From 7847c952081d00ea287be2ddd40671ba3e739cfc Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sat, 6 Jun 2026 15:04:30 +0000 Subject: [PATCH] arm64: add SSBS detection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit built from commit 737cfe4a5febfcb4e9b03b51c57961259ee59351 dated 2026-06-06 17:01:46 +0200 by Stéphane Lesimple (speed47_github@speed47.net) --- spectre-meltdown-checker.sh | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh index 179de21..b424da4 100755 --- a/spectre-meltdown-checker.sh +++ b/spectre-meltdown-checker.sh @@ -13,7 +13,7 @@ # # Stephane Lesimple # -VERSION='26.36.0606593' +VERSION='26.36.0606627' # --- Common paths and basedirs --- readonly VULN_SYSFS_BASE="/sys/devices/system/cpu/vulnerabilities" @@ -5158,6 +5158,22 @@ check_cpu() { pstatus green NO fi fi + # ARM exposes no userspace-readable CPUID/MSR to query SSBD support directly. + # The ARMv8.5 SSBS ("Speculative Store Bypass Safe") hardware bit, when present, + # surfaces as the 'ssbs' hwcap in /proc/cpuinfo. We use it *only* as a positive + # confirmation of SSB mitigation capability (Variant 4 / CVE-2018-3639): its + # absence proves nothing, because the kernel deliberately hides the hwcap on some + # cores (e.g. the erratum-3194386 SSBS self-sync workaround), so we must never + # infer immunity from a missing 'ssbs'. + if has_runtime; then + pr_info_nol " * CPU indicates SSBS (Speculative Store Bypass Safe) capability: " + if grep '^Features' "$g_procfs/cpuinfo" | grep -qw ssbs; then + cap_ssbd='ARM SSBS (cpuinfo)' + pstatus green YES "$cap_ssbd" + else + pstatus blue UNKNOWN "not exposed (the kernel may hide it; cannot conclude)" + fi + fi return fi