mirror of
https://github.com/speed47/spectre-meltdown-checker.git
synced 2026-04-03 05:37:11 +02:00
5e3033e2f5
Downfall: - added `--kernel-config` support for all three Kconfig variants seen over all kernel versions up to now - added `--kernel-map` support for `gds_select_mitigation` in `System.map` - fixed the `--sysfs-only` mode - added verbose information about remediation when `--explain` is used - implemented `--paranoid mode`, requiring `GDS_MITIGATION_LOCKED` so that mitigation can't be disabled at runtime - fixed offline mode (was wrongly looking at the system `dmesg`) - better microcode status reporting (enabled, disabled, unsupported, unknown) - fixed unknown (EOL) AVX-capable Intel family 6 CPUs now defaulting to affected - fixed 2 missing known affected CPU models: INTEL_FAM6_SKYLAKE_L and INTEL_FAM6_SKYLAKE - fixed case when we're running in a VM and the hypervisor doesn't let us read the MSR Spectre V2: - fix: affected_cpu: added Centaur family 7 (CentaurHauls) and Zhaoxin family 7 (Shanghai) as immune - fix: added Centaur family 5 (CentaurHauls) and NSC family 5 (Geode by NSC) to is_cpu_specex_free() - enh: offline mode: added detection logic by probing System.map and Kconfig