Skip to content

Push 2026 01 23#1000

Merged
rdementi merged 21 commits intomasterfrom
push-2026-01-23
Jan 26, 2026
Merged

Push 2026 01 23#1000
rdementi merged 21 commits intomasterfrom
push-2026-01-23

Conversation

@rdementi
Copy link
Copy Markdown
Contributor

@rdementi rdementi commented Jan 23, 2026

No description provided.

rdementi and others added 21 commits December 11, 2025 14:13
@rdementi
support 64-bit bar
d1ef252 
Change-Id: Id95df391f74b819b8ae379211b543cc1ab024b01
@rdementi
Update src/pci.h
d1df076 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rdementi
Update src/pci.h
2a41764 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rdementi
print offsets in hex
fbaddac 
Change-Id: Id6c3901fa6488247cecad955ac83ec70ccfe7a6b
@rdementi
Update src/pci.h
1ebd398 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@rdementi
extend UncorePMUDiscovery to support dies
e6e1cda 
Change-Id: I2b2b8a80fc28aa4386b0ae892de8942fc8a9de16
@rdementi
Merge remote-tracking branch 'opcm-github/master'
fcabd4a 
Change-Id: I06ce53b789c378b52520f777dad1e4e5ad251b20
@markovamaria
Add compiler security hardening flags
07ee683 
Linux: -fstack-protector-strong, -z,relro, -z,now, -z,noexecstack
Windows: /GS, /Gy, /DYNAMICBASE, /NXCOMPAT, /Qspectre, /W4
@markovamaria @rdementi
SDL438: follow Bandit guidance
c280c05 
Fix 4 HIGH severity command injection vulnerabilities (B602/CWE-78) in pmu-query.py
@markovamaria
Protect software against DLL injections (for WinRing0 dlls)
fd65f86 
Usage of LoadLibraryEx function with LOAD_LIBRARY_SEARCH_SYSTEM32 is added
@rdementi
dump more fields in the dvsec header
d2537bb 
Change-Id: Ib7b72f15a9da50ecda149ed7611e6c076969c369
@markovamaria @rdementi
SDL330: Protect critical file operations against symlink attacks
d1c0b32 
Add O_NOFOLLOW flags and symlink validation to MSR, PCI, SysFS, and daemon
file operations to prevent privilege escalation via symlink redirects.
@markovamaria @rdementi
Fix TOCTOU vulnerabilities for SDL330 symlink protection
df3967b 
- daemon.cpp: Use unlink()+open(O_EXCL|O_NOFOLLOW) in setupSharedMemory (CID 8073804)
- utils.cpp: Use open(O_NOFOLLOW)+fdopen() in tryOpen (CID 8073803)
@rdementi
Update src/msr.cpp
a603426 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@markovamaria @rdementi
Eliminate TOCTOU race with O_EXCL-first retry loop in daemon
110ccba 
Replace upfront unlink() with atomic O_EXCL attempt first, retry on
EEXIST with max 3 attempts to prevent both race conditions and DoS.
@markovamaria @rdementi
SDL330: Add ELOOP check for /dev/cpu/*/msr and define retry constant
2f46ce8
@rdementi
tpmi: the vsec address is in 8-byte units
c4afa30
@twillhal
typos fixed
ad80d93
@markovamaria
Add Bandit security scan workflow
effd2dc 
- Run Bandit only when Python files or config changes
- Exclude submodules from scan
- Fail CI on any security issues detected
@rdementi
Merge remote-tracking branch 'opcm-github/master'
3ceef2f 
Change-Id: I9aa1c7c47d5755255026579e88182030f0798523
@rdementi
add CI repo restriction
4803bfc 
Change-Id: I883bf8ae288e2d1fda359eff0f4ce4f39901dba5
@rdementi rdementi merged commit 448e026 into master Jan 26, 2026
47 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@opcm opcm opcm approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rdementi @opcm @markovamaria @twillhal