GNU bug report logs - #49898
[PATCH] gnu: Add spectre-meltdown-checker.

Previous Next

Package: guix-patches;

Reported by: phodina <phodina <at> protonmail.com>

Date: Thu, 5 Aug 2021 17:02:01 UTC

Severity: normal

Tags: moreinfo, patch

Merged with 59053

Done: Liliana Marie Prikler <liliana.prikler <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Leo Prikler <leo.prikler <at> student.tugraz.at>
To: phodina <phodina <at> protonmail.com>, 49898 <at> debbugs.gnu.org
Subject: [bug#49898] [PATCH] gnu: Add spectre-meltdown-checker.
Date: Fri, 06 Aug 2021 15:58:26 +0200

Hi,

Am Donnerstag, den 05.08.2021, 17:00 +0000 schrieb phodina:
> * gnu/packages/linux.scm (spectre-meltdown-checker): New variable.
> 
> diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
> index 4ca2a386e1..f89f6f259e 100644
> --- a/gnu/packages/linux.scm
> +++ b/gnu/packages/linux.scm
> @@ -53,6 +53,7 @@
>  ;;; Copyright © 2020 pukkamustard <pukkamustard <at> posteo.net>
>  ;;; Copyright © 2021 B. Wilson <elaexuotee <at> wilsonb.com>
>  ;;; Copyright © 2021 Ivan Gankevich <i.gankevich <at> spbu.ru>
> +;;; Copyright © 2021 Petr Hodina <phodina <at> protonmail.com>
>  ;;;
>  ;;; This file is part of GNU Guix.
>  ;;;
> @@ -148,6 +149,7 @@
>    #:use-module (guix build-system cmake)
>    #:use-module (guix build-system gnu)
>    #:use-module (guix build-system go)
> +  #:use-module (guix build-system copy)
>    #:use-module (guix build-system meson)
>    #:use-module (guix build-system python)
>    #:use-module (guix build-system trivial)
> @@ -7191,6 +7193,44 @@ interfaces in parallel environments.")
>      (supported-systems '("i686-linux" "x86_64-linux"))
>      (license (list license:bsd-2 license:gpl2)))) ;dual
> 
> +(define-public spectre-meltdown-checker
> +(package
> +  (name "spectre-meltdown-checker")
> +  (version "v0.44")
Version should be "0.44".
> +  (source (origin
> +            (method git-fetch)
> +            (uri (git-reference
> +                  (url "
> https://github.com/speed47/spectre-meltdown-checker")
> +                  (commit version)))
Use (string-append "v" version).
> +            (file-name (git-file-name name version))
> +            (sha256
> +             (base32
> +              "1b47wlc52jnp2d5c7kbqnxmlm4g3cfbv25q30llv5mlmzs6d7bam"
> ))))
> +  (build-system copy-build-system)
copy-build-system needs an install plan to be meaningful.
> +  (inputs `(("util-linux" ,util-linux)
> +            ("binutils" ,binutils)))
> +  (synopsis "Spectre, Meltdown ... vulnerability/mitigation
> checker")
> +  (description "A shell script to assess your system's resilience
> against
> +the several transient execution CVEs that were published since early
> 2018,
"the several CVEs" is quite an obscure formulation if correct English. 
Just "several CVEs" should mean about the same while being more
understandable.
> +and give you guidance as to how to mitigate them.
> +@enumerate
> +@item Bounds Check Bypass
> +@item Branch Target Injection
> +@item Rogue Data Cache Load
> +@item Rogue System Register Read
> +@item Speculative Store Bypass
> +@item L1 Terminal Fault (SGX, OS, VMM)
> +@item Microarchitectural Store Buffer Data Sampling
> +@item Microarchitectural Fill Buffer Data Sampling
> +@item Microarchitectural Load Port Data Sampling
> +@item Microarchitectural Data Sampling Uncacheable Memory
> +@item TSX asynchronous abort
> +@item Machine Mheck Exception on Page Size Changes
> +@item Special Register Buffer Data Sampling
> +@end enumerate")
Not sure if we want to maintain this enumeration tbh.
> +  (home-page "https://github.com/speed47/spectre-meltdown-checker")
> +  (license license:gpl3)))

Regards
This bug report was last modified 2 years and 241 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.