enh: replace shell wildcard by a find to avoid potiental error (list of args too long)

on locked down kernels (Fedora / Red Hat feature that prevents writing
to MSRs from userspace, even if root), we can't write to FLUSH_CMD MSR
to verify that it's present. So fallback to checking the existence of
the L1D flush CPUID feature bit to infer that the microcode has been
updated in a recent enough version that also mitigates SGX (fixes for
both issues have been included in the same microcode updates for all
Intel CPUs)

spectre-meltdown-checker.sh

@@ -22,6 +22,7 @@ exit_cleanup()
 	[ -n "$kerneltmp"     ] && [ -f "$kerneltmp"     ] && rm -f "$kerneltmp"
 	[ -n "$kerneltmp2"    ] && [ -f "$kerneltmp2"    ] && rm -f "$kerneltmp2"
 	[ -n "$mcedb_tmp"     ] && [ -f "$mcedb_tmp"     ] && rm -f "$mcedb_tmp"
+	[ -n "$intel_tmp"     ] && [ -f "$intel_tmp"     ] && rm -rf "$intel_tmp"
 	[ "$mounted_debugfs" = 1 ] && umount /sys/kernel/debug 2>/dev/null
 	[ "$mounted_procfs"  = 1 ] && umount "$procfs" 2>/dev/null
 	[ "$insmod_cpuid"    = 1 ] && rmmod cpuid 2>/dev/null
@@ -89,8 +90,9 @@ show_usage()
 		--hw-only		only check for CPU information, don't check for any variant
 		--no-hw			skip CPU information and checks, if you're inspecting a kernel not to be run on this host
 		--vmm [auto,yes,no]	override the detection of the presence of a hypervisor (for CVE-2018-3646), default: auto
-		--update-mcedb		update our local copy of the CPU microcodes versions database (from the awesome MCExtractor project)
+		--update-fwdb		update our local copy of the CPU microcodes versions database (using the awesome MCExtractor project
-		--update-builtin-mcedb	same as --update-mcedb but update builtin DB inside the script itself
+					and the Intel firmwares GitHub repository)
+		--update-builtin-fwdb	same as --update-fwdb but update builtin DB inside the script itself
 		--dump-mock-data	used to mimick a CPU on an other system, mainly used to help debugging this script
 
 	Return codes:
@@ -706,16 +708,15 @@ show_header()
 
 [ -z "$HOME" ] && HOME="$(getent passwd "$(whoami)" | cut -d: -f6)"
 mcedb_cache="$HOME/.mcedb"
-update_mcedb()
+update_fwdb()
 {
-	# We're using MCE.db from the excellent platomav's MCExtractor project
 	show_header
 
 	if [ -r "$mcedb_cache" ]; then
-		previous_mcedb_revision=$(awk '/^# %%% MCEDB / { print $4 }' "$mcedb_cache")
+		previous_dbversion=$(awk '/^# %%% MCEDB / { print $4 }' "$mcedb_cache")
 	fi
 
-	# first download the database
+	# first, download the MCE.db from the excellent platomav's MCExtractor project
 	mcedb_tmp="$(mktemp /tmp/mcedb-XXXXXX)"
 	mcedb_url='https://github.com/platomav/MCExtractor/raw/master/MCE.db'
 	_info_nol "Fetching MCE.db from the MCExtractor project... "
@@ -735,8 +736,29 @@ update_mcedb()
 	fi
 	echo DONE
 
-	# now extract contents using sqlite
+	# second, get the Intel firmwares from GitHub
-	_info_nol "Extracting data... "
+	intel_tmp="$(mktemp -d /tmp/intelfw-XXXXXX)"
+	intel_url="https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/master.zip"
+	_info_nol "Fetching Intel firmwares... "
+	## https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files.git
+	if command -v wget >/dev/null 2>&1; then
+		wget -q "$intel_url" -O "$intel_tmp/fw.zip"; ret=$?
+	elif command -v curl >/dev/null 2>&1; then
+		curl -sL "$intel_url" -o "$intel_tmp/fw.zip"; ret=$?
+	elif command -v fetch >/dev/null 2>&1; then
+		fetch -q "$intel_url" -o "$intel_tmp/fw.zip"; ret=$?
+	else
+		echo ERROR "please install one of \`wget\`, \`curl\` of \`fetch\` programs"
+		return 1
+	fi
+	if [ "$ret" != 0 ]; then
+		echo ERROR "error $ret while downloading Intel firmwares"
+		return $ret
+	fi
+	echo DONE
+
+	# now extract MCEdb contents using sqlite
+	_info_nol "Extracting MCEdb data... "
 	if ! command -v sqlite3 >/dev/null 2>&1; then
 		echo ERROR "please install the \`sqlite3\` program"
 		return 1
@@ -747,17 +769,68 @@ update_mcedb()
 		echo ERROR "downloaded file seems invalid"
 		return 1
 	fi
+
 	echo OK "MCExtractor database revision $mcedb_revision dated $mcedb_date"
-	if [ -n "$previous_mcedb_revision" ]; then
+
-		if [ "$previous_mcedb_revision" = "v$mcedb_revision" ]; then
+	# parse Intel firmwares to get their versions
+	_info_nol "Integrating Intel firmwares data to db... "
+	if ! command -v unzip >/dev/null 2>&1; then
+		echo ERROR "please install the \`unzip\` program"
+		return 1
+	fi
+	( cd "$intel_tmp" && unzip fw.zip >/dev/null; )
+	if ! [ -d "$intel_tmp/Intel-Linux-Processor-Microcode-Data-Files-master/intel-ucode" ]; then
+		echo ERROR "expected the 'intel-ucode' folder in the downloaded zip file"
+		return 1
+	fi
+
+	if ! command -v iucode_tool >/dev/null 2>&1; then
+		if ! command -v iucode-tool >/dev/null 2>&1; then
+			echo ERROR "please install the \`iucode-tool\` program"
+			return 1
+		else
+			iucode_tool="iucode-tool"
+		fi
+	else
+		iucode_tool="iucode_tool"
+	fi
+	#  079/001: sig 0x000106c2, pf_mask 0x01, 2009-04-10, rev 0x0217, size 5120
+	#  078/004: sig 0x000106ca, pf_mask 0x10, 2009-08-25, rev 0x0107, size 5120
+	$iucode_tool -l "$intel_tmp/Intel-Linux-Processor-Microcode-Data-Files-master/intel-ucode" | grep -wF sig | while read -r _line
+	do
+		_line=$(   echo "$_line" | tr -d ',')
+		_cpuid=$(  echo "$_line" | awk '{print $3}')
+		_cpuid=$(( _cpuid ))
+		_cpuid=$(printf "0x%08X" "$_cpuid")
+		_date=$(   echo "$_line" | awk '{print $6}' | tr -d '-')
+		_version=$(echo "$_line" | awk '{print $8}')
+		_version=$(( _version ))
+		_version=$(printf "0x%08X" "$_version")
+		_sqlstm="$(printf "INSERT INTO Intel (cpuid,version,yyyymmdd) VALUES (\"%s\",\"%s\",\"%s\");" "$(printf "%08X" "$_cpuid")" "$(printf "%08X" "$_version")" "$_date")"
+		sqlite3 "$mcedb_tmp" "$_sqlstm"
+	done
+	_intel_latest_date=$(sqlite3 "$mcedb_tmp" "SELECT yyyymmdd from Intel ORDER BY yyyymmdd DESC LIMIT 1;")
+	echo DONE "(version $_intel_latest_date)"
+
+	dbdate=$(echo "$mcedb_date" | tr -d '/')
+	if [ "$dbdate" -lt "$_intel_latest_date" ]; then
+		dbdate="$_intel_latest_date"
+	fi
+	dbversion="$mcedb_revision.$dbdate+i$_intel_latest_date"
+
+	if [ "$1" != builtin ] && [ -n "$previous_dbversion" ] && [ "$previous_dbversion" = "v$dbversion" ]; then
 		echo "We already have this version locally, no update needed"
-			[ "$1" != builtin ] && return 0
+		return 0
 	fi
-	fi
+
-	echo "# Spectre & Meltdown Checker" > "$mcedb_cache"
+	_info_nol "Building local database... "
-	echo "# %%% MCEDB v$mcedb_revision - $mcedb_date" >> "$mcedb_cache"
+	{
-	sqlite3 "$mcedb_tmp" "select '# I,0x'||cpuid||',0x'||version||','||max(yyyymmdd) from Intel group by cpuid order by cpuid asc; select '# A,0x'||cpuid||',0x'||version||','||max(yyyymmdd) from AMD group by cpuid order by cpuid asc" | grep -v '^# .,0x00000000,' >> "$mcedb_cache"
+		echo "# Spectre & Meltdown Checker";
-	echo OK "local version updated"
+		echo "# %%% MCEDB v$dbversion";
+		sqlite3 "$mcedb_tmp" "SELECT '# I,0x'||t1.cpuid||',0x'||MAX(t1.version)||','||t1.yyyymmdd FROM Intel AS t1 LEFT OUTER JOIN Intel AS t2 ON t2.cpuid=t1.cpuid AND t2.yyyymmdd > t1.yyyymmdd WHERE t2.yyyymmdd IS NULL GROUP BY t1.cpuid ORDER BY t1.cpuid ASC;" | grep -v '^# .,0x00000000,';
+		sqlite3 "$mcedb_tmp" "SELECT '# A,0x'||t1.cpuid||',0x'||MAX(t1.version)||','||t1.yyyymmdd FROM AMD   AS t1 LEFT OUTER JOIN AMD   AS t2 ON t2.cpuid=t1.cpuid AND t2.yyyymmdd > t1.yyyymmdd WHERE t2.yyyymmdd IS NULL GROUP BY t1.cpuid ORDER BY t1.cpuid ASC;" | grep -v '^# .,0x00000000,';
+	} > "$mcedb_cache"
+	echo DONE "(version $dbversion)"
 
 	if [ "$1" = builtin ]; then
 		newfile=$(mktemp /tmp/smc-XXXXXX)
@@ -843,11 +916,11 @@ while [ -n "$1" ]; do
 		# deprecated, kept for compatibility
 		opt_explain=0
 		shift
-	elif [ "$1" = "--update-mcedb" ]; then
+	elif [ "$1" = "--update-fwdb" ] || [ "$1" = "--update-mcedb" ]; then
-		update_mcedb
+		update_fwdb
 		exit $?
-	elif [ "$1" = "--update-builtin-mcedb" ]; then
+	elif [ "$1" = "--update-builtin-fwdb" ] || [ "$1" = "--update-builtin-mcedb" ]; then
-		update_mcedb builtin
+		update_fwdb builtin
 		exit $?
 	elif [ "$1" = "--dump-mock-data" ]; then
 		opt_mock=1
@@ -1017,7 +1090,8 @@ pvulnstatus()
 					OK)   is_vuln="false";;
 					*)    echo "$0: error: unknown status '$2' passed to pvulnstatus()" >&2; exit 255;;
 				esac
-				json_output="${json_output:-[}{\"NAME\":\"$aka\",\"CVE\":\"$1\",\"VULNERABLE\":$is_vuln,\"INFOS\":\"$3\"},"
+				[ -z "$json_output" ] && json_output='['
+				json_output="${json_output}{\"NAME\":\"$aka\",\"CVE\":\"$1\",\"VULNERABLE\":$is_vuln,\"INFOS\":\"$3\"},"
 				;;
 
 			nrpe)	[ "$2" = VULN ] && nrpe_vuln="$nrpe_vuln $1";;
@@ -1691,12 +1765,21 @@ is_xen_domU()
 	fi
 }
 
+builtin_dbversion=$(awk '/^# %%% MCEDB / { print $4 }' "$0")
 if [ -r "$mcedb_cache" ]; then
+	# we have a local cache file, but it might be older than the builtin version we have
+	local_dbversion=$(  awk '/^# %%% MCEDB / { print $4 }' "$mcedb_cache")
+	# sort -V sorts by version number
+	older_dbversion=$(printf "%b\n%b" "$local_dbversion" "$builtin_dbversion" | sort -V | head -n1)
+	if [ "$older_dbversion" = "$builtin_dbversion" ]; then
 		mcedb_source="$mcedb_cache"
-	mcedb_info="local MCExtractor DB "$(grep -E '^# %%% MCEDB ' "$mcedb_source" | cut -c13-)
+		mcedb_info="local firmwares DB $local_dbversion"
-else
+	fi
+fi
+# if mcedb_source is not set, either we don't have a local cached db, or it is older than the builtin db
+if [ -z "$mcedb_source" ]; then
 	mcedb_source="$0"
-	mcedb_info="builtin MCExtractor DB "$(grep -E '^# %%% MCEDB ' "$mcedb_source" | cut -c13-)
+	mcedb_info="builtin firmwares DB $builtin_dbversion"
 fi
 read_mcedb()
 {
@@ -2099,6 +2182,7 @@ write_msr()
 	if [ -n "$(eval echo \$$_mockvarname)" ]; then
 		_debug "write_msr: MOCKING enabled for msr $_msr func returns $(eval echo \$$_mockvarname)"
 		mocked=1
+		[ "$(eval echo \$$_mockvarname)" = 202 ] && msr_locked_down=1
 		return "$(eval echo \$$_mockvarname)"
 	fi
 
@@ -2127,6 +2211,19 @@ write_msr()
 			mockme=$(printf "%b\n%b" "$mockme" "SMC_MOCK_WRMSR_${_msr}_RET=201")
 			return 201 # missing tool error
 		fi
+		if [ "$ret" = 1 ]; then
+			# Fedora (and probably Red Hat) have a "kernel lock down" feature that prevents us to write to MSRs
+			# when this mode is enabled and EFI secure boot is enabled (see issue #303)
+			# https://src.fedoraproject.org/rpms/kernel/blob/master/f/efi-lockdown.patch
+			# when this happens, any write will fail and dmesg will have a msg printed "msr: Direct access to MSR"
+			# we don't use dmesg_grep() because we don't care if dmesg is truncated here, as the message has just been printed
+			if dmesg | grep -qF "msr: Direct access to MSR"; then
+				_debug "write_msr: locked down kernel detected"
+				mockme=$(printf "%b\n%b" "$mockme" "SMC_MOCK_WRMSR_${_msr}_RET=202")
+				msr_locked_down=1
+				return 202 # lockdown error
+			fi
+		fi
 	fi
 	# normalize ret
 	[ "$ret" != 0 ] && ret=1
@@ -2263,6 +2360,9 @@ check_cpu()
 		elif [ $val -eq 201 ]; then
 			pstatus yellow UNKNOWN "missing tool, install either msr-tools or perl"
 			spec_ctrl_msr=-1
+		elif [ $val -eq 202 ]; then
+			pstatus yellow UNKNOWN "your kernel is locked down (Fedora/Red Hat), please reboot without secure boot and retry"
+			spec_ctrl_msr=-1
 		else
 			spec_ctrl_msr=0
 			pstatus yellow NO
@@ -2351,6 +2451,10 @@ check_cpu()
 			fi
 		elif [ $val -eq 200 ]; then
 			pstatus yellow UNKNOWN "is msr kernel module available?"
+		elif [ $val -eq 201 ]; then
+			pstatus yellow UNKNOWN "missing tool, install either msr-tools or perl"
+		elif [ $val -eq 202 ]; then
+			pstatus yellow UNKNOWN "your kernel is locked down (Fedora/Red Hat), please reboot without secure boot and retry"
 		else
 			pstatus yellow NO
 		fi
@@ -2529,6 +2633,10 @@ check_cpu()
 			fi
 		elif [ $val -eq 200 ]; then
 			pstatus yellow UNKNOWN "is msr kernel module available?"
+		elif [ $val -eq 201 ]; then
+			pstatus yellow UNKNOWN "missing tool, install either msr-tools or perl"
+		elif [ $val -eq 202 ]; then
+			pstatus yellow UNKNOWN "your kernel is locked down (Fedora/Red Hat), please reboot without secure boot and retry"
 		else
 			pstatus yellow NO
 		fi
@@ -2538,6 +2646,7 @@ check_cpu()
 	read_cpuid 0x7 $EDX 28 1 1; ret=$?
 	if [ $ret -eq 0 ]; then
 		pstatus green YES "L1D flush feature bit"
+		cpuid_l1df=1
 	elif [ $ret -eq 1 ]; then
 		pstatus yellow NO
 	elif [ $ret -eq 2 ]; then
@@ -2666,6 +2775,8 @@ check_cpu()
 				pstatus yellow UNKNOWN "is msr kernel module available?"
 			elif [ $val -eq 201 ]; then
 				pstatus yellow UNKNOWN "missing tool, install either msr-tools or perl"
+			elif [ $val -eq 202 ]; then
+				pstatus yellow UNKNOWN "your kernel is locked down (Fedora/Red Hat), please reboot without secure boot and retry"
 			else
 				pstatus yellow NO
 			fi
@@ -3988,8 +4099,9 @@ check_CVE_2018_3639_linux()
 			if [ "$kernel_ssbd_enabled" = 1 ]; then
 				_info_nol "* SSB mitigation currently active for selected processes: "
 				# silence grep's stderr here to avoid ENOENT errors from processes that have exited since the shell's expansion of the *
-				mitigated_processes=$(grep -El 'Speculation.?Store.?Bypass:[[:space:]]+thread (force )?mitigated' /proc/*/status 2>/dev/null \
+				mitigated_processes=$(find /proc -mindepth 2 -maxdepth 2 -type f -name status -print0 2>/dev/null \
-					| sed s/status/exe/ | xargs -r -n1 readlink -f | xargs -r -n1 basename | sort -u | tr "\n" " " | sed 's/ $//')
+					| xargs -r0 grep -El 'Speculation.?Store.?Bypass:[[:space:]]+thread (force )?mitigated' 2>/dev/null \
+					| sed s/status/exe/ | xargs -r -n1 readlink -f 2>/dev/null | xargs -r -n1 basename | sort -u | tr "\n" " " | sed 's/ $//')
 				if [ -n "$mitigated_processes" ]; then
 					pstatus green YES "$mitigated_processes"
 				else
@@ -4098,10 +4210,15 @@ check_CVE_2018_3615()
 	_info "\033[1;34m$cve aka '$(cve2name "$cve")'\033[0m"
 
 	_info_nol "* CPU microcode mitigates the vulnerability: "
-	if [ "$cpu_flush_cmd" = 1 ] && [ "$cpuid_sgx" = 1 ]; then
+	if ( [ "$cpu_flush_cmd" = 1 ] || ( [ "$msr_locked_down" = 1 ] && [ "$cpuid_l1df" = 1 ] ) ) && [ "$cpuid_sgx" = 1 ]; then
 		# no easy way to detect a fixed SGX but we know that
 		# microcodes that have the FLUSH_CMD MSR also have the
-		# fixed SGX (for CPUs that support it)
+		# fixed SGX (for CPUs that support it), because Intel
+		# delivered fixed microcodes for both issues at the same time
+		#
+		# if the system we're running on is locked down (no way to write MSRs),
+		# make the assumption that if the L1D flush CPUID bit is set, probably
+		# that FLUSH_CMD MSR is here too
 		pstatus green YES
 	elif [ "$cpuid_sgx" = 1 ]; then
 		pstatus red NO
@@ -4112,7 +4229,7 @@ check_CVE_2018_3615()
 	if ! is_cpu_vulnerable "$cve"; then
 		# override status & msg in case CPU is not vulnerable after all
 		pvulnstatus $cve OK "your CPU vendor reported your CPU model as not vulnerable"
-	elif [ "$cpu_flush_cmd" = 1 ]; then
+	elif [ "$cpu_flush_cmd" = 1 ] || ( [ "$msr_locked_down" = 1 ] && [ "$cpuid_l1df" = 1 ] ) ; then
 		pvulnstatus $cve OK "your CPU microcode mitigates the vulnerability"
 	else
 		pvulnstatus $cve VULN "your CPU supports SGX and the microcode is not up to date"
@@ -4947,13 +5064,10 @@ fi
 exit 0  # ok
 
 # We're using MCE.db from the excellent platomav's MCExtractor project
-# The builtin version follows, but the user can download an up-to-date copy (to be stored in his $HOME) by using --update-mcedb
+# The builtin version follows, but the user can download an up-to-date copy (to be stored in his $HOME) by using --update-fwdb
-# To update the builtin version itself (by *modifying* this very file), use --update-builtin-mcedb
+# To update the builtin version itself (by *modifying* this very file), use --update-builtin-fwdb
 
-# wget https://github.com/platomav/MCExtractor/raw/master/MCE.db
+# %%% MCEDB v130.20191104+i20191027
-# sqlite3 MCE.db "select '%%% MCEDB v'||revision||' - '||strftime('%Y/%m/%d', date, 'unixepoch') from MCE; select '# I,0x'||cpuid||',0x'||version||','||max(yyyymmdd) from Intel group by cpuid order by cpuid asc; select '# A,0x'||cpuid||',0x'||version||','||max(yyyymmdd) from AMD group by cpuid order by cpuid asc"
-
-# %%% MCEDB v130 - 2019/11/04
 # I,0x00000611,0x00000B27,19961218
 # I,0x00000612,0x000000C6,19961210
 # I,0x00000616,0x000000C6,19961210
@@ -4963,28 +5077,28 @@ exit 0  # ok
 # I,0x00000632,0x00000020,19960903
 # I,0x00000633,0x00000036,19980923
 # I,0x00000634,0x00000037,19980923
-# I,0x00000650,0x00000040,19990525
+# I,0x00000650,0x00000045,19990525
-# I,0x00000651,0x00000040,19990525
+# I,0x00000651,0x00000042,19990525
 # I,0x00000652,0x0000002D,19990518
 # I,0x00000653,0x00000010,19990628
 # I,0x00000660,0x0000000A,19990505
 # I,0x00000665,0x00000003,19990505
-# I,0x0000066A,0x0000000C,19990505
+# I,0x0000066A,0x0000000D,19990505
 # I,0x0000066D,0x00000007,19990505
 # I,0x00000670,0x00000007,19980602
-# I,0x00000671,0x00000003,19980811
+# I,0x00000671,0x00000014,19980811
-# I,0x00000672,0x00000010,19990922
+# I,0x00000672,0x00000038,19990922
-# I,0x00000673,0x0000000E,19990910
+# I,0x00000673,0x0000002E,19990910
-# I,0x00000680,0x00000014,19990610
+# I,0x00000680,0x00000017,19990610
 # I,0x00000681,0x00000014,19991209
-# I,0x00000683,0x00000013,20010206
+# I,0x00000683,0x00000014,20010206
-# I,0x00000686,0x00000007,20000505
+# I,0x00000686,0x00000008,20000505
-# I,0x0000068A,0x00000004,20001207
+# I,0x0000068A,0x00000005,20001207
 # I,0x00000690,0x00000004,20000206
 # I,0x00000691,0x00000001,20020527
 # I,0x00000692,0x00000001,20020620
 # I,0x00000694,0x00000002,20020926
-# I,0x00000695,0x00000007,20041109
+# I,0x00000695,0x00000047,20041109
 # I,0x00000696,0x00000001,20000707
 # I,0x000006A0,0x00000003,20000110
 # I,0x000006A1,0x00000001,20000306
@@ -5008,7 +5122,7 @@ exit 0  # ok
 # I,0x000006F4,0x00000028,20060417
 # I,0x000006F5,0x00000039,20060727
 # I,0x000006F6,0x000000D2,20101001
-# I,0x000006F7,0x0000006A,20101002
+# I,0x000006F7,0x0000006B,20101002
 # I,0x000006F9,0x00000084,20061012
 # I,0x000006FA,0x00000095,20101002
 # I,0x000006FB,0x000000C1,20111004
@@ -5018,24 +5132,24 @@ exit 0  # ok
 # I,0x00000F02,0xFFFF000B,20000518
 # I,0x00000F03,0xFFFF0001,20000518
 # I,0x00000F04,0xFFFF0010,20000803
-# I,0x00000F05,0x0000000B,20000824
+# I,0x00000F05,0x0000000C,20000824
 # I,0x00000F06,0x00000004,20000911
 # I,0x00000F07,0x00000012,20020716
 # I,0x00000F08,0x00000008,20001101
 # I,0x00000F09,0x00000008,20010104
 # I,0x00000F0A,0x00000015,20020821
 # I,0x00000F11,0x0000000A,20030729
-# I,0x00000F12,0x0000002D,20030502
+# I,0x00000F12,0x0000002F,20030502
 # I,0x00000F13,0x00000005,20030508
 # I,0x00000F20,0x00000001,20010423
-# I,0x00000F21,0x00000002,20010529
+# I,0x00000F21,0x00000003,20010529
 # I,0x00000F22,0x00000005,20030729
 # I,0x00000F23,0x0000000D,20010817
 # I,0x00000F24,0x00000021,20030610
 # I,0x00000F25,0x0000002C,20040826
 # I,0x00000F26,0x00000010,20040805
-# I,0x00000F27,0x00000038,20030604
+# I,0x00000F27,0x00000039,20030604
-# I,0x00000F29,0x0000002D,20040811
+# I,0x00000F29,0x0000002F,20040811
 # I,0x00000F30,0x00000013,20030815
 # I,0x00000F31,0x0000000B,20031021
 # I,0x00000F32,0x0000000A,20040511
@@ -5064,7 +5178,7 @@ exit 0  # ok
 # I,0x00001632,0x00000002,19980610
 # I,0x00010650,0x00000002,20060513
 # I,0x00010660,0x00000004,20060612
-# I,0x00010661,0x00000043,20101004
+# I,0x00010661,0x00000045,20101004
 # I,0x00010670,0x00000005,20070209
 # I,0x00010671,0x00000106,20070329
 # I,0x00010674,0x84050100,20070726
@@ -5078,7 +5192,7 @@ exit 0  # ok
 # I,0x000106A5,0x0000001D,20180511
 # I,0x000106C0,0x00000007,20070824
 # I,0x000106C1,0x00000109,20071203
-# I,0x000106C2,0x00000217,20090410
+# I,0x000106C2,0x00000219,20090410
 # I,0x000106C9,0x00000007,20090213
 # I,0x000106CA,0x00000107,20090825
 # I,0x000106D0,0x00000005,20071204
@@ -5174,17 +5288,17 @@ exit 0  # ok
 # I,0x000406C3,0x00000368,20190423
 # I,0x000406C4,0x00000411,20190423
 # I,0x000406D0,0x0000000E,20130612
-# I,0x000406D8,0x0000012A,20180104
+# I,0x000406D8,0x0000012D,20190916
 # I,0x000406E1,0x00000020,20141111
 # I,0x000406E2,0x0000002C,20150521
-# I,0x000406E3,0x000000D4,20190814
+# I,0x000406E3,0x000000D6,20191003
 # I,0x000406E8,0x00000026,20160414
 # I,0x000406F0,0x00000014,20150702
 # I,0x000406F1,0x0B000038,20190618
 # I,0x00050650,0x8000002B,20160208
 # I,0x00050651,0x8000002B,20160208
 # I,0x00050652,0x80000037,20170502
-# I,0x00050653,0x01000146,20180824
+# I,0x00050653,0x01000151,20190909
 # I,0x00050654,0x02000065,20190905
 # I,0x00050655,0x03000012,20190412
 # I,0x00050656,0x0400002C,20190905
@@ -5205,7 +5319,7 @@ exit 0  # ok
 # I,0x000506E0,0x00000018,20141119
 # I,0x000506E1,0x0000002A,20150602
 # I,0x000506E2,0x0000002E,20150815
-# I,0x000506E3,0x000000D4,20190814
+# I,0x000506E3,0x000000D6,20191003
 # I,0x000506E8,0x00000034,20160710
 # I,0x000506F0,0x00000010,20160607
 # I,0x000506F1,0x0000002E,20190321
@@ -5223,17 +5337,17 @@ exit 0  # ok
 # I,0x000706E4,0x00000036,20190718
 # I,0x000706E5,0x00000050,20191027
 # I,0x00080650,0x00000018,20180108
-# I,0x000806E9,0x000000C8,20191003
+# I,0x000806E9,0x000000CA,20191015
-# I,0x000806EA,0x000000C6,20190814
+# I,0x000806EA,0x000000CA,20191003
-# I,0x000806EB,0x000000C6,20190814
+# I,0x000806EB,0x000000CA,20191003
-# I,0x000806EC,0x000000C6,20190814
+# I,0x000806EC,0x000000CA,20191003
-# I,0x000906E9,0x000000C6,20190814
+# I,0x000906E9,0x000000CA,20191003
-# I,0x000906EA,0x000000C6,20190814
+# I,0x000906EA,0x000000CA,20191003
-# I,0x000906EB,0x000000C6,20190814
+# I,0x000906EB,0x000000CA,20191003
-# I,0x000906EC,0x000000C6,20190814
+# I,0x000906EC,0x000000CA,20191003
-# I,0x000906ED,0x000000C6,20190814
+# I,0x000906ED,0x000000CA,20191003
 # I,0x000A0650,0x000000AE,20190410
-# I,0x000A0660,0x000000C6,20190827
+# I,0x000A0660,0x000000CA,20191003
 # A,0x00000F00,0x02000008,20070614
 # A,0x00000F01,0x0000001C,20021031
 # A,0x00000F10,0x00000003,20020325