peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-28 19:43:23 +02:00
Code Issues Projects Releases Wiki Activity

enh: factorize is_arch_kernel

Browse Source
This commit is contained in:
Stéphane Lesimple
2026-04-10 18:37:14 +02:00
parent de853fc801
commit e110706df8
5 changed files with 27 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/vulns/CVE-2018-3640.sh
View File

@@ -3,7 +3,7 @@
# CVE-2018-3640, Variant 3a, Rogue System Register Read
check_CVE_2018_3640() {
local status sys_interface_available msg cve is_arm64_kernel arm_v3a_mitigation
local status sys_interface_available msg cve arm_v3a_mitigation
cve='CVE-2018-3640'
pr_info "\033[1;34m$cve aka '$(cve2name "$cve")'\033[0m"
@@ -11,21 +11,7 @@ check_CVE_2018_3640() {
sys_interface_available=0
msg=''
# Detect whether the target kernel is ARM64, for both live and no-runtime modes.
# In no-runtime cross-inspection (x86 host, ARM kernel), cpu_vendor reflects the host,
# so also check for arm64_sys_ symbols (same pattern used in CVE-2018-3639).
is_arm64_kernel=0
if [ "$cpu_vendor" = ARM ] || [ "$cpu_vendor" = CAVIUM ] || [ "$cpu_vendor" = PHYTIUM ]; then
is_arm64_kernel=1
elif [ -n "$opt_map" ] && grep -q 'arm64_sys_' "$opt_map" 2>/dev/null; then
is_arm64_kernel=1
elif [ -n "$g_kernel" ] && grep -q 'arm64_sys_' "$g_kernel" 2>/dev/null; then
is_arm64_kernel=1
elif [ -n "$opt_config" ] && grep -qw 'CONFIG_ARM64=y' "$opt_config" 2>/dev/null; then
is_arm64_kernel=1
fi
if [ "$is_arm64_kernel" = 1 ]; then
if is_arm64_kernel; then
# ARM64: mitigation is via an EL2 indirect trampoline (spectre_v3a_enable_mitigation),
# applied automatically at boot for affected CPUs (Cortex-A57, Cortex-A72).
# No microcode update is involved.