From 401ccd4b14ffa81936f5e843e6d7afdd72326d9d Mon Sep 17 00:00:00 2001 From: Stanislav Kholmanskikh Date: Wed, 29 Aug 2018 05:40:52 -0700 Subject: [PATCH] Correct aarch64 KPTI dmesg message As it's seen in unmap_kernel_at_el0 (both the function definition and its usage in arm64_features[]) from arch/arm64/kernel/cpufeature.c the kernel reports this string: CPU features: detected: Kernel page table isolation (KPTI) or (before commit e0f6429dc1c0 ("arm64: cpufeature: Remove redundant "feature" in reports")): CPU features: detected feature: Kernel page table isolation (KPTI) if KPTI is enabled on the system. So on let's adjust check_variant3_linux() to make it grep these strings if executed on an aarch64 platform. Tested on a Cavium ThunderX2 machine. Signed-off-by: Stanislav Kholmanskikh --- spectre-meltdown-checker.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh index a159d3e..6856fd0 100755 --- a/spectre-meltdown-checker.sh +++ b/spectre-meltdown-checker.sh @@ -3237,6 +3237,8 @@ check_CVE_2017_5754_linux() dmesg_grep="Kernel/User page tables isolation: enabled" dmesg_grep="$dmesg_grep|Kernel page table isolation enabled" dmesg_grep="$dmesg_grep|x86/pti: Unmapping kernel while in userspace" + # aarch64 + dmesg_grep="$dmesg_grep|CPU features: detected( feature)?: Kernel page table isolation \(KPTI\)" if grep ^flags "$procfs/cpuinfo" | grep -qw pti; then # vanilla PTI patch sets the 'pti' flag in cpuinfo _debug "kpti_enabled: found 'pti' flag in $procfs/cpuinfo"