mirror of
https://github.com/prometheus/node_exporter.git
synced 2024-12-22 16:36:07 +01:00
0e77317955
* github.com/ema/qdisc * github.com/mdlayher/genetlink * github.com/mdlayher/wifi Signed-off-by: Ben Kochie <superq@gmail.com>
85 lines
2.2 KiB
Go
85 lines
2.2 KiB
Go
// Copyright 2019 The Prometheus Authors
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package sysfs
|
|
|
|
import (
|
|
"fmt"
|
|
"io/ioutil"
|
|
"path/filepath"
|
|
"strings"
|
|
)
|
|
|
|
const (
|
|
notAffected = "Not Affected"
|
|
vulnerable = "Vulnerable"
|
|
mitigation = "Mitigation"
|
|
)
|
|
|
|
// CPUVulnerabilities retrieves a map of vulnerability names to their mitigations.
|
|
func (fs FS) CPUVulnerabilities() ([]Vulnerability, error) {
|
|
matches, err := filepath.Glob(fs.sys.Path("devices/system/cpu/vulnerabilities/*"))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
vulnerabilities := make([]Vulnerability, 0, len(matches))
|
|
for _, match := range matches {
|
|
name := filepath.Base(match)
|
|
|
|
value, err := ioutil.ReadFile(match)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
v, err := parseVulnerability(name, string(value))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
vulnerabilities = append(vulnerabilities, v)
|
|
}
|
|
|
|
return vulnerabilities, nil
|
|
}
|
|
|
|
// Vulnerability represents a single vulnerability extracted from /sys/devices/system/cpu/vulnerabilities/
|
|
type Vulnerability struct {
|
|
CodeName string
|
|
State string
|
|
Mitigation string
|
|
}
|
|
|
|
func parseVulnerability(name, value string) (Vulnerability, error) {
|
|
v := Vulnerability{CodeName: name}
|
|
value = strings.TrimSpace(value)
|
|
if value == notAffected {
|
|
v.State = notAffected
|
|
return v, nil
|
|
}
|
|
|
|
if strings.HasPrefix(value, vulnerable) {
|
|
v.State = vulnerable
|
|
v.Mitigation = strings.TrimPrefix(strings.TrimPrefix(value, vulnerable), ": ")
|
|
return v, nil
|
|
}
|
|
|
|
if strings.HasPrefix(value, mitigation) {
|
|
v.State = mitigation
|
|
v.Mitigation = strings.TrimPrefix(strings.TrimPrefix(value, mitigation), ": ")
|
|
return v, nil
|
|
}
|
|
|
|
return v, fmt.Errorf("unknown vulnerability state for %s: %s", name, value)
|
|
}
|