From a306757c222719c2bdc92fb77934c560541b9bae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= <speed47_github@speed47.net>
Date: Sun, 22 Sep 2019 00:45:02 +0200
Subject: [PATCH] fix: detect Red Hat locked down kernels (impacts MSR writes)

---
 spectre-meltdown-checker.sh | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index bcccbc6..4ccf399 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -2200,6 +2200,18 @@ write_msr()
 			_debug "write_msr: using perl"
 			ret=1
 			perl -e "open(M,'>','/dev/cpu/$_cpu/msr') and seek(M,$_msr_dec,0) and exit(syswrite(M,pack('H16',0)))"; [ $? -eq 8 ] && ret=0
+			if [ "$ret" = 1 ]; then
+				# Fedora (and probably Red Hat) have a "kernel lock down" feature that prevents us to write to MSRs
+				# when this mode is enabled and EFI secure boot is enabled (see issue #303)
+				# https://src.fedoraproject.org/rpms/kernel/blob/master/f/efi-lockdown.patch
+				# when this happens, any write will fail and dmesg will have a msg printed "msr: Direct access to MSR"
+				# we don't use dmesg_grep() because we don't care if dmesg is truncated here, as the message has just been printed
+				if dmesg | grep -qF "msr: Direct access to MSR"; then
+					_debug "write_msr: locked down kernel detected"
+					mockme=$(printf "%b\n%b" "$mockme" "SMC_MOCK_WRMSR_${_msr}_RET=202")
+					return 202 # lockdown error
+				fi
+			fi
 		# fallback to dd if it supports seek_bytes
 		elif dd if=/dev/null of=/dev/null bs=8 count=1 seek="$_msr_dec" oflag=seek_bytes 2>/dev/null; then
 			_debug "write_msr: using dd"
@@ -2345,6 +2357,9 @@ check_cpu()
 		elif [ $val -eq 201 ]; then
 			pstatus yellow UNKNOWN "missing tool, install either msr-tools or perl"
 			spec_ctrl_msr=-1
+		elif [ $val -eq 202 ]; then
+			pstatus yellow UNKNOWN "your kernel is locked down (Fedora/Red Hat), please reboot without secure boot and retry"
+			spec_ctrl_msr=-1
 		else
 			spec_ctrl_msr=0
 			pstatus yellow NO
@@ -2433,6 +2448,10 @@ check_cpu()
 			fi
 		elif [ $val -eq 200 ]; then
 			pstatus yellow UNKNOWN "is msr kernel module available?"
+		elif [ $val -eq 201 ]; then
+			pstatus yellow UNKNOWN "missing tool, install either msr-tools or perl"
+		elif [ $val -eq 202 ]; then
+			pstatus yellow UNKNOWN "your kernel is locked down (Fedora/Red Hat), please reboot without secure boot and retry"
 		else
 			pstatus yellow NO
 		fi
@@ -2611,6 +2630,10 @@ check_cpu()
 			fi
 		elif [ $val -eq 200 ]; then
 			pstatus yellow UNKNOWN "is msr kernel module available?"
+		elif [ $val -eq 201 ]; then
+			pstatus yellow UNKNOWN "missing tool, install either msr-tools or perl"
+		elif [ $val -eq 202 ]; then
+			pstatus yellow UNKNOWN "your kernel is locked down (Fedora/Red Hat), please reboot without secure boot and retry"
 		else
 			pstatus yellow NO
 		fi
@@ -2748,6 +2771,8 @@ check_cpu()
 				pstatus yellow UNKNOWN "is msr kernel module available?"
 			elif [ $val -eq 201 ]; then
 				pstatus yellow UNKNOWN "missing tool, install either msr-tools or perl"
+			elif [ $val -eq 202 ]; then
+				pstatus yellow UNKNOWN "your kernel is locked down (Fedora/Red Hat), please reboot without secure boot and retry"
 			else
 				pstatus yellow NO
 			fi