Stéphane Lesimple
34c6095912
fix: Linux 6.9+ changed some config options names ( #490 )
...
Issue #490 is about retpoline but other options have also changed,
as reported by a comment on the issue, this commit fixes these
other options:
Breno Leitao (10):
x86/bugs: Rename CONFIG_GDS_FORCE_MITIGATION => CONFIG_MITIGATION_GDS_FORCE
x86/bugs: Rename CONFIG_CPU_IBPB_ENTRY => CONFIG_MITIGATION_IBPB_ENTRY
x86/bugs: Rename CONFIG_CALL_DEPTH_TRACKING => CONFIG_MITIGATION_CALL_DEPTH_TRACKING
x86/bugs: Rename CONFIG_PAGE_TABLE_ISOLATION => CONFIG_MITIGATION_PAGE_TABLE_ISOLATION
x86/bugs: Rename CONFIG_RETPOLINE => CONFIG_MITIGATION_RETPOLINE
x86/bugs: Rename CONFIG_SLS => CONFIG_MITIGATION_SLS
x86/bugs: Rename CONFIG_CPU_UNRET_ENTRY => CONFIG_MITIGATION_UNRET_ENTRY
x86/bugs: Rename CONFIG_CPU_IBRS_ENTRY => CONFIG_MITIGATION_IBRS_ENTRY
x86/bugs: Rename CONFIG_CPU_SRSO => CONFIG_MITIGATION_SRSO
x86/bugs: Rename CONFIG_RETHUNK => CONFIG_MITIGATION_RETHUNK
2024-08-04 15:15:45 +02:00
Stéphane Lesimple
e806e4bc41
chore: docker compose v2
...
The `docker-compose` command has been replaced by `docker compose`.
The "version" tag has also been deprecated in docker-compose.yml.
2024-08-04 13:53:36 +02:00
Ivan Zahariev
388d44edbd
Fix Retpoline detection for Linux 6.9+ (issue #490 )
2024-08-04 13:41:01 +02:00
Stéphane Lesimple
bd0c7c94b5
fix: typo introduced by #483 , fixes #486
2024-05-18 13:01:48 +02:00
Stéphane Lesimple
d70e4c2974
fwdb: update to v296+i20240514+988c
2024-05-18 13:01:48 +02:00
Stéphane Lesimple
4e29fb5a21
fix: ucode_platformid_mask is hexa ( fixes #485 )
2024-02-15 17:27:12 +01:00
Stephane Lesimple
0f2edb1a71
feat: blacklist some more microcodes ( fixes #475 )
2024-01-09 18:54:39 +01:00
Stephane Lesimple
8ac2539a2a
fix: microcode check now supports pf_mask ( fixes #482 )
2024-01-09 17:05:18 +01:00
Stéphane Lesimple
97f4d5f2bc
feat(reptar): add detection and mitigation of Reptar
2024-01-09 15:38:16 +01:00
Stéphane Lesimple
9b7b09ada3
fix(inception): continued mitigation detection
2023-08-25 18:50:53 +02:00
Sébastien Mériot
c94811e63d
fix(inception): Zen1/2 results based on kernel mitigations
2023-08-25 18:50:53 +02:00
Sébastien Mériot
3e67047c73
feat(inception): README
2023-08-25 18:50:53 +02:00
Sébastien Mériot
ecee75716e
feat(inception): kernel checks + sbpb support detection
2023-08-25 18:50:53 +02:00
Sébastien Mériot
fb6933dc64
feat(inception): Zen1/2 IBPB and SMT checks
2023-08-25 18:50:53 +02:00
Stéphane Lesimple
dc6921a1ac
feat(inception): handle sysfs interface
2023-08-25 18:50:53 +02:00
Sébastien Mériot
3167762cfd
feat(inception): start supporting AMD inception
2023-08-25 18:50:53 +02:00
Stéphane Lesimple
44223c5308
fix: bsd: kernel version detection
2023-08-11 18:41:35 +02:00
Stéphane Lesimple
dbe208fc48
enh: downfall: detect kernel mitigation without sysfs
2023-08-11 18:10:27 +02:00
Stéphane Lesimple
aca4e2a9b1
enh: move root warning to the bottom
2023-08-11 18:10:27 +02:00
Sébastien Mériot
c1c1ac4dbb
feat(downfall): detection of the kernel mitigation relying on dmesg
2023-08-10 11:14:40 +02:00
Stéphane Lesimple
ba0daa6769
feat: downfall: add kernel soft mitigation support check
2023-08-10 11:14:40 +02:00
Sébastien Mériot
227c0aab1e
feat(downfall): add downfall checks
2023-08-10 11:14:40 +02:00
Stéphane Lesimple
8ba3751cf7
fwdb: update to latest Intel ucode versions
2023-08-09 10:35:08 +02:00
Stéphane Lesimple
d013c0a7d2
doc: add kernel src as additional ucode version source
2023-08-01 10:22:15 +02:00
Stéphane Lesimple
cbe8ba10ce
fix: inteldb: cpuid 0x00090660 and 0x000A0680
2023-07-30 13:21:38 +02:00
Stéphane Lesimple
9c2587bca5
enh: when CPUID can't be read, built it by ourselves
2023-07-30 12:21:12 +02:00
Stéphane Lesimple
2a5ddc87bf
feat: add Intel known affected processors DB
2023-07-30 12:21:12 +02:00
Stéphane Lesimple
2ef6c1c80e
enh: factorize file download func
2023-07-28 20:03:16 +02:00
Stéphane Lesimple
3c224018f4
chore: update disclaimer and FAQ
2023-07-28 20:03:16 +02:00
Stéphane Lesimple
b8f8c81d51
release v0.46
2023-07-26 18:07:02 +02:00
Stéphane Lesimple
f34dd5fa7b
enh: assume CPU is immune to Zenbleed regardless of vendor except AMD
...
This contradicts our usual "if we don't know, consider vulnerable" motto,
but as this vuln is extremely specific (which is not the case for the Spectre
range of vulnerabilities, for example), this is the correct approach here.
2023-07-26 17:54:44 +02:00
Stéphane Lesimple
c0869d7341
enh: zenbleed: give a manual mitigation in --explain
2023-07-26 16:38:02 +02:00
Stéphane Lesimple
e99a548dcc
fix: fms2cpuid was incorrect for families > 0xF
2023-07-26 14:33:11 +02:00
Stéphane Lesimple
3d475dfaec
feat: fwdb: add linux-firmware as AMD source, update fwdb accordingly
2023-07-26 13:57:05 +02:00
Stéphane Lesimple
cba5010c2a
chore: fix typo
2023-07-26 13:57:05 +02:00
Stéphane Lesimple
c5661f098f
enh: add --explain text for Zenbleed
2023-07-26 10:56:45 +02:00
Stéphane Lesimple
6844c01242
enh: add zenbleed support to the --variant option
2023-07-26 10:46:38 +02:00
ShadowCurse
0811f28ac6
fix: arm is not affected by zenbleed
2023-07-25 19:59:59 +02:00
Stéphane Lesimple
9bb79a18eb
feat: add Zenbleed (CVE-2023-20593) and update fwdb to v270+i20230614
2023-07-25 17:54:59 +02:00
George Cherian
0d93c6ffb4
feat: arm: add Neoverse-N2 and Neoverse-V2
...
Signed-off-by: George Cherian <george.cherian@marvell.com>
2023-06-18 12:19:02 +02:00
Stéphane Lesimple
6a61df200e
update: fwdb to v266+i20230512
2023-05-13 10:27:03 +02:00
ShadowCurse
e4b313fe79
feat: arm: add Neoverse-V1
2023-04-22 11:17:06 +02:00
Stéphane Lesimple
a2843575be
fix: docker: adding missing utils ( fixes #433 )
2023-02-24 21:35:55 +01:00
Hilton Chain
60c71ccb7a
Add support for Guix System kernel.
2023-02-24 20:58:45 +01:00
Stéphane Lesimple
48abeb5950
fix: bad exitcode with --update-fwdb due to trap exit
2023-02-24 20:57:43 +01:00
Stéphane Lesimple
3c988cc73a
fix: rewrite SQL to be sqlite3 >= 3.41 compatible
...
closes #443
2023-02-24 20:54:40 +01:00
glitsj16
bea5cfc3b8
Fix typo: /devnull file created in filesystem
2023-02-24 19:42:16 +01:00
Stéphane Lesimple
b68ebe67f2
fix: fwdb: ignore MCEdb versions where an official Intel version exists ( fixes #430 )
2022-03-30 09:10:55 +02:00
Stéphane Lesimple
a6c943d38f
release v0.45
2022-03-27 12:41:17 +02:00
Stéphane Lesimple
dd162301ff
chore: update fwdb to v222+i20220208
2022-03-27 12:38:44 +02:00