[people/pmueller/ipfire-2.x.git] / html / cgi-bin / vulnerabilities.cgi

#!/usr/bin/perl
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2007-2023  IPFire Team  <info@ipfire.org>                     #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

use strict;

# enable only the following on debugging purpose
#use warnings;
#use CGI::Carp 'fatalsToBrowser';

require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";

my %VULNERABILITIES = (
	"gather_data_sampling" => "$Lang::tr{'downfall gather data sampling'} (CVE-2022-40982)",
	"itlb_multihit" => "$Lang::tr{'itlb multihit'} (CVE-2018-12207)",
	"l1tf" => "$Lang::tr{'foreshadow'} (CVE-2018-3620)",
	"mds" => "$Lang::tr{'fallout zombieload ridl'} (CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-11091)",
	"meltdown" => "$Lang::tr{'meltdown'} (CVE-2017-5754)",
	"mmio_stale_data" => "$Lang::tr{'mmio stale data'} (CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166)",
	"retbleed" => "$Lang::tr{'retbleed'} (CVE-2022-29900, CVE-2022-29901)",
	"spec_rstack_overflow" => "$Lang::tr{'spec rstack overflow'} (CVE-2023-20569)",
	"spec_store_bypass" => "$Lang::tr{'spectre variant 4'} (CVE-2018-3639)",
	"spectre_v1" => "$Lang::tr{'spectre variant 1'} (CVE-2017-5753)",
	"spectre_v2" => "$Lang::tr{'spectre variant 2'} (CVE-2017-5715)",
	"srbds" => "$Lang::tr{'srbds'} (CVE-2020-0543)",
	"tsx_async_abort" => "$Lang::tr{'taa zombieload2'} (CVE-2019-11135)",
);

my $errormessage = "";
my $notice = "";

my %mainsettings = ();
my %color = ();
&General::readhash("${General::swroot}/main/settings", \%mainsettings);
&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);

my %settings = (
	"ENABLE_SMT" => "auto",
);
&General::readhash("${General::swroot}/main/security", \%settings);

&Header::showhttpheaders();

&Header::getcgihash(\%settings);

if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
	if ($settings{'ENABLE_SMT'} !~ /^(auto|on)$/) {
		$errormessage = $Lang::tr{'invalid input'};
	}

	unless ($errormessage) {
		&General::writehash("${General::swroot}/main/security", \%settings);
		$notice = $Lang::tr{'please reboot to apply your changes'};
	}
}

my %checked = ();
$checked{'ENABLE_SMT'}{'auto'} = '';
$checked{'ENABLE_SMT'}{'on'} = '';
$checked{'ENABLE_SMT'}{$settings{'ENABLE_SMT'}} = "checked";

&Header::openpage($Lang::tr{'processor vulnerability mitigations'}, 1, '');

&Header::openbigbox("100%", "left", "", $errormessage);

if ($errormessage) {
	&Header::openbox('100%', 'left', $Lang::tr{'error messages'});
	print "<font color='red'>$errormessage</font>";
	&Header::closebox();
}

if ($notice) {
	&Header::openbox('100%', 'left', $Lang::tr{'notice'});
	print "<font color='red'>$notice</font>";
	&Header::closebox();
}

&Header::openbox('100%', 'center', $Lang::tr{'processor vulnerability mitigations'});

print <<END;
	<table class="tbl" width='100%'>
		<thead>
			<tr>
				<th align="center">
					<strong>$Lang::tr{'vulnerability'}</strong>
				</th>
				<th align="center">
					<strong>$Lang::tr{'status'}</strong>
				</th>
			</tr>
		</thead>
		<tbody>
END

my $id = 0;
for my $vuln (sort keys %VULNERABILITIES) {
	my ($status, $message) = &check_status($vuln);
	next if (!$status);

	my $colour = "";
	my $bgcolour = "";
	my $status_message = "";

	# Not affected
	if ($status eq "Not affected") {
		$status_message = $Lang::tr{'not affected'};
		$colour = "white";
		$bgcolour = ${Header::colourgreen};

	# Vulnerable
	} elsif ($status eq "Vulnerable") {
		$status_message = $Lang::tr{'vulnerable'};
		$colour = "white";
		$bgcolour = ${Header::colourred};

	# Mitigated
	} elsif ($status eq "Mitigation") {
		$status_message = $Lang::tr{'mitigated'};
		$colour = "white";
		$bgcolour = ${Header::colourblue};

	# Unknown report from kernel
	} else {
		$status_message = $status;
		$colour = "black";
		$bgcolour = ${Header::colouryellow};
	}

	my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};

	print <<END;
		<tr bgcolor="$table_colour">
			<td align="left">
				<strong>$VULNERABILITIES{$vuln}</strong>
			</td>

			<td bgcolor="$bgcolour" align="center">
				<font color="$colour">
END
	if ($message) {
		print "<strong>$status_message</strong> - $message";
	} else {
		print "<strong>$status_message</strong>";
	}

	print <<END;
				</font>
			</td>
		</tr>
END
	}

print <<END;
		</tbody>
	</table>
END

&Header::closebox();

print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";

&Header::openbox('100%', 'center', $Lang::tr{'settings'});

my $smt_status = &smt_status();

print <<END;
	<table class="tbl" width="100%">
		<tbody>
			<tr>
				<th colspan="2" align="center">
					<strong>$smt_status</strong>
				</th>
			</tr>

			<tr>
				<td width="50%" align="left">
					$Lang::tr{'enable smt'}
				</td>

				<td width="50%" align="center">
					<label>
						<input type="radio" name="ENABLE_SMT"
							value="auto" $checked{'ENABLE_SMT'}{'auto'}>
						$Lang::tr{'automatic'}
					</label> /
					<label>
						<input type="radio" name="ENABLE_SMT"
							value="on" $checked{'ENABLE_SMT'}{'on'}>
						$Lang::tr{'force enable'} ($Lang::tr{'dangerous'})
					</label>
				</td>
			</tr>

			<tr>
				<td colspan="2" align="right">
					<input type="submit" name="ACTION" value="$Lang::tr{'save'}">
				</td>
			</tr>
		</tbody>
	</table>
END

&Header::closebox();

print "</form>\n";

&Header::closebigbox();

&Header::closepage();

sub check_status($) {
	my $vuln = shift;

	open(FILE, "/sys/devices/system/cpu/vulnerabilities/$vuln") or return undef;
	my $status = <FILE>;
	close(FILE);

	chomp($status);

	# Fix status when something has been mitigated, but not fully, yet
	if ($status =~ /^(Mitigation): (.*vulnerable.*)$/) {
		return ("Vulnerable", $status);
	}

	if ($status =~ /^(Vulnerable|Mitigation): (.*)$/) {
		return ($1, $2);
	}

	return $status;
}

sub smt_status() {
	open(FILE, "/sys/devices/system/cpu/smt/control");
	my $status = <FILE>;
	close(FILE);

	chomp($status);

	if ($status eq "on") {
		return $Lang::tr{'smt enabled'};
	} elsif (($status eq "off") || ($status eq "forceoff")) {
		return $Lang::tr{'smt disabled'};
	} elsif ($status eq "notsupported") {
		return $Lang::tr{'smt not supported'};
	}

	return $status;
}
Commit	Line	Data
65871d1a MT	1	#!/usr/bin/perl
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
edc78459	5	# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> #
65871d1a MT	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	use strict;
	23
	24	# enable only the following on debugging purpose
f238e251 MT	25	#use warnings;
f238e251 MT	26	#use CGI::Carp 'fatalsToBrowser';
65871d1a MT	27
	28	require '/var/ipfire/general-functions.pl';
	29	require "${General::swroot}/lang.pl";
	30	require "${General::swroot}/header.pl";
	31
	32	my %VULNERABILITIES = (
edc78459	33	"gather_data_sampling" => "$Lang::tr{'downfall gather data sampling'} (CVE-2022-40982)",
6fb52ca1	34	"itlb_multihit" => "$Lang::tr{'itlb multihit'} (CVE-2018-12207)",
65871d1a MT	35	"l1tf" => "$Lang::tr{'foreshadow'} (CVE-2018-3620)",
	36	"mds" => "$Lang::tr{'fallout zombieload ridl'} (CVE-2018-12126, CVE-2018-12130, CVE-2018-12127, CVE-2019-11091)",
	37	"meltdown" => "$Lang::tr{'meltdown'} (CVE-2017-5754)",
34798dcd	38	"mmio_stale_data" => "$Lang::tr{'mmio stale data'} (CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166)",
7ee2eec3	39	"retbleed" => "$Lang::tr{'retbleed'} (CVE-2022-29900, CVE-2022-29901)",
edc78459	40	"spec_rstack_overflow" => "$Lang::tr{'spec rstack overflow'} (CVE-2023-20569)",
65871d1a MT	41	"spec_store_bypass" => "$Lang::tr{'spectre variant 4'} (CVE-2018-3639)",
	42	"spectre_v1" => "$Lang::tr{'spectre variant 1'} (CVE-2017-5753)",
	43	"spectre_v2" => "$Lang::tr{'spectre variant 2'} (CVE-2017-5715)",
e9c62e37	44	"srbds" => "$Lang::tr{'srbds'} (CVE-2020-0543)",
6fb52ca1	45	"tsx_async_abort" => "$Lang::tr{'taa zombieload2'} (CVE-2019-11135)",
65871d1a MT	46	);
	47
	48	my $errormessage = "";
	49	my $notice = "";
	50
	51	my %mainsettings = ();
	52	my %color = ();
	53	&General::readhash("${General::swroot}/main/settings", \%mainsettings);
8186b372	54	&General::readhash("/srv/web/ipfire/html/themes/ipfire/include/colors.txt", \%color);
65871d1a MT	55
	56	my %settings = (
	57	"ENABLE_SMT" => "auto",
	58	);
	59	&General::readhash("${General::swroot}/main/security", \%settings);
	60
	61	&Header::showhttpheaders();
	62
	63	&Header::getcgihash(\%settings);
	64
	65	if ($settings{'ACTION'} eq $Lang::tr{'save'}) {
	66	if ($settings{'ENABLE_SMT'} !~ /^(auto\|on)$/) {
	67	$errormessage = $Lang::tr{'invalid input'};
	68	}
	69
	70	unless ($errormessage) {
	71	&General::writehash("${General::swroot}/main/security", \%settings);
	72	$notice = $Lang::tr{'please reboot to apply your changes'};
	73	}
	74	}
	75
	76	my %checked = ();
	77	$checked{'ENABLE_SMT'}{'auto'} = '';
	78	$checked{'ENABLE_SMT'}{'on'} = '';
	79	$checked{'ENABLE_SMT'}{$settings{'ENABLE_SMT'}} = "checked";
	80
	81	&Header::openpage($Lang::tr{'processor vulnerability mitigations'}, 1, '');
	82
	83	&Header::openbigbox("100%", "left", "", $errormessage);
	84
	85	if ($errormessage) {
	86	&Header::openbox('100%', 'left', $Lang::tr{'error messages'});
	87	print "<font color='red'>$errormessage</font>";
	88	&Header::closebox();
	89	}
	90
	91	if ($notice) {
	92	&Header::openbox('100%', 'left', $Lang::tr{'notice'});
	93	print "<font color='red'>$notice</font>";
	94	&Header::closebox();
	95	}
	96
	97	&Header::openbox('100%', 'center', $Lang::tr{'processor vulnerability mitigations'});
	98
	99	print <<END;
	100	<table class="tbl" width='100%'>
	101	<thead>
	102	<tr>
	103	<th align="center">
	104	<strong>$Lang::tr{'vulnerability'}</strong>
	105	</th>
	106	<th align="center">
	107	<strong>$Lang::tr{'status'}</strong>
	108	</th>
	109	</tr>
	110	</thead>
	111	<tbody>
	112	END
	113
	114	my $id = 0;
	115	for my $vuln (sort keys %VULNERABILITIES) {
	116	my ($status, $message) = &check_status($vuln);
	117	next if (!$status);
	118
119	my $colour = "";
120	my $bgcolour = "";
121	my $status_message = "";
122
123	# Not affected
124	if ($status eq "Not affected") {
125	$status_message = $Lang::tr{'not affected'};
126	$colour = "white";
29abc2d0	127	$bgcolour = ${Header::colourgreen};
65871d1a MT	128
	129	# Vulnerable
	130	} elsif ($status eq "Vulnerable") {
	131	$status_message = $Lang::tr{'vulnerable'};
	132	$colour = "white";
	133	$bgcolour = ${Header::colourred};
	134
	135	# Mitigated
	136	} elsif ($status eq "Mitigation") {
	137	$status_message = $Lang::tr{'mitigated'};
984a6cab	138	$colour = "white";
29abc2d0	139	$bgcolour = ${Header::colourblue};
65871d1a	140
984a6cab	141	# Unknown report from kernel
65871d1a	142	} else {
b23db9b9	143	$status_message = $status;
984a6cab AF	144	$colour = "black";
984a6cab AF	145	$bgcolour = ${Header::colouryellow};
65871d1a MT	146	}
	147
	148	my $table_colour = ($id++ % 2) ? $color{'color22'} : $color{'color20'};
	149
	150	print <<END;
	151	<tr bgcolor="$table_colour">
	152	<td align="left">
	153	<strong>$VULNERABILITIES{$vuln}</strong>
	154	</td>
	155
	156	<td bgcolor="$bgcolour" align="center">
	157	<font color="$colour">
	158	END
	159	if ($message) {
e896a9bd	160	print "<strong>$status_message</strong> - $message";
65871d1a MT	161	} else {
	162	print "<strong>$status_message</strong>";
	163	}
	164
	165	print <<END;
	166	</font>
	167	</td>
	168	</tr>
	169	END
	170	}
	171
	172	print <<END;
	173	</tbody>
	174	</table>
	175	END
	176
	177	&Header::closebox();
	178
	179	print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n";
	180
	181	&Header::openbox('100%', 'center', $Lang::tr{'settings'});
	182
1cbcd044 MT	183	my $smt_status = &smt_status();
1cbcd044 MT	184
65871d1a	185	print <<END;
8494102a	186	<table class="tbl" width="100%">
65871d1a	187	<tbody>
1cbcd044 MT	188	<tr>
	189	<th colspan="2" align="center">
	190	<strong>$smt_status</strong>
	191	</th>
	192	</tr>
	193
65871d1a MT	194	<tr>
65871d1a MT	195	<td width="50%" align="left">
1cbcd044	196	$Lang::tr{'enable smt'}
65871d1a MT	197	</td>
	198
	199	<td width="50%" align="center">
	200	<label>
	201	<input type="radio" name="ENABLE_SMT"
	202	value="auto" $checked{'ENABLE_SMT'}{'auto'}>
	203	$Lang::tr{'automatic'}
	204	</label> /
	205	<label>
	206	<input type="radio" name="ENABLE_SMT"
	207	value="on" $checked{'ENABLE_SMT'}{'on'}>
	208	$Lang::tr{'force enable'} ($Lang::tr{'dangerous'})
	209	</label>
	210	</td>
	211	</tr>
	212
	213	<tr>
	214	<td colspan="2" align="right">
	215	<input type="submit" name="ACTION" value="$Lang::tr{'save'}">
	216	</td>
	217	</tr>
	218	</tbody>
	219	</table>
	220	END
	221
	222	&Header::closebox();
	223
	224	print "</form>\n";
	225
	226	&Header::closebigbox();
	227
	228	&Header::closepage();
	229
	230	sub check_status($) {
	231	my $vuln = shift;
	232
	233	open(FILE, "/sys/devices/system/cpu/vulnerabilities/$vuln") or return undef;
	234	my $status = <FILE>;
	235	close(FILE);
	236
e896a9bd AF	237	chomp($status);
e896a9bd AF	238
413f84e9	239	# Fix status when something has been mitigated, but not fully, yet
b23db9b9	240	if ($status =~ /^(Mitigation): (.vulnerable.)$/) {
e896a9bd	241	return ("Vulnerable", $status);
b23db9b9 AF	242	}
b23db9b9 AF	243
a96bcf41	244	if ($status =~ /^(Vulnerable\|Mitigation): (.*)$/) {
65871d1a	245	return ($1, $2);
66c36198	246	}
65871d1a MT	247
	248	return $status;
	249	}
1cbcd044 MT	250
	251	sub smt_status() {
	252	open(FILE, "/sys/devices/system/cpu/smt/control");
	253	my $status = <FILE>;
	254	close(FILE);
	255
	256	chomp($status);
	257
	258	if ($status eq "on") {
	259	return $Lang::tr{'smt enabled'};
	260	} elsif (($status eq "off") \|\| ($status eq "forceoff")) {
	261	return $Lang::tr{'smt disabled'};
	262	} elsif ($status eq "notsupported") {
	263	return $Lang::tr{'smt not supported'};
	264	}
	265
	266	return $status;
	267	}