From 5f914e555ecaa5aad95a3b1ae6d6f07ba4ad919f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= Date: Wed, 14 Feb 2018 14:24:55 +0100 Subject: [PATCH] fix(xen): declare Xen's PTI patch as a valid mitigation for variant3 --- spectre-meltdown-checker.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh index 01997b1..403b033 100755 --- a/spectre-meltdown-checker.sh +++ b/spectre-meltdown-checker.sh @@ -1791,7 +1791,7 @@ check_variant3() elif [ "$xen_pv_domo" = 1 ]; then pvulnstatus $cve OK "Xen Dom0s are safe and do not require PTI" elif [ "$xen_pv_domu" = 1 ]; then - pvulnstatus $cve VULN "Xen PV DomUs are vulnerable and need to be run in HVM, PVHVM or PVH mode" + pvulnstatus $cve VULN "Xen PV DomUs are vulnerable and need to be run in HVM, PVHVM, PVH mode, or the Xen hypervisor must have the Xen's own PTI patch" else pvulnstatus $cve VULN "PTI is needed to mitigate the vulnerability" fi