ericonr
/
util-linux
mirror of https://github.com/ericonr/util-linux.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

lscpu: report CPU vulnerabilities 

Signed-off-by: Karel Zak <kzak@redhat.com>
This commit is contained in:
Karel Zak 2019-04-11 13:45:29 +02:00
parent 3c4ff2dc9d
commit 639eeb28dd
2 changed files with 80 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
sys-utils/lscpu.c
View File

@ -61,6 +61,7 @@
#include "closestream.h"
#include "optutils.h"
#include "fileutils.h"
#include "lscpu.h"
@ -436,6 +437,67 @@ static void read_physical_info_powerpc(
}
#endif
static int cmp_vulnerability_name(const void *a0, const void *b0)
{
const struct cpu_vulnerability *a = (const struct cpu_vulnerability *) a0,
*b = (const struct cpu_vulnerability *) b0;
return strcmp(a->name, b->name);
}
static void read_vulnerabilities(struct lscpu_desc *desc)
{
struct dirent *d;
DIR *dir = ul_path_opendir(desc->syscpu, "vulnerabilities");
int n = 0;
if (!dir)
return;
desc->nvuls = n = 0;
while (xreaddir(dir))
n++;
if (!n)
return;
rewinddir(dir);
desc->vuls = xcalloc(n, sizeof(struct cpu_vulnerability));
while (desc->nvuls < n && (d = xreaddir(dir))) {
char *str, *p;
struct cpu_vulnerability *vu;
#ifdef _DIRENT_HAVE_D_TYPE
if (d->d_type == DT_DIR || d->d_type == DT_UNKNOWN)
continue;
#endif
if (ul_path_readf_string(desc->syscpu, &str,
"vulnerabilities/%s", d->d_name) <= 0)
continue;
vu = &desc->vuls[desc->nvuls++];
/* Name */
vu->name = xstrdup(d->d_name);
*vu->name = toupper(*vu->name);
strrep(vu->name, '_', ' ');
/* Description */
vu->text = str;
p = (char *) startswith(vu->text, "Mitigation");
if (p) {
*p = ';';
strrem(vu->text, ':');
}
}
closedir(dir);
qsort(desc->vuls, desc->nvuls,
sizeof(struct cpu_vulnerability), cmp_vulnerability_name);
}
static void
read_basicinfo(struct lscpu_desc *desc, struct lscpu_modifier *mod)
@ -568,6 +630,10 @@ read_basicinfo(struct lscpu_desc *desc, struct lscpu_modifier *mod)
lookup(buf, "Type", &desc->machinetype);
fclose(fp);
}
/* vulnerabilities */
if (ul_path_access(desc->syscpu, F_OK, "vulnerabilities") == 0)
read_vulnerabilities(desc);
}
static int
@ -2086,6 +2152,13 @@ print_summary(struct lscpu_desc *desc, struct lscpu_modifier *mod)
add_summary_n(tb, _("Physical cores/chip:"), desc->physcoresperchip);
}
if (desc->vuls) {
for (i = 0; i < desc->nvuls; i++) {
snprintf(buf, sizeof(buf), ("Vulnerability %s: "), desc->vuls[i].name);
add_summary_s(tb, buf, desc->vuls[i].text);
}
}
if (desc->flags)
add_summary_s(tb, _("Flags:"), desc->flags);

7
sys-utils/lscpu.h
View File

@ -77,6 +77,10 @@ struct polarization_modes {
char *readable;
};
struct cpu_vulnerability {
char *name;
char *text;
};
/* global description */
struct lscpu_desc {
@ -124,6 +128,9 @@ struct lscpu_desc {
int necaches; /* extra caches (s390) */
struct cpu_cache *ecaches;
struct cpu_vulnerability *vuls; /* array of CPU vulnerabilities */
int nvuls; /* number of CPU vulnerabilities */
/*
* All maps are sequentially indexed (0..ncpuspos), the array index
* does not have match with cpuX number as presented by kernel. You