1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
| | From e2cc68814cf658638946e069406ef6a6032ab318 Mon Sep 17 00:00:00 2001
From: Hilton Chain <hako@ultrarare.space>
Date: Sat, 12 Nov 2022 19:49:36 +0800
Subject: [PATCH 2/2] Remove references to the builtin firmware database.
---
spectre-meltdown-checker.sh | 43 +++++++++++--------------------------
1 file changed, 12 insertions(+), 31 deletions(-)
diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index 82cf1b6..5104599 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -95,7 +95,6 @@ show_usage()
--cpu [#,all] interact with CPUID and MSR of CPU core number #, or all (default: CPU core 0)
--update-fwdb update our local copy of the CPU microcodes versions database (using the awesome
MCExtractor project and the Intel firmwares GitHub repository)
- --update-builtin-fwdb same as --update-fwdb but update builtin DB inside the script itself
--dump-mock-data used to mimick a CPU on an other system, mainly used to help debugging this script
Return codes:
@@ -853,10 +852,10 @@ update_fwdb()
mcedb_tmp="$(@mktemp@ -t smc-mcedb-XXXXXX)"
mcedb_url='https://github.com/platomav/MCExtractor/raw/master/MCE.db'
_info_nol "Fetching MCE.db from the MCExtractor project... "
- if command -v wget >/dev/null 2>&1; then
- wget -q "$mcedb_url" -O "$mcedb_tmp"; ret=$?
- elif command -v curl >/dev/null 2>&1; then
+ if command -v curl >/dev/null 2>&1; then
curl -sL "$mcedb_url" -o "$mcedb_tmp"; ret=$?
+ elif command -v wget >/dev/null 2>&1; then
+ wget -q "$mcedb_url" -O "$mcedb_tmp"; ret=$?
elif command -v fetch >/dev/null 2>&1; then
fetch -q "$mcedb_url" -o "$mcedb_tmp"; ret=$?
else
@@ -874,10 +873,10 @@ update_fwdb()
intel_url="https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/archive/main.zip"
_info_nol "Fetching Intel firmwares... "
## https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files.git
- if command -v wget >/dev/null 2>&1; then
- wget -q "$intel_url" -O "$intel_tmp/fw.zip"; ret=$?
- elif command -v curl >/dev/null 2>&1; then
+ if command -v curl >/dev/null 2>&1; then
curl -sL "$intel_url" -o "$intel_tmp/fw.zip"; ret=$?
+ elif command -v wget >/dev/null 2>&1; then
+ wget -q "$intel_url" -O "$intel_tmp/fw.zip"; ret=$?
elif command -v fetch >/dev/null 2>&1; then
fetch -q "$intel_url" -o "$intel_tmp/fw.zip"; ret=$?
else
@@ -968,14 +967,6 @@ update_fwdb()
sqlite3 "$mcedb_tmp" "SELECT '# A,0x'||t1.cpuid||',0x'||MAX(t1.version)||','||t1.yyyymmdd FROM AMD AS t1 LEFT OUTER JOIN AMD AS t2 ON t2.cpuid=t1.cpuid AND t2.yyyymmdd > t1.yyyymmdd WHERE t2.yyyymmdd IS NULL GROUP BY t1.cpuid ORDER BY t1.cpuid ASC;" | @grep@ -v '^# .,0x00000000,';
} > "$mcedb_cache"
echo DONE "(version $dbversion)"
-
- if [ "$1" = builtin ]; then
- newfile=$(@mktemp@ -t smc-builtin-XXXXXX)
- @awk@ '/^# %%% MCEDB / { exit }; { print }' "$0" > "$newfile"
- @awk@ '{ if (NR>1) { print } }' "$mcedb_cache" >> "$newfile"
- @cat@ "$newfile" > "$0"
- @rm@ -f "$newfile"
- fi
}
parse_opt_file()
@@ -1070,9 +1061,6 @@ while [ -n "${1:-}" ]; do
elif [ "$1" = "--update-fwdb" ] || [ "$1" = "--update-mcedb" ]; then
update_fwdb
exit $?
- elif [ "$1" = "--update-builtin-fwdb" ] || [ "$1" = "--update-builtin-mcedb" ]; then
- update_fwdb builtin
- exit $?
elif [ "$1" = "--dump-mock-data" ]; then
opt_mock=1
shift
@@ -2033,21 +2021,11 @@ is_xen_domU()
fi
}
-builtin_dbversion=$(@awk@ '/^# %%% MCEDB / { print $4 }' "$0")
if [ -r "$mcedb_cache" ]; then
# we have a local cache file, but it might be older than the builtin version we have
local_dbversion=$( @awk@ '/^# %%% MCEDB / { print $4 }' "$mcedb_cache")
- # sort -V sorts by version number
- older_dbversion=$(printf "%b\n%b" "$local_dbversion" "$builtin_dbversion" | @sort@ -V | @head@ -n1)
- if [ "$older_dbversion" = "$builtin_dbversion" ]; then
- mcedb_source="$mcedb_cache"
- mcedb_info="local firmwares DB $local_dbversion"
- fi
-fi
-# if mcedb_source is not set, either we don't have a local cached db, or it is older than the builtin db
-if [ -z "${mcedb_source:-}" ]; then
- mcedb_source="$0"
- mcedb_info="builtin firmwares DB $builtin_dbversion"
+ mcedb_source="$mcedb_cache"
+ mcedb_info="local firmwares DB $local_dbversion"
fi
read_mcedb()
{
@@ -2063,7 +2041,10 @@ is_latest_known_ucode()
return 2
fi
ucode_latest="latest microcode version for your CPU model is unknown"
- if is_intel; then
+ if [ -z "$mcedb_source" ]; then
+ # When $mcedb_source is not set, skip version checking and report unknown.
+ return 2
+ elif is_intel; then
cpu_brand_prefix=I
elif is_amd; then
cpu_brand_prefix=A
--
2.38.1
|