fix(bsd): load vmm if not already loaded, fixes #274

As we read sysctl values under the vmm hierarchy, the modules needs to be loaded, so if not already done, we load it before testing for CVE-2018-3620 and CVE-2018-3646
2025-10-31 04:30:57 +01:00 · 2019-04-19 19:47:04 +02:00
parent fc4981bb94
commit 23e7db044e
1 changed files with 7 additions and 0 deletions
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -27,6 +27,7 @@ exit_cleanup()
 	[ "$insmod_cpuid"    = 1 ] && rmmod cpuid 2>/dev/null
 	[ "$insmod_msr"      = 1 ] && rmmod msr 2>/dev/null
 	[ "$kldload_cpuctl"  = 1 ] && kldunload cpuctl 2>/dev/null
+	[ "$kldload_vmm"     = 1 ] && kldunload vmm    2>/dev/null
 }

 # if we were git clone'd, adjust VERSION
@@ -3741,6 +3742,12 @@ check_CVE_2018_3620_linux()
 check_CVE_2018_3620_bsd()
 {
 	_info_nol "* Kernel reserved the memory page at physical address 0x0: "
+	if ! kldstat -q -m vmm; then
+		kldload vmm 2>/dev/null && kldload_vmm=1
+		_debug "attempted to load module vmm, kldload_vmm=$kldload_vmm"
+	else
+		_debug "vmm module already loaded"
+	fi
 	if sysctl hw.vmm.vmx.l1d_flush >/dev/null 2>&1; then
 		# https://security.FreeBSD.org/patches/SA-18:09/l1tf-11.2.patch
 		# this is very difficult to detect that the kernel reserved the 0 page, but this fix