peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2025-10-30 20:20:59 +01:00
Code Issues Projects Releases Wiki Activity

Merge 6f00ca89c3 into f8ca11e56a

Browse Source
This commit is contained in:
Claus Albøge
2018-01-08 14:24:30 +00:00
committed by GitHub
parent f8ca11e56a 6f00ca89c3
commit 1ef2e2ca81
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
spectre-meltdown-checker.sh
View File

@@ -2,6 +2,7 @@
# Spectre & Meltdown checker # Spectre & Meltdown checker
# Stephane Lesimple # Stephane Lesimple
VERSION=0.13 VERSION=0.13
exitcode=7
# print status function # print status function
pstatus() pstatus()
@@ -135,7 +136,7 @@ fi
/bin/echo -ne "> \033[46m\033[30mSTATUS:\033[0m " /bin/echo -ne "> \033[46m\033[30mSTATUS:\033[0m "
[ "$status" = 0 ] && pstatus yellow UNKNOWN [ "$status" = 0 ] && pstatus yellow UNKNOWN
[ "$status" = 1 ] && pstatus red VULNERABLE [ "$status" = 1 ] && pstatus red VULNERABLE
[ "$status" = 2 ] && pstatus green 'NOT VULNERABLE' [ "$status" = 2 ] && pstatus green 'NOT VULNERABLE' && exitcode=$((exitcode - 1))
########### ###########
# VARIANT 2 # VARIANT 2
@@ -232,10 +233,13 @@ fi
/bin/echo -ne "> \033[46m\033[30mSTATUS:\033[0m " /bin/echo -ne "> \033[46m\033[30mSTATUS:\033[0m "
if grep -q AMD /proc/cpuinfo; then if grep -q AMD /proc/cpuinfo; then
pstatus green "NOT VULNERABLE" "your CPU is not vulnerable as per the vendor" pstatus green "NOT VULNERABLE" "your CPU is not vulnerable as per the vendor"
exitcode=$((exitcode - 2))
elif [ "$ibrs_enabled" = 1 -o "$ibrs_enabled" = 2 ]; then elif [ "$ibrs_enabled" = 1 -o "$ibrs_enabled" = 2 ]; then
pstatus green "NOT VULNERABLE" "IBRS mitigates the vulnerability" pstatus green "NOT VULNERABLE" "IBRS mitigates the vulnerability"
exitcode=$((exitcode - 2))
elif [ "$retpoline" = 1 ]; then elif [ "$retpoline" = 1 ]; then
pstatus green "NOT VULNERABLE" "retpolines mitigate the vulnerability" pstatus green "NOT VULNERABLE" "retpolines mitigate the vulnerability"
exitcode=$((exitcode - 2))
else else
pstatus red VULNERABLE "IBRS hardware + kernel support OR kernel with retpolines are needed to mitigate the vulnerability" pstatus red VULNERABLE "IBRS hardware + kernel support OR kernel with retpolines are needed to mitigate the vulnerability"
fi fi
@@ -315,8 +319,10 @@ fi
/bin/echo -ne "> \033[46m\033[30mSTATUS:\033[0m " /bin/echo -ne "> \033[46m\033[30mSTATUS:\033[0m "
if grep -q AMD /proc/cpuinfo; then if grep -q AMD /proc/cpuinfo; then
pstatus green "NOT VULNERABLE" "your CPU is not vulnerable as per the vendor" pstatus green "NOT VULNERABLE" "your CPU is not vulnerable as per the vendor"
exitcode=$((exitcode - 4))
elif [ "$kpti_enabled" = 1 ]; then elif [ "$kpti_enabled" = 1 ]; then
pstatus green "NOT VULNERABLE" "PTI mitigates the vulnerability" pstatus green "NOT VULNERABLE" "PTI mitigates the vulnerability"
exitcode=$((exitcode - 4))
else else
pstatus red "VULNERABLE" "PTI is needed to mitigate the vulnerability" pstatus red "VULNERABLE" "PTI is needed to mitigate the vulnerability"
fi fi
@@ -324,3 +330,5 @@ fi
/bin/echo /bin/echo
[ -n "$vmlinux" -a -f "$vmlinux" ] && rm -f "$vmlinux" [ -n "$vmlinux" -a -f "$vmlinux" ] && rm -f "$vmlinux"
exit $exitcode