From a7b14306d53cd644d249fb09f6ca25a4c2ef1e9f Mon Sep 17 00:00:00 2001
From: Frederic CORNU <fcornu@wardsback.org>
Date: Tue, 9 Jan 2018 18:26:32 +0100
Subject: [PATCH] Improve PTI detection even more

when PTI detection relies on dmesg, dmesg output is checked first
then /var/log/dmesg if dmesg output lacks boot time messages
---
 spectre-meltdown-checker.sh | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index 5eb1226..8fdb396 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -651,8 +651,11 @@ if [ "$opt_live" = 1 ]; then
 	elif [ -e /sys/kernel/debug/x86/pti_enabled ]; then
 		# RedHat Backport creates a dedicated file, see https://access.redhat.com/articles/3311301
 		kpti_enabled=$(cat /sys/kernel/debug/x86/pti_enabled 2>/dev/null)
-	elif grep -Eq 'Kernel/User page tables isolation: enabled|Kernel page table isolation enabled' /var/log/dmesg; then
-		# if we can't find the flag, grep in /var/log/dmesg
+	elif dmesg | grep -Eq 'Kernel/User page tables isolation: enabled|Kernel page table isolation enabled'; then
+		# if we can't find the flag, grep dmesg output
+		kpti_enabled=1
+	elif [ -r /var/log/dmesg ] && grep -Eq 'Kernel/User page tables isolation: enabled|Kernel page table isolation enabled' /var/log/dmesg; then
+		# if we can't find the flag in dmesg output, grep in /var/log/dmesg when readable
 		kpti_enabled=1
 	else
 		kpti_enabled=0