From b89d67dd153acc6ad1d274ebbb6749b789347e2c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= <speed47_github@speed47.net>
Date: Sun, 14 Jan 2018 18:33:01 +0100
Subject: [PATCH] meltdown: detecting Xen PV, reporting as not vulnerable

---
 spectre-meltdown-checker.sh | 23 ++++++++++++++++++++++-
 1 file changed, 22 insertions(+), 1 deletion(-)

diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index da5dfda..e62fa6e 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -8,7 +8,7 @@
 #
 # Stephane Lesimple
 #
-VERSION=0.30
+VERSION=0.30+xen-test1
 
 show_usage()
 {
@@ -1013,6 +1013,25 @@ check_variant3()
 				pstatus blue NO 'no security impact but performance will be degraded with PTI'
 			fi
 		fi
+
+		if [ "$opt_live" = 1 ]; then
+			# checking whether we're running under Xen PV 64 bits. If yes, we're not affected by variant3
+			_info_nol "* Checking if we're running under Xen PV (64 bits): "
+			if [ "$(uname -m)" = "x86_64" ]; then
+				# XXX do we have a better way that relying on dmesg?
+				if dmesg | grep -q 'Booting paravirtualized kernel on Xen$' ; then
+					pstatus green YES 'Xen PV is not vulnerable'
+					xen_pv=1
+				elif [ -r /var/log/dmesg ] && grep -q 'Booting paravirtualized kernel on Xen$' /var/log/dmesg; then
+					pstatus green YES 'Xen PV is not vulnerable'
+					xen_pv=1
+				else
+					pstatus blue NO
+				fi
+			else
+				pstatus blue NO
+			fi
+		fi
 	fi
 
 	# if we have the /sys interface, don't even check is_cpu_vulnerable ourselves, the kernel already does it
@@ -1025,6 +1044,8 @@ check_variant3()
 		if [ "$opt_live" = 1 ]; then
 			if [ "$kpti_enabled" = 1 ]; then
 				pvulnstatus $cve OK "PTI mitigates the vulnerability"
+			elif [ "$xen_pv" = 1 ]; then
+				pvulnstatus $cve OK "Xen PV 64 bits is not vulnerable"
 			else
 				pvulnstatus $cve VULN "PTI is needed to mitigate the vulnerability"
 			fi