peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-07 09:13:20 +02:00
Code Issues Projects Releases Wiki Activity

fix: CVE-2017-5715 (Spectre V2): Red Hat specific fix for RSB Filling (fixes #235)

Browse Source
This commit is contained in:
Stéphane Lesimple
2026-04-06 17:40:59 +02:00
parent c143bdb073
commit d040c0ffc3
1 changed files with 9 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/vulns/CVE-2017-5715.sh
View File

@@ -633,7 +633,15 @@ check_CVE_2017_5715_linux() {
fi fi
fi fi
if [ "$rsb_filling" = 0 ]; then if [ "$rsb_filling" = 0 ]; then
if [ -n "$g_kernel_err" ]; then # Red Hat kernels (RHEL 6/7/8) stuff RSB on context switch as part of
# their retpoline implementation when retp_enabled=1, but don't use the
# upstream X86_FEATURE_RSB_CTXSW flag or "Filling RSB on context switch"
# string. Detect this via the RHEL-specific debugfs knob.
# See https://bugzilla.redhat.com/show_bug.cgi?id=1616245#c8
if [ "$retp_enabled" = 1 ]; then
rsb_filling=1
pstatus green YES "Red Hat kernel with retpoline enabled includes RSB filling"
elif [ -n "$g_kernel_err" ]; then
pstatus yellow UNKNOWN "couldn't check ($g_kernel_err)" pstatus yellow UNKNOWN "couldn't check ($g_kernel_err)"
else else
if grep -qw -e 'Filling RSB on context switch' "$g_kernel"; then if grep -qw -e 'Filling RSB on context switch' "$g_kernel"; then