peter/spectre-meltdown-checker
peter
/
spectre-meltdown-checker
mirror of https://github.com/speed47/spectre-meltdown-checker.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

feat: use --live with --kernel/--config/--map to override file detection in live mode

This commit is contained in:
Stéphane Lesimple 2019-11-17 14:29:32 +01:00
parent cb279a49ec
commit 32376c4bf1
1 changed files with 31 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
spectre-meltdown-checker.sh
View File

@ -41,8 +41,9 @@ show_usage()
# shellcheck disable=SC2086 # shellcheck disable=SC2086
cat <<EOF cat <<EOF
Usage: Usage:
Live mode: $(basename $0) [options] [--live] Live mode (auto): $(basename $0) [options]
Offline mode: $(basename $0) [options] [--kernel <kernel_file>] [--config <kernel_config>] [--map <kernel_map_file>] Live mode (manual): $(basename $0) [options] <[--kernel <kimage>] [--config <kconfig>] [--map <mapfile>]> --live
Offline mode: $(basename $0) [options] <[--kernel <kimage>] [--config <kconfig>] [--map <mapfile>]>
Modes: Modes:
Two modes are available. Two modes are available.
@ -51,12 +52,16 @@ show_usage()
To run under this mode, just start the script without any option (you can also use --live explicitly) To run under this mode, just start the script without any option (you can also use --live explicitly)
Second mode is the "offline" mode, where you can inspect a non-running kernel. Second mode is the "offline" mode, where you can inspect a non-running kernel.
You'll need to specify the location of the kernel file, config and System.map files: This mode is automatically enabled when you specify the location of the kernel file, config and System.map files:
--kernel kernel_file specify a (possibly compressed) Linux or BSD kernel file --kernel kernel_file specify a (possibly compressed) Linux or BSD kernel file
--config kernel_config specify a kernel config file (Linux only) --config kernel_config specify a kernel config file (Linux only)
--map kernel_map_file specify a kernel System.map file (Linux only) --map kernel_map_file specify a kernel System.map file (Linux only)
If you want to use live mode while specifying the location of the kernel, config or map file yourself,
you can add --live to the above options, to tell the script to run in live mode instead of the offline mode,
which is enabled by default when at least one file is specified on the command line.
Options: Options:
--no-color don't use color codes --no-color don't use color codes
--verbose, -v increase verbosity level, possibly several times --verbose, -v increase verbosity level, possibly several times
@ -134,8 +139,7 @@ os=$(uname -s)
opt_kernel='' opt_kernel=''
opt_config='' opt_config=''
opt_map='' opt_map=''
opt_live_explicit=0 opt_live=-1
opt_live=1
opt_no_color=0 opt_no_color=0
opt_batch=0 opt_batch=0
opt_batch_format='text' opt_batch_format='text'
@ -796,22 +800,19 @@ while [ -n "$1" ]; do
opt_kernel=$(parse_opt_file kernel "$2"); ret=$? opt_kernel=$(parse_opt_file kernel "$2"); ret=$?
[ $ret -ne 0 ] && exit 255 [ $ret -ne 0 ] && exit 255
shift 2 shift 2
opt_live=0
elif [ "$1" = "--config" ]; then elif [ "$1" = "--config" ]; then
opt_config=$(parse_opt_file config "$2"); ret=$? opt_config=$(parse_opt_file config "$2"); ret=$?
[ $ret -ne 0 ] && exit 255 [ $ret -ne 0 ] && exit 255
shift 2 shift 2
opt_live=0
elif [ "$1" = "--map" ]; then elif [ "$1" = "--map" ]; then
opt_map=$(parse_opt_file map "$2"); ret=$? opt_map=$(parse_opt_file map "$2"); ret=$?
[ $ret -ne 0 ] && exit 255 [ $ret -ne 0 ] && exit 255
shift 2 shift 2
opt_live=0
elif [ "$1" = "--arch-prefix" ]; then elif [ "$1" = "--arch-prefix" ]; then
opt_arch_prefix="$2" opt_arch_prefix="$2"
shift 2 shift 2
elif [ "$1" = "--live" ]; then elif [ "$1" = "--live" ]; then
opt_live_explicit=1 opt_live=1
shift shift
elif [ "$1" = "--no-color" ]; then elif [ "$1" = "--no-color" ]; then
opt_no_color=1 opt_no_color=1
@ -954,6 +955,15 @@ if [ "$opt_no_hw" = 1 ] && [ "$opt_hw_only" = 1 ]; then
exit 255 exit 255
fi fi
if [ "$opt_live" = -1 ]; then
if [ -n "$opt_kernel" ] || [ -n "$opt_config" ] || [ -n "$opt_map" ]; then
# no --live specified and we have a least one of the kernel/config/map files on the cmdline: offline mode
opt_live=0
else
opt_live=1
fi
fi
# print status function # print status function
pstatus() pstatus()
{ {
@ -1722,13 +1732,6 @@ if uname -a | grep -qE -- '-Microsoft #[0-9]+-Microsoft '; then
fi fi
# check for mode selection inconsistency # check for mode selection inconsistency
if [ "$opt_live_explicit" = 1 ]; then
if [ -n "$opt_kernel" ] || [ -n "$opt_config" ] || [ -n "$opt_map" ]; then
show_usage
echo "$0: error: incompatible modes specified, use either --live or --kernel/--config/--map" >&2
exit 255
fi
fi
if [ "$opt_hw_only" = 1 ]; then if [ "$opt_hw_only" = 1 ]; then
if [ "$opt_cve_all" = 0 ]; then if [ "$opt_cve_all" = 0 ]; then
show_usage show_usage
@ -1795,8 +1798,11 @@ if [ "$opt_live" = 1 ]; then
_info "CPU is \033[35m$cpu_friendly_name\033[0m" _info "CPU is \033[35m$cpu_friendly_name\033[0m"
# try to find the image of the current running kernel # try to find the image of the current running kernel
if [ -n "$opt_kernel" ]; then
# specified by user on cmdline, with --live, don't override
:
# first, look for the BOOT_IMAGE hint in the kernel cmdline # first, look for the BOOT_IMAGE hint in the kernel cmdline
if [ -r "$procfs/cmdline" ] && grep -q 'BOOT_IMAGE=' "$procfs/cmdline"; then elif [ -r "$procfs/cmdline" ] && grep -q 'BOOT_IMAGE=' "$procfs/cmdline"; then
opt_kernel=$(grep -Eo 'BOOT_IMAGE=[^ ]+' "$procfs/cmdline" | cut -d= -f2) opt_kernel=$(grep -Eo 'BOOT_IMAGE=[^ ]+' "$procfs/cmdline" | cut -d= -f2)
_debug "found opt_kernel=$opt_kernel in $procfs/cmdline" _debug "found opt_kernel=$opt_kernel in $procfs/cmdline"
# if the boot partition is within a btrfs subvolume, strip the subvolume name # if the boot partition is within a btrfs subvolume, strip the subvolume name
@ -1843,7 +1849,10 @@ if [ "$opt_live" = 1 ]; then
fi fi
# system.map # system.map
if [ -e "$procfs/kallsyms" ] ; then if [ -n "$opt_map" ]; then
# specified by user on cmdline, with --live, don't override
:
elif [ -e "$procfs/kallsyms" ] ; then
opt_map="$procfs/kallsyms" opt_map="$procfs/kallsyms"
elif [ -e "/lib/modules/$(uname -r)/System.map" ] ; then elif [ -e "/lib/modules/$(uname -r)/System.map" ] ; then
opt_map="/lib/modules/$(uname -r)/System.map" opt_map="/lib/modules/$(uname -r)/System.map"
@ -1854,7 +1863,10 @@ if [ "$opt_live" = 1 ]; then
fi fi
# config # config
if [ -e "$procfs/config.gz" ] ; then if [ -n "$opt_config" ]; then
# specified by user on cmdline, with --live, don't override
:
elif [ -e "$procfs/config.gz" ] ; then
dumped_config="$(mktemp /tmp/config-XXXXXX)" dumped_config="$(mktemp /tmp/config-XXXXXX)"
gunzip -c "$procfs/config.gz" > "$dumped_config" gunzip -c "$procfs/config.gz" > "$dumped_config"
# dumped_config will be deleted at the end of the script # dumped_config will be deleted at the end of the script