peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2025-11-03 23:30:52 +01:00
Code Issues Projects Releases Wiki Activity

feat(stibp): add STIBP cpuid feature check

Browse Source
This commit is contained in:
Stéphane Lesimple
2018-01-24 12:19:02 +01:00
parent 3c1d452c99
commit b45e40bec8
1 changed files with 38 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
spectre-meltdown-checker.sh
View File

@@ -885,6 +885,7 @@ check_variant2()
load_msr load_msr
fi fi
if [ ! -e /dev/cpu/0/msr ]; then if [ ! -e /dev/cpu/0/msr ]; then
spec_ctrl_msr=-1
pstatus yellow UNKNOWN "couldn't read /dev/cpu/0/msr, is msr support enabled in your kernel?" pstatus yellow UNKNOWN "couldn't read /dev/cpu/0/msr, is msr support enabled in your kernel?"
else else
# the new MSR 'SPEC_CTRL' is at offset 0x48 # the new MSR 'SPEC_CTRL' is at offset 0x48
@@ -893,8 +894,10 @@ check_variant2()
# skip=9 because 8*9=72=0x48 # skip=9 because 8*9=72=0x48
dd if=/dev/cpu/0/msr of=/dev/null bs=8 count=1 skip=9 2>/dev/null dd if=/dev/cpu/0/msr of=/dev/null bs=8 count=1 skip=9 2>/dev/null
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
spec_ctrl_msr=1
pstatus green YES pstatus green YES
else else
spec_ctrl_msr=0
pstatus red NO pstatus red NO
fi fi
fi fi
@@ -987,6 +990,41 @@ check_variant2()
fi fi
fi fi
# STIBP
_info " * Single Thread Indirect Branch Predictors (STIBP)"
_info_nol " * SPEC_CTRL MSR is available: "
if [ "$spec_ctrl_msr" = 1 ]; then
pstatus green YES
elif [ "$spec_ctrl_msr" = 0 ]; then
pstatus red NO
else
pstatus yellow UNKNOWN "couldn't read /dev/cpu/0/msr, is msr support enabled in your kernel?"
fi
_info_nol " * CPU indicates STIBP capability: "
if [ ! -e /dev/cpu/0/cpuid ]; then
pstatus yellow UNKNOWN "couldn't read /dev/cpu/0/cpuidr, is cpuid support enabled in your kernel?"
else
# A processor supports STIBP if it enumerates CPUID (EAX=7H,ECX=0):EDX[27] as 1
if [ "$opt_verbose" -ge 3 ]; then
dd if=/dev/cpu/0/cpuid bs=16 skip=7 iflag=skip_bytes count=1 >/dev/null 2>/dev/null
_debug "cpuid: reading leaf7 of cpuid on cpu0, ret=$?"
_debug "cpuid: leaf7 eax-ebx-ecx-edx: "$(dd if=/dev/cpu/0/cpuid bs=16 skip=7 iflag=skip_bytes count=1 2>/dev/null | od -x -A n)
_debug "cpuid: leaf7 edx higher byte is: "$(dd if=/dev/cpu/0/cpuid bs=16 skip=7 iflag=skip_bytes count=1 2>/dev/null | dd bs=1 skip=15 count=1 2>/dev/null | od -x -A n)
fi
# getting high byte of edx on leaf7 of cpuinfo in decimal
edx_hb=$(dd if=/dev/cpu/0/cpuid bs=16 skip=7 iflag=skip_bytes count=1 2>/dev/null | dd bs=1 skip=15 count=1 2>/dev/null | od -t u -A n | awk '{print $1}')
_debug "cpuid: leaf7 edx higher byte: $edx_hb (decimal)"
edx_bit27=$(( edx_hb & 8 ))
_debug "cpuid: edx_bit27=$edx_bit27"
if [ "$edx_bit27" -eq 8 ]; then
pstatus green YES "STIBP feature bit"
cpuid_stibp=1
else
pstatus red NO
fi
fi
_info_nol " * Kernel is compiled with IBRS/IBPB support: " _info_nol " * Kernel is compiled with IBRS/IBPB support: "
ibrs_can_tell=0 ibrs_can_tell=0