Message ID | Qnv2d9veC0SXJimwcILw0UislAW8WkkHHDTmEn8RNRI-jmuH3nFOcMI7z0YLHifpvjyoA4CCLYLk92cQ651b-UUWMRUCgvtpXQH5dMs5eHM=@protonmail.com |
---|---|
State | New |
Headers | show |
Series | [bug#49898,v3] gnu: Add spectre-meltdown-checker. | expand |
Context | Check | Description |
---|---|---|
cbaines/comparison | success | View comparision |
cbaines/git branch | success | View Git branch |
cbaines/applying patch | success | View Laminar job |
cbaines/issue | success | View issue |
Hi, Am Sonntag, den 08.08.2021, 11:05 +0000 schrieb phodina: > Yes, it's unfortunately well hidden and there seems to be a mix of > tools also available only for BSD. I wanted to run it in pure > environment and with =-e= but there are many condtitions that exit at > once. I don't think the BSD ones should be too much of an issue, but if we ever decide to ship a BSD kernel, that might become relevant. > So I went throught the whole script and listed the commands. > Not sure regarding the admin priviledges. I'll create issue on the > upstream regarding the requirements. The Dockerfile gives some hints > but it's not exhaustive. As far as I can see, I don't think it claims sudo on your behalf, so that should be fine. > ----------------------------------------------------- > > * gnu/packages/linux.scm (spectre-meltdown-checker): New variable. > > diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm > index 4ca2a386e1..24f7d43b33 100644 > --- a/gnu/packages/linux.scm > +++ b/gnu/packages/linux.scm > @@ -53,6 +53,7 @@ > ;;; Copyright © 2020 pukkamustard <pukkamustard@posteo.net> > ;;; Copyright © 2021 B. Wilson <elaexuotee@wilsonb.com> > ;;; Copyright © 2021 Ivan Gankevich <i.gankevich@spbu.ru> > +;;; Copyright © 2021 Petr Hodina <phodina@protonmail.com> > ;;; > ;;; This file is part of GNU Guix. > ;;; > @@ -137,6 +138,7 @@ > #:use-module (gnu packages video) > #:use-module (gnu packages vulkan) > #:use-module (gnu packages web) > + #:use-module (gnu packages wget) > #:use-module (gnu packages xiph) > #:use-module (gnu packages xml) > #:use-module (gnu packages xdisorg) > @@ -148,6 +150,7 @@ > #:use-module (guix build-system cmake) > #:use-module (guix build-system gnu) > #:use-module (guix build-system go) > + #:use-module (guix build-system copy) > #:use-module (guix build-system meson) > #:use-module (guix build-system python) > #:use-module (guix build-system trivial) > @@ -7191,6 +7194,44 @@ interfaces in parallel environments.") > (supported-systems '("i686-linux" "x86_64-linux")) > (license (list license:bsd-2 license:gpl2)))) ;dual > > +(define-public spectre-meltdown-checker > +(package > + (name "spectre-meltdown-checker") > + (version "0.44") > + (source (origin > + (method git-fetch) > + (uri (git-reference > + (url " > https://github.com/speed47/spectre-meltdown-checker") > + (commit (string-append "v" version)))) > + (file-name (git-file-name name version)) > + (sha256 > + (base32 > + "1b47wlc52jnp2d5c7kbqnxmlm4g3cfbv25q30llv5mlmzs6d7bam" > )))) > + (build-system copy-build-system) > + (arguments > + `(#:install-plan '(("spectre-meltdown-checker.sh" > + "bin/spectre-meltdown-checker.sh")))) > + (inputs `(("binutils" ,binutils) > + ("coreutils",coreutils) > + ("gawk" ,gawk) > + ("gzip" ,gzip) > + ("lzop" ,lzop) > + ("perl" ,perl) > + ("procps" ,procps) > + ("sqlite" ,sqlite) > + ("util-linux" ,util-linux) > + ("util-linux-with-udev" ,util-linux+udev) Why both? > + ("wget" ,wget) > + ("which" ,which) > + ("xz" ,xz) > + ("zstd" ,zstd))) Are you sure that mere presence of these packages as inputs will do anything to patch them? Because I'm not so much. Regards
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm index 4ca2a386e1..24f7d43b33 100644 --- a/gnu/packages/linux.scm +++ b/gnu/packages/linux.scm @@ -53,6 +53,7 @@ ;;; Copyright © 2020 pukkamustard <pukkamustard@posteo.net> ;;; Copyright © 2021 B. Wilson <elaexuotee@wilsonb.com> ;;; Copyright © 2021 Ivan Gankevich <i.gankevich@spbu.ru> +;;; Copyright © 2021 Petr Hodina <phodina@protonmail.com> ;;; ;;; This file is part of GNU Guix. ;;; @@ -137,6 +138,7 @@ #:use-module (gnu packages video) #:use-module (gnu packages vulkan) #:use-module (gnu packages web) + #:use-module (gnu packages wget) #:use-module (gnu packages xiph) #:use-module (gnu packages xml) #:use-module (gnu packages xdisorg) @@ -148,6 +150,7 @@ #:use-module (guix build-system cmake) #:use-module (guix build-system gnu) #:use-module (guix build-system go) + #:use-module (guix build-system copy) #:use-module (guix build-system meson) #:use-module (guix build-system python) #:use-module (guix build-system trivial) @@ -7191,6 +7194,44 @@ interfaces in parallel environments.") (supported-systems '("i686-linux" "x86_64-linux")) (license (list license:bsd-2 license:gpl2)))) ;dual +(define-public spectre-meltdown-checker +(package + (name "spectre-meltdown-checker") + (version "0.44") + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/speed47/spectre-meltdown-checker") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "1b47wlc52jnp2d5c7kbqnxmlm4g3cfbv25q30llv5mlmzs6d7bam")))) + (build-system copy-build-system) + (arguments + `(#:install-plan '(("spectre-meltdown-checker.sh" + "bin/spectre-meltdown-checker.sh")))) + (inputs `(("binutils" ,binutils) + ("coreutils",coreutils) + ("gawk" ,gawk) + ("gzip" ,gzip) + ("lzop" ,lzop) + ("perl" ,perl) + ("procps" ,procps) + ("sqlite" ,sqlite) + ("util-linux" ,util-linux) + ("util-linux-with-udev" ,util-linux+udev) + ("wget" ,wget) + ("which" ,which) + ("xz" ,xz) + ("zstd" ,zstd))) + (synopsis "Spectre, Meltdown ... vulnerability/mitigation checker") + (description "A shell script to assess your system's resilience against +the several transient execution CVEs that were published since early 2018, +and give you guidance as to how to mitigate them.") + (home-page "https://github.com/speed47/spectre-meltdown-checker") + (license license:gpl3))) + (define-public snapscreenshot (package (name "snapscreenshot")