feat(retpoline): check if retpoline is enabled
Before we would just check if retpoline was compiled in, now we also check that it's enabled at runtime (only in live mode)
This commit is contained in:
parent
6cf2005745
commit
7eb36e6b09
|
@ -1162,6 +1162,20 @@ check_variant2()
|
|||
else
|
||||
pstatus yellow UNKNOWN "couldn't find your kernel image or System.map"
|
||||
fi
|
||||
|
||||
_info_nol "* Retpoline enabled: "
|
||||
if [ "$opt_live" = 1 ]; then
|
||||
# kernel adds this flag when retpoline is supported and enabled,
|
||||
# regardless of the fact that it's minimal / full and generic / amd
|
||||
if grep -qw retpoline /proc/cpuinfo; then
|
||||
pstatus green YES
|
||||
retpoline_enabled=1
|
||||
else
|
||||
pstatus red NO
|
||||
fi
|
||||
else
|
||||
pstatus blue N/A "can't check this in offline mode"
|
||||
fi
|
||||
elif [ "$sys_interface_available" = 0 ]; then
|
||||
# we have no sysfs but were asked to use it only!
|
||||
msg="/sys vulnerability interface use forced, but it's not available!"
|
||||
|
|
Loading…
Reference in New Issue