###############################################################################
# #
# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2019 IPFire Team <info@ipfire.org> #
+# Copyright (C) 2007-2020 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
require "${General::swroot}/header.pl";
my %VULNERABILITIES = (
+ "itlb_multihit" => "$Lang::tr{'itlb multihit'} (CVE-2018-12207)",
"l1tf" => "$Lang::tr{'foreshadow'} (CVE-2018-3620)",
"mds" => "$Lang::tr{'fallout zombieload ridl'} (CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-11091)",
"meltdown" => "$Lang::tr{'meltdown'} (CVE-2017-5754)",
"spec_store_bypass" => "$Lang::tr{'spectre variant 4'} (CVE-2018-3639)",
"spectre_v1" => "$Lang::tr{'spectre variant 1'} (CVE-2017-5753)",
"spectre_v2" => "$Lang::tr{'spectre variant 2'} (CVE-2017-5715)",
+ "srbds" => "$Lang::tr{'srbds'} (CVE-2020-0543)",
+ "tsx_async_abort" => "$Lang::tr{'taa zombieload2'} (CVE-2019-11135)",
);
my $errormessage = "";
my %mainsettings = ();
my %color = ();
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
-&General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color);
+&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
my %settings = (
"ENABLE_SMT" => "auto",
if ($status eq "Not affected") {
$status_message = $Lang::tr{'not affected'};
$colour = "white";
- $bgcolour = ${Header::colourblack};
+ $bgcolour = ${Header::colourgreen};
# Vulnerable
} elsif ($status eq "Vulnerable") {
# Mitigated
} elsif ($status eq "Mitigation") {
$status_message = $Lang::tr{'mitigated'};
- $colour = "black";
- $bgcolour = ${Header::colourorange};
+ $colour = "white";
+ $bgcolour = ${Header::colourblue};
+ # Unknown report from kernel
} else {
- next;
+ $status_message = $status;
+ $colour = "black";
+ $bgcolour = ${Header::colouryellow};
}
my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};
<font color="$colour">
END
if ($message) {
- print "<strong>$status_message</strong>: $message";
+ print "<strong>$status_message</strong> - $message";
} else {
print "<strong>$status_message</strong>";
}
&Header::openbox('100%', 'center', $Lang::tr{'settings'});
+my $smt_status = &smt_status();
+
print <<END;
<table class="tbl" width="66%">
<tbody>
+ <tr>
+ <th colspan="2" align="center">
+ <strong>$smt_status</strong>
+ </th>
+ </tr>
+
<tr>
<td width="50%" align="left">
- <strong>$Lang::tr{'enable smt'}</strong>
+ $Lang::tr{'enable smt'}
</td>
<td width="50%" align="center">
my $status = <FILE>;
close(FILE);
- if ($status =~ /^(Mitigation): (.*)$/) {
+ chomp($status);
+
+ # Fix status when something has been mitigated, but not fully, yet
+ if ($status =~ /^(Mitigation): (.*vulnerable.*)$/) {
+ return ("Vulnerable", $status);
+ }
+
+ if ($status =~ /^(Vulnerable|Mitigation): (.*)$/) {
return ($1, $2);
}
return $status;
}
+
+sub smt_status() {
+ open(FILE, "/sys/devices/system/cpu/smt/control");
+ my $status = <FILE>;
+ close(FILE);
+
+ chomp($status);
+
+ if ($status eq "on") {
+ return $Lang::tr{'smt enabled'};
+ } elsif (($status eq "off") || ($status eq "forceoff")) {
+ return $Lang::tr{'smt disabled'};
+ } elsif ($status eq "notsupported") {
+ return $Lang::tr{'smt not supported'};
+ }
+
+ return $status;
+}
projects / people / pmueller / ipfire-2.x.git / blobdiff