peter/spectre-meltdown-checker
peter
/
spectre-meltdown-checker
mirror of https://github.com/speed47/spectre-meltdown-checker.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

L1TF/Linux: More fixes to /sys based hypervisor detection 

We are now able to figure out whether or not we are running an hypervisor
(at least potentially) via /sys, so let's actually use that information.

This commit makes sure that, both when running with no options and with
`--sysfs-only`, finding 'VMX' inside the L1TF sysfs vulnerability file
is enough for calling the system a virtualization host.
This commit is contained in:
Dario Faggioli 2019-04-18 17:02:37 +02:00
parent e819a27939
commit 0421aea53f
1 changed files with 44 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
spectre-meltdown-checker.sh
View File

@ -3792,9 +3792,8 @@ check_CVE_2018_3646_linux()
has_vmm=1;
fi
fi
if [ "$opt_sysfs_only" != 1 ]; then
_info_nol "* This system is a host running a hypervisor: "
if [ "$has_vmm" = -1 ]; then
if [ "$has_vmm" = -1 ] && [ "$opt_sysfs_only" != 1 ]; then
# Assumed to be running on bare metal unless evidence of vm is found.
has_vmm=0
# if we have the 'kvm_intel' module loaded, well, we defintely can run VMs!
@ -3846,6 +3845,7 @@ check_CVE_2018_3646_linux()
fi
fi
if [ "$opt_sysfs_only" != 1 ]; then
_info "* Mitigation 1 (KVM)"
_info_nol " * EPT is disabled: "
if [ "$opt_live" = 1 ]; then