peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-02 05:07:07 +02:00
Code Issues Projects Releases Wiki Activity

feat: add CVE-2019-11135 (TAA) mitigation detection under BSD

Browse Source
This commit is contained in:
Stéphane Lesimple
2026-03-31 22:35:27 +02:00
parent 0628a3e565
commit 2b603c68ce
1 changed files with 51 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
src/vulns/CVE-2019-11135.sh
View File

@@ -87,10 +87,57 @@ check_CVE_2019_11135_linux() {
# CVE-2019-11135 TAA (TSX asynchronous abort) - BSD mitigation check # CVE-2019-11135 TAA (TSX asynchronous abort) - BSD mitigation check
check_CVE_2019_11135_bsd() { check_CVE_2019_11135_bsd() {
if ! is_cpu_affected "$cve"; then local taa_enable taa_state mds_disable kernel_taa kernel_mds
# override status & msg in case CPU is not vulnerable after all pr_info_nol "* Kernel supports TAA mitigation (machdep.mitigations.taa.enable): "
pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected" taa_enable=$(sysctl -n machdep.mitigations.taa.enable 2>/dev/null)
if [ -n "$taa_enable" ]; then
kernel_taa=1
case "$taa_enable" in
0) pstatus yellow YES "disabled" ;;
1) pstatus green YES "TSX disabled via MSR" ;;
2) pstatus green YES "VERW mitigation" ;;
3) pstatus green YES "auto" ;;
*) pstatus yellow YES "unknown value: $taa_enable" ;;
esac
else else
pvulnstatus "$cve" UNK "your CPU is affected, but mitigation detection has not yet been implemented for BSD in this script" kernel_taa=0
pstatus yellow NO
fi
pr_info_nol "* TAA mitigation state: "
taa_state=$(sysctl -n machdep.mitigations.taa.state 2>/dev/null)
if [ -n "$taa_state" ]; then
if echo "$taa_state" | grep -qi 'not.affected\|mitigation'; then
pstatus green YES "$taa_state"
else
pstatus yellow NO "$taa_state"
fi
else
# fallback: TAA is also mitigated by MDS VERW if enabled
mds_disable=$(sysctl -n hw.mds_disable 2>/dev/null)
if [ -z "$mds_disable" ]; then
mds_disable=$(sysctl -n machdep.mitigations.mds.disable 2>/dev/null)
fi
if [ -n "$mds_disable" ] && [ "$mds_disable" != 0 ]; then
kernel_mds=1
pstatus green YES "MDS VERW mitigation active (also covers TAA)"
else
kernel_mds=0
pstatus yellow NO "no TAA or MDS sysctl found"
fi
fi
if ! is_cpu_affected "$cve"; then
pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected"
elif [ "$kernel_taa" = 1 ] && [ "$taa_enable" != 0 ]; then
pvulnstatus "$cve" OK "TAA mitigation is enabled"
elif [ "$kernel_mds" = 1 ]; then
pvulnstatus "$cve" OK "MDS VERW mitigation is active and also covers TAA"
elif [ "$kernel_taa" = 1 ] && [ "$taa_enable" = 0 ]; then
pvulnstatus "$cve" VULN "TAA mitigation is supported but disabled"
explain "To enable TAA mitigation, run \`sysctl machdep.mitigations.taa.enable=3' for auto mode.\n " \
"To make this persistent, add 'machdep.mitigations.taa.enable=3' to /etc/sysctl.conf."
else
pvulnstatus "$cve" VULN "your kernel doesn't support TAA mitigation, update it"
fi fi
} }