Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for validation of cpu vulnerabilities #114

Open
artem-sidorenko opened this issue May 15, 2019 · 5 comments

Comments

@artem-sidorenko
Copy link
Member

commented May 15, 2019

Is your feature request related to a problem? Please describe.

There are several CPU vulnerabilities, where the fixes expose via sysfs the state of protection. E.g. /sys/devices/system/cpu/vulnerabilities/mds for new MDS vulnerability.

Describe the solution you'd like

This baseline should include the validation of this options.

@artem-sidorenko

This comment has been minimized.

Copy link
Member Author

commented May 15, 2019

@chris-rock

This comment has been minimized.

Copy link
Member

commented May 15, 2019

+1 on that

@mcgege

This comment has been minimized.

Copy link
Member

commented May 15, 2019

+1 good idea!

@rndmh3ro

This comment has been minimized.

Copy link
Member

commented May 16, 2019

I also like the idea!

Should be as easy as searching for "Vulnerable" on all files in the folder:

root:~$ grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/l1tf:Mitigation: PTE Inversion
/sys/devices/system/cpu/vulnerabilities/mds:Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown
/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Vulnerable
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline, IBPB: conditional, IBRS_FW, STIBP: disabled, RSB filling
@atomic111

This comment has been minimized.

Copy link
Member

commented May 16, 2019

+1

@chris-rock chris-rock added this to Up for grabs in Hacktoberfest 2019 via automation Oct 5, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Hacktoberfest 2019
  
Up for grabs
5 participants
You can’t perform that action at this time.