From owner-svn-ports-all@freebsd.org Wed Nov 11 15:51:58 2020 Return-Path: Delivered-To: svn-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 601C32ED041; Wed, 11 Nov 2020 15:51:58 +0000 (UTC) (envelope-from pkubaj@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CWTkQ2DXPz3BwY; Wed, 11 Nov 2020 15:51:58 +0000 (UTC) (envelope-from pkubaj@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3EC841728E; Wed, 11 Nov 2020 15:51:58 +0000 (UTC) (envelope-from pkubaj@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 0ABFpwZB023023; Wed, 11 Nov 2020 15:51:58 GMT (envelope-from pkubaj@FreeBSD.org) Received: (from pkubaj@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 0ABFpv4t023019; Wed, 11 Nov 2020 15:51:57 GMT (envelope-from pkubaj@FreeBSD.org) Message-Id: <202011111551.0ABFpv4t023019@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pkubaj set sender to pkubaj@FreeBSD.org using -f From: Piotr Kubaj Date: Wed, 11 Nov 2020 15:51:57 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r554900 - in head/security: . spectre-meltdown-checker X-SVN-Group: ports-head X-SVN-Commit-Author: pkubaj X-SVN-Commit-Paths: in head/security: . spectre-meltdown-checker X-SVN-Commit-Revision: 554900 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Nov 2020 15:51:58 -0000 Author: pkubaj Date: Wed Nov 11 15:51:57 2020 New Revision: 554900 URL: https://svnweb.freebsd.org/changeset/ports/554900 Log: security/spectre-meltdown-checker: shell script to tell if your system is vulnerable against the several "speculative execution" CVEs that were made public since 2018 Added: head/security/spectre-meltdown-checker/ head/security/spectre-meltdown-checker/Makefile (contents, props changed) head/security/spectre-meltdown-checker/distinfo (contents, props changed) head/security/spectre-meltdown-checker/pkg-descr (contents, props changed) Modified: head/security/Makefile Modified: head/security/Makefile ============================================================================== --- head/security/Makefile Wed Nov 11 15:35:28 2020 (r554899) +++ head/security/Makefile Wed Nov 11 15:51:57 2020 (r554900) @@ -1206,6 +1206,7 @@ SUBDIR += sops SUBDIR += spass SUBDIR += spass-qt5 + SUBDIR += spectre-meltdown-checker SUBDIR += spm SUBDIR += spybye SUBDIR += sqlmap Added: head/security/spectre-meltdown-checker/Makefile ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/spectre-meltdown-checker/Makefile Wed Nov 11 15:51:57 2020 (r554900) @@ -0,0 +1,23 @@ +# $FreeBSD$ + +PORTNAME= spectre-meltdown-checker +DISTVERSIONPREFIX= v +DISTVERSION= 0.44 +CATEGORIES= security + +MAINTAINER= pkubaj@FreeBSD.org +COMMENT= Checks your system for the speculative execution CVEs + +LICENSE= GPLv3 + +USE_GITHUB= yes +GH_ACCOUNT= speed47 +NO_ARCH= yes +NO_BUILD= yes + +PLIST_FILES= bin/spectre-meltdown-checker.sh + +do-install: + ${INSTALL_SCRIPT} ${WRKSRC}/spectre-meltdown-checker.sh ${STAGEDIR}${PREFIX}/bin + +.include Added: head/security/spectre-meltdown-checker/distinfo ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/spectre-meltdown-checker/distinfo Wed Nov 11 15:51:57 2020 (r554900) @@ -0,0 +1,3 @@ +TIMESTAMP = 1605109163 +SHA256 (speed47-spectre-meltdown-checker-v0.44_GH0.tar.gz) = 96765d765275476c36a146da123fa7e9eb310a84e84ae71b179c9ace3b6ab0c8 +SIZE (speed47-spectre-meltdown-checker-v0.44_GH0.tar.gz) = 54325 Added: head/security/spectre-meltdown-checker/pkg-descr ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/spectre-meltdown-checker/pkg-descr Wed Nov 11 15:51:57 2020 (r554900) @@ -0,0 +1,24 @@ +A shell script to tell if your system is vulnerable against the several +"speculative execution" CVEs that were made public since 2018. + +* CVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1' +* CVE-2017-5715 [branch target injection] aka 'Spectre Variant 2' +* CVE-2017-5754 [rogue data cache load] aka 'Meltdown' aka 'Variant 3' +* CVE-2018-3640 [rogue system register read] aka 'Variant 3a' +* CVE-2018-3639 [speculative store bypass] aka 'Variant 4' +* CVE-2018-3615 [L1 terminal fault] aka 'Foreshadow (SGX)' +* CVE-2018-3620 [L1 terminal fault] aka 'Foreshadow-NG (OS)' +* CVE-2018-3646 [L1 terminal fault] aka 'Foreshadow-NG (VMM)' +* CVE-2018-12126 [microarchitectural store buffer data sampling (MSBDS)] aka + 'Fallout' +* CVE-2018-12130 [microarchitectural fill buffer data sampling (MFBDS)] aka + 'ZombieLoad' +* CVE-2018-12127 [microarchitectural load port data sampling (MLPDS)] aka 'RIDL' +* CVE-2019-11091 [microarchitectural data sampling uncacheable memory (MDSUM)] + aka 'RIDL' +* CVE-2019-11135 [TSX asynchronous abort] aka 'TAA' aka 'ZombieLoad V2' +* CVE-2018-12207 [machine check exception on page size changes (MCEPSC)] aka 'No + eXcuses' aka 'iTLB Multihit' +* CVE-2020-0543 [Special Register Buffer Data Sampling (SRBDS)] + +WWW: https://github.com/speed47/spectre-meltdown-checker