Sha256: b6123834c6b60ded11bb5526907842585792377b2e61c3df6bba8709a3fc84c8
Contents?: true
Size: 1.67 KB
Versions: 16
Compression:
Stored size: 1.67 KB
Contents
module HybridPlatformsConductor
module HpcPlugins
module Test
# Test that the vulnerabilities Spectre and Meltdown are patched
class Spectre < HybridPlatformsConductor::Test
VULNERABILITIES_TO_CHECK = {
'CVE-2017-5753' => 'Spectre Variant 1',
'CVE-2017-5715' => 'Spectre Variant 2',
'CVE-2017-5754' => 'Meltdown'
}
# Check my_test_plugin.rb.sample documentation for signature details.
def test_on_node
spectre_cmd = <<~EOS
#{@nodes_handler.sudo_on(@node)} /bin/bash <<'EOAction'
#{File.read("#{__dir__}/spectre-meltdown-checker.sh")}
EOAction
EOS
{
spectre_cmd => {
validator: proc do |stdout|
VULNERABILITIES_TO_CHECK.each do |id, name|
id_regexp = /#{Regexp.escape(id)}/
status_idx = stdout.index { |line| line =~ id_regexp }
if status_idx.nil?
error "Unable to find vulnerability section #{id}"
else
while !stdout[status_idx].nil? && !(stdout[status_idx] =~ /STATUS:[^A-Z]+([A-Z ]+)/)
status_idx += 1
end
if stdout[status_idx].nil?
error "Unable to find vulnerability status for #{id}"
else
status = $1.strip
error "Status for #{name}: #{status}" if status != 'NOT VULNERABLE'
end
end
end
end,
timeout: 30
}
}
end
end
end
end
end
Version data entries
16 entries across 16 versions & 1 rubygems