Stéphane Lesimple

In order to dig the issue, could you run the script in very verbose mode (using `-v -v`) under the two setups you described (the 2 different versions of the...

Well, this is not a bug from the script, the "oldest" microcode_ctl package you tried actually contains a more recent version of the microcode for your CPU than the "newer"...

It is way too soon to be able to implement anything regarding BranchScope, but I'll watch closely news about this and we'll see what the future brings. If/when mitigations for...

Thanks, leaving this open with the proper label to avoid having other issues opened about it!

Thanks for your report. Do you have `/proc/xen/capabilities` inside the LXC container? That's how the script can tell apart between a `domU` and a `dom0`. If you do, could you...

Interesting. It's probably not easy _by design_ to guess that you're either in a dom0 or domU from inside a LXC, as it's also what containers are for : hiding...

Last time I checked (weeks ago, so it might have changed), the fix for non-64 ARM wasn't ready yet. What is the kernel version you're using so I can check...

Can you check the `arm` branch? It should detect it now on ARM arch (not ARM64, which was already implemented)

This has been included in the v0.38 release, to avoid delaying it further. Please comment if you can confirm it works as expected under a native ARM 32 system (not...

The script detects kernels containing those commits for spectre-v1 http://git.arm.linux.org.uk/cgit/linux-arm.git/log/?h=spectre, these are the same than the ones @V10lator was pointing out (https://github.com/V10lator/CHIP-linux/commits/4.4.13-v10?after=cd8fbfdd8ee9b1e4fa27b6b81e60f4911bc81863+0). These are also included in v4.18-rc8. I don't...