Skip to content

Instantly share code, notes, and snippets.

@wallentx

wallentx/lscpu-yaml

Last active August 19, 2024 15:32
Show Gist options
  • Save wallentx/c25801deff9236b87ef91a07e0fd5927 to your computer and use it in GitHub Desktop.
Save wallentx/c25801deff9236b87ef91a07e0fd5927 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
lscpu-yaml
#!/usr/bin/env bash
CPU_INFO=$(
lscpu --hierarchic=never -J |
yq -pj -oy '.lscpu[] | .field |= sub(":$"; "") | . |= { (.field): .data }' |
yq -py -oj '.Flags |= (split(" ") | sort)' |
jq 'to_entries | .[0:16] | from_entries' |
yq -pj -oy '{"CPU": .}'
) \
FLAGS=$(
lscpu --hierarchic=never -J |
yq -pj -oy '.lscpu[] | .field |= sub(":$"; "") | . |= { (.field): .data }' |
yq -py -oj '.Flags |= (split(" ") | sort)' |
jq '{Flags}' |
yq -pj -oy
) \
ADDITIONAL_INFO=$(
lscpu --hierarchic=always -J | jq '
def transform: reduce .[] as $item ({};
.[$item.field | gsub(":$"; "")] =
if $item.children then
($item.children | transform)
else
$item.data
end
);
.lscpu |= transform |
{
"Virtualization features": .lscpu["Virtualization features"],
"Caches (sum of all)": .lscpu["Caches (sum of all)"],
"NUMA": .lscpu["NUMA"],
"Vulnerabilities": (
.lscpu["Vulnerabilities"] | with_entries(
.value |= (
if type == "string" and . == "Not affected" then
{"Status": "Not Affected"}
elif type == "string" and . == "KVM: Mitigation: VMX disabled" then
{"Status": "Mitigated", "Mitigations": ["KVM: Disable VMX"]}
elif type == "string" and contains("Mitigation;") then
{
"Status": "Mitigated",
"Mitigations": (
. | capture("Mitigation; (?<mitigations>.*)") | .mitigations
| split("; ")
| map(split(", ") | .[] | select(type == "string"))
| map(select(. | contains("Not affected") | not))
),
"Not Affected": (
. | capture("Mitigation; (?<mitigations>.*)") | .mitigations
| split("; ")
| map(split(", ") | .[] | select(type == "string"))
| map(select(. | contains("Not affected")) | sub(" Not affected"; ""))
)
}
| if (.["Not Affected"] | length > 0) then . else del(.["Not Affected"]) end
else
{"Status": "Not Affected"}
end
)
)
)
}
| .Vulnerabilities |= (
with_entries(
.value |= (
if .Mitigations then
.Vulnerable = (
.Mitigations | map(select(type == "string" and contains("vulnerable")) | sub(" vulnerable"; ""))
)
| .Mitigations |= (
. | map(select(type == "string" and contains("vulnerable") | not))
)
| if (.Vulnerable | length > 0) then
.Status = "Vulnerable"
else
.
end
else
.
end
)
)
)
| del(.Vulnerabilities[] | select(.Vulnerable | length == 0) | .Vulnerable)
'
) \
yq -n -P '
env(CPU_INFO) as $cpuInfo |
env(FLAGS) as $flags |
env(ADDITIONAL_INFO) as $additionalInfo |
$cpuInfo * $flags * $additionalInfo
'
Raw
output.yml
CPU:
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Address sizes: 46 bits physical, 48 bits virtual
Byte Order: Little Endian
CPU(s): "88"
On-line CPU(s) list: 0-87
Vendor ID: GenuineIntel
Model name: Intel(R) Xeon(R) CPU E5-2699A v4 @ 2.40GHz
CPU family: "6"
Model: "79"
Thread(s) per core: "2"
Core(s) per socket: "22"
Socket(s): "2"
Stepping: "1"
CPU(s) scaling MHz: 38%
CPU max MHz: "3600.0000"
Flags:
- 3dnowprefetch
- abm
- acpi
- adx
- aperfmperf
- apic
- arat
- arch_perfmon
- avx
- avx2
- bmi1
- bmi2
- bts
- cat_l3
- cdp_l3
- clflush
- cmov
- constant_tsc
- cpuid
- cpuid_fault
- cqm
- cqm_llc
- cqm_mbm_local
- cqm_mbm_total
- cqm_occup_llc
- cx16
- cx8
- dca
- de
- ds_cpl
- dtes64
- dtherm
- dts
- epb
- ept
- ept_ad
- erms
- est
- f16c
- flexpriority
- flush_l1d
- fma
- fpu
- fsgsbase
- fxsr
- hle
- ht
- ibpb
- ibrs
- ida
- intel_ppin
- intel_pt
- invpcid
- lahf_lm
- lm
- mca
- mce
- md_clear
- mmx
- monitor
- movbe
- msr
- mtrr
- nonstop_tsc
- nopl
- nx
- pae
- pat
- pbe
- pcid
- pclmulqdq
- pdcm
- pdpe1gb
- pebs
- pge
- pln
- pni
- popcnt
- pse
- pse36
- pti
- pts
- rdrand
- rdseed
- rdt_a
- rdtscp
- rep_good
- rtm
- sdbg
- sep
- smap
- smep
- smx
- ss
- ssbd
- sse
- sse2
- sse4_1
- sse4_2
- ssse3
- stibp
- syscall
- tm
- tm2
- tpr_shadow
- tsc
- tsc_adjust
- tsc_deadline_timer
- vme
- vmx
- vnmi
- vpid
- xsave
- xsaveopt
- xtopology
- xtpr
Virtualization features:
Virtualization: VT-x
Caches (sum of all):
L1d: 1.4 MiB (44 instances)
L1i: 1.4 MiB (44 instances)
L2: 11 MiB (44 instances)
L3: 110 MiB (4 instances)
NUMA:
NUMA node(s): "4"
NUMA node0 CPU(s): 0-10,44-54
NUMA node1 CPU(s): 11-21,55-65
NUMA node2 CPU(s): 22-32,66-76
NUMA node3 CPU(s): 33-43,77-87
Vulnerabilities:
Gather data sampling:
Status: Not Affected
Itlb multihit:
Status: Mitigated
Mitigations:
- 'KVM: Disable VMX'
L1tf:
Status: Vulnerable
Mitigations:
- PTE Inversion
- VMX conditional cache flushes
Vulnerable:
- SMT
Mds:
Status: Vulnerable
Mitigations:
- Clear CPU buffers
Vulnerable:
- SMT
Meltdown:
Status: Mitigated
Mitigations:
- PTI
Mmio stale data:
Status: Vulnerable
Mitigations:
- Clear CPU buffers
Vulnerable:
- SMT
Reg file data sampling:
Status: Not Affected
Retbleed:
Status: Not Affected
Spec rstack overflow:
Status: Not Affected
Spec store bypass:
Status: Mitigated
Mitigations:
- Speculative Store Bypass disabled via prctl
Spectre v1:
Status: Mitigated
Mitigations:
- usercopy/swapgs barriers and __user pointer sanitization
Spectre v2:
Status: Mitigated
Mitigations:
- Retpolines
- IBPB conditional
- IBRS_FW
- STIBP conditional
- RSB filling
Not Affected:
- PBRSB-eIBRS
- BHI
Srbds:
Status: Not Affected
Tsx async abort:
Status: Vulnerable
Mitigations:
- Clear CPU buffers
Vulnerable:
- SMT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment