat(variant4): add more detailed explanations Stéphane Lesimple 2018-05-23 21:08:58 +02:00
  • 61e02abd0c feat(variant3a): detect up to date microcode Stéphane Lesimple 2018-05-23 21:08:08 +02:00
  • 114756fab7 fix(amd): not vulnerable to variant3a Stéphane Lesimple 2018-05-23 20:38:43 +02:00
  • ea75969eb7 fix(help): Update variant options in usage message (#200) Rob Gill 2018-05-22 23:54:25 +10:00
  • ca391cbfc9 fix(variant2): correctly detect IBRS/IBPB in SLES kernels Stéphane Lesimple 2018-05-22 12:06:46 +02:00
  • 68af5c5f92 feat(variant4): detect SSBD-aware kernel Stéphane Lesimple 2018-05-22 12:05:46 +02:00