From a8b557b9e22ad4f24929120f3bda3209b75c54fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= Date: Tue, 3 Apr 2018 19:34:24 +0200 Subject: [PATCH] fix(cpu): skip CPU checks if asked to (--no-hw) or if inspecting a kernel of another architecture --- spectre-meltdown-checker.sh | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh index 737a322..d4d43d2 100755 --- a/spectre-meltdown-checker.sh +++ b/spectre-meltdown-checker.sh @@ -65,6 +65,7 @@ show_usage() --variant [1,2,3] specify which variant you'd like to check, by default all variants are checked, can be specified multiple times (e.g. --variant 2 --variant 3) --hw-only only check for CPU informations, don't check for any variant + --no-hw skip CPU information and checks, if you're inspecting a kernel not to be run on this host Return codes: 0 (not vulnerable), 2 (vulnerable), 3 (unknown), 255 (error) @@ -127,6 +128,7 @@ opt_sysfs_only=0 opt_coreos=0 opt_arch_prefix='' opt_hw_only=0 +opt_no_hw=0 global_critical=0 global_unknown=0 @@ -450,6 +452,9 @@ while [ -n "$1" ]; do elif [ "$1" = "--hw-only" ]; then opt_hw_only=1 shift + elif [ "$1" = "--no-hw" ]; then + opt_no_hw=1 + shift elif [ "$1" = "--batch" ]; then opt_batch=1 opt_verbose=0 @@ -509,6 +514,11 @@ if [ "$opt_no_sysfs" = 1 ] && [ "$opt_sysfs_only" = 1 ]; then exit 255 fi +if [ "$opt_no_hw" = 1 ] && [ "$opt_hw_only" = 1 ]; then + _warn "Incompatible options specified (--no-hw and --hw-only), aborting" + exit 255 +fi + # print status function pstatus() { @@ -2422,9 +2432,11 @@ check_variant3_bsd() fi } -check_cpu -check_cpu_vulnerabilities -_info +if [ "$opt_no_hw" = 0 ] && [ -z "$opt_arch_prefix" ]; then + check_cpu + check_cpu_vulnerabilities + _info +fi # now run the checks the user asked for if [ "$opt_variant1" = 1 ] || [ "$opt_allvariants" = 1 ]; then