Sha256: 286d5c1bdfe1b95ac2a5a3c2a9932e54bdf75066db9b0cfb9660be7a27885dee
Contents?: true
Size: 1.64 KB
Versions: 4
Compression:
Stored size: 1.64 KB
Contents
module HybridPlatformsConductor
module HpcPlugins
module Test
# Test that the vulnerabilities Spectre and Meltdown are patched
class Spectre < HybridPlatformsConductor::Test
VULNERABILITIES_TO_CHECK = {
'CVE-2017-5753' => 'Spectre Variant 1',
'CVE-2017-5715' => 'Spectre Variant 2',
'CVE-2017-5754' => 'Meltdown'
}
SPECTRE_CMD = <<~EOS
sudo /bin/bash <<'EOAction'
#{File.read("#{__dir__}/spectre-meltdown-checker.sh")}
EOAction
EOS
# Check my_test_plugin.rb.sample documentation for signature details.
def test_on_node
{
SPECTRE_CMD => {
validator: proc do |stdout|
VULNERABILITIES_TO_CHECK.each do |id, name|
id_regexp = /#{Regexp.escape(id)}/
status_idx = stdout.index { |line| line =~ id_regexp }
if status_idx.nil?
error "Unable to find vulnerability section #{id}"
else
while !stdout[status_idx].nil? && !(stdout[status_idx] =~ /STATUS:[^A-Z]+([A-Z ]+)/)
status_idx += 1
end
if stdout[status_idx].nil?
error "Unable to find vulnerability status for #{id}"
else
status = $1.strip
error "Status for #{name}: #{status}" if status != 'NOT VULNERABLE'
end
end
end
end,
timeout: 30
}
}
end
end
end
end
end
Version data entries
4 entries across 4 versions & 1 rubygems