Contents

require 'hybrid_platforms_conductor/test_only_remote_node'

module HybridPlatformsConductor

  module HpcPlugins

    module Test

      # Test that the vulnerabilities Spectre and Meltdown are patched
      class Spectre < TestOnlyRemoteNode

        VULNERABILITIES_TO_CHECK = {
          'CVE-2017-5753' => 'Spectre Variant 1',
          'CVE-2017-5715' => 'Spectre Variant 2',
          'CVE-2017-5754' => 'Meltdown'
        }

        # Check my_test_plugin.rb.sample documentation for signature details.
        def test_on_node
          spectre_cmd = <<~EO_BASH
            #{@actions_executor.sudo_prefix(@node)}/bin/bash <<'EOAction'
            #{File.read("#{__dir__}/spectre-meltdown-checker.sh")}
            EOAction
          EO_BASH
          {
            spectre_cmd => {
              validator: proc do |stdout|
                VULNERABILITIES_TO_CHECK.each do |id, name|
                  id_regexp = /#{Regexp.escape(id)}/
                  status_idx = stdout.index { |line| line =~ id_regexp }
                  if status_idx.nil?
                    error "Unable to find vulnerability section #{id}"
                  else
                    status_idx += 1 while !stdout[status_idx].nil? && stdout[status_idx] !~ /STATUS:[^A-Z]+([A-Z ]+)/
                    if stdout[status_idx].nil?
                      error "Unable to find vulnerability status for #{id}"
                    else
                      status = Regexp.last_match(1).strip
                      error "Status for #{name}: #{status}" if status != 'NOT VULNERABLE'
                    end
                  end
                end
              end,
              timeout: 30
            }
          }
        end

      end

    end

  end

end

Version data entries

17 entries across 17 versions & 1 rubygems

Version	Path
hybrid_platforms_conductor-33.9.5	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.9.4	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.9.2	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.9.1	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.9.0	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.8.4	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.8.3	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.8.2	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.8.1	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.8.0	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.7.4	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.7.3	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.7.2	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.7.1	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.7.0	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.6.0	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb
hybrid_platforms_conductor-33.5.1	lib/hybrid_platforms_conductor/hpc_plugins/test/spectre.rb