1
0
mirror of https://github.com/speed47/spectre-meltdown-checker synced 2024-11-19 04:22:22 +01:00
Commit Graph

479 Commits

Author SHA1 Message Date
Stéphane Lesimple
3c224018f4 chore: update disclaimer and FAQ 2023-07-28 20:03:16 +02:00
Stéphane Lesimple
b8f8c81d51 release v0.46 2023-07-26 18:07:02 +02:00
Stéphane Lesimple
f34dd5fa7b enh: assume CPU is immune to Zenbleed regardless of vendor except AMD
This contradicts our usual "if we don't know, consider vulnerable" motto,
but as this vuln is extremely specific (which is not the case for the Spectre
range of vulnerabilities, for example), this is the correct approach here.
2023-07-26 17:54:44 +02:00
Stéphane Lesimple
c0869d7341 enh: zenbleed: give a manual mitigation in --explain 2023-07-26 16:38:02 +02:00
Stéphane Lesimple
e99a548dcc fix: fms2cpuid was incorrect for families > 0xF 2023-07-26 14:33:11 +02:00
Stéphane Lesimple
3d475dfaec feat: fwdb: add linux-firmware as AMD source, update fwdb accordingly 2023-07-26 13:57:05 +02:00
Stéphane Lesimple
cba5010c2a chore: fix typo 2023-07-26 13:57:05 +02:00
Stéphane Lesimple
c5661f098f enh: add --explain text for Zenbleed 2023-07-26 10:56:45 +02:00
Stéphane Lesimple
6844c01242 enh: add zenbleed support to the --variant option 2023-07-26 10:46:38 +02:00
ShadowCurse
0811f28ac6 fix: arm is not affected by zenbleed 2023-07-25 19:59:59 +02:00
Stéphane Lesimple
9bb79a18eb feat: add Zenbleed (CVE-2023-20593) and update fwdb to v270+i20230614 2023-07-25 17:54:59 +02:00
George Cherian
0d93c6ffb4 feat: arm: add Neoverse-N2 and Neoverse-V2
Signed-off-by: George Cherian <george.cherian@marvell.com>
2023-06-18 12:19:02 +02:00
Stéphane Lesimple
6a61df200e update: fwdb to v266+i20230512 2023-05-13 10:27:03 +02:00
ShadowCurse
e4b313fe79 feat: arm: add Neoverse-V1 2023-04-22 11:17:06 +02:00
Hilton Chain
60c71ccb7a Add support for Guix System kernel. 2023-02-24 20:58:45 +01:00
Stéphane Lesimple
48abeb5950 fix: bad exitcode with --update-fwdb due to trap exit 2023-02-24 20:57:43 +01:00
Stéphane Lesimple
3c988cc73a fix: rewrite SQL to be sqlite3 >= 3.41 compatible
closes #443
2023-02-24 20:54:40 +01:00
glitsj16
bea5cfc3b8 Fix typo: /devnull file created in filesystem 2023-02-24 19:42:16 +01:00
Stéphane Lesimple
b68ebe67f2 fix: fwdb: ignore MCEdb versions where an official Intel version exists (fixes #430) 2022-03-30 09:10:55 +02:00
Stéphane Lesimple
a6c943d38f release v0.45 2022-03-27 12:41:17 +02:00
Stéphane Lesimple
dd162301ff chore: update fwdb to v222+i20220208 2022-03-27 12:38:44 +02:00
Stéphane Lesimple
5f6471d9a4 feat: set default TMPDIR for Android (#415) 2022-03-27 12:31:05 +02:00
Stéphane Lesimple
2a5b965b98 feat: add --allow-msr-write, no longer write by default (#385), detect when writing is denied 2022-03-24 12:37:19 +01:00
Stéphane Lesimple
ee266d43b7 chore: fix indentation 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
b61baa90df feat: bsd: for unimplemented CVEs, at least report when CPU is not affected 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
a98d92f8bc chore: wording: model not vulnerable -> model not affected 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
b7c8c4115a feat: implement detection for MCEPSC under BSD 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
4e7c52767d chore: update Intel Family 6 models 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
8473d9ba6b chore: ensure vars are set before being dereferenced (set -u compat) 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
0af4830224 fix: is_ucode_blacklisted: fix some model names 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
81a4329d71 feat: add --cpu, apply changes to (read|write)_msr, update fwdb to v221+i20220208 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
3679776f3c chore: only attempt to load msr and cpuid module once 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
ba131fcd2f chore: read_cpuid: use named constants 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
ae6bc31c2c feat: hw check: add IPRED, RRSBA, BHI features check 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
6d7a6b3666 feat: add subleaf != 0 support for read_cpuid 2022-03-21 22:22:33 +01:00
Stéphane Lesimple
16f2160be5 chore: fwdb: update to v220+i20220208 2022-03-17 19:39:39 +01:00
Stéphane Lesimple
580549812a fix: retpoline: detection on 5.15.28+ (#420) 2022-03-17 19:25:24 +01:00
Stéphane Lesimple
05d862709d fix: has_vmm false positive with pcp
Fix by matching the full procname with pgrep (-x),
so that the 'pmdakvm' process doesn't match.

Closes #394
2021-05-25 12:31:07 +02:00
Stéphane Lesimple
3846913899 fix: refuse to run under MacOS and ESXi 2021-05-24 22:42:23 +02:00
Stéphane Lesimple
0ba71a443e fix: mcedb: v191 changed the MCE table format
Also update the builtin db to v191+i20210217

Closes #400
2021-05-24 12:55:44 +02:00
Stéphane Lesimple
3a486e9985 arm64: variant 4: detect ssbd mitigation from kernel img, system.map or kconfig 2021-04-02 15:38:31 +02:00
Stéphane Lesimple
23564cda5d fix: variant4: added case where prctl ssbd status is tagged as 'unknown' 2021-04-02 15:38:31 +02:00
Stéphane Lesimple
0ea21d09bd fix: extract_kernel: don't overwrite kernel_err if already set
Fixes #395
2021-04-02 15:33:02 +02:00
Zhiyuan Dai
6d35e780f4 arm64: phytium: Add CPU Implementer Phytium
This patch adds 0x70 check for phytium implementer id in function
parse_cpu_details. Also adds that Phytium Soc is not vulnerable to variant 3/3a
2021-01-13 19:14:09 +01:00
Stéphane Lesimple
4ec3154be0 chore: replace 'Vulnerable to' by 'Affected by' in the hw section
This seems to be less confusing, suggested by #356
2020-11-10 18:56:25 +01:00
Stéphane Lesimple
843f26630d feat: arm: add Cortex A77 and Neoverse-N1 (fixes #371) 2020-11-10 18:36:42 +01:00
Stéphane Lesimple
7fc2ec65b9 bump to v0.44 2020-11-09 18:41:43 +01:00
Stéphane Lesimple
c8cdfd54da chore: fwdb: update to v165.20201021+i20200616 2020-11-08 21:25:18 +01:00
Stéphane Lesimple
f0c33c7a32 fix: fwdb: use the commit date as the intel fwdb version
fixes #379
2020-11-08 21:25:18 +01:00
Stéphane Lesimple
9e874397da chore: fwdb: update to v163.20200930+i20200904 2020-10-05 20:06:49 +02:00