[pve-devel] [PATCH manager 9/9] report: add microcode info to better assess possible system impacts
Stoiko Ivanov
s.ivanov at proxmox.com
Fri Mar 22 17:44:17 CET 2024
On Fri, 22 Mar 2024 14:59:33 +0100
Alexander Zeidler <a.zeidler at proxmox.com> wrote:
> * list availability and installation status of `*microcode` packages
> * grep for applied "Early OS Microcode Updates"
> * grep for (un)patched CPU vulnerability messages
>
> Signed-off-by: Alexander Zeidler <a.zeidler at proxmox.com>
> ---
> PVE/Report.pm | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/PVE/Report.pm b/PVE/Report.pm
> index fe497b43..18c554ec 100644
> --- a/PVE/Report.pm
> +++ b/PVE/Report.pm
> @@ -108,6 +108,8 @@ my $init_report_cmds = sub {
> 'dmidecode -t bios -q',
> 'dmidecode -t memory | grep -E "Capacity|Devices|Size|Manu|Part" | sed -Ez "s/\n\t(M|P)[^:]*: (\S*)/\t\2/g" | sort',
> 'lscpu',
> + 'apt list *microcode 2>/dev/null | column -tL',
While `apt` works really well and its output hasn't changed since I
started using it (wheezy or jessie) - I still want to mention it's output
when piping:
```
WARNING: apt does not have a stable CLI interface. Use with caution in
scripts. ```
potentially consider either using our code directly or switching to
`dpkg -l`?
(but as said `apt` has been pretty stable, and we simply dump the output -
so probably the warning is not too relevant here)
> + 'dmesg | grep -i "microcode\|vuln"',
> 'lspci -nnk',
> ],
> },
More information about the pve-devel
mailing list