peter/spectre-meltdown-checker
peter
/
spectre-meltdown-checker
mirror of https://github.com/speed47/spectre-meltdown-checker.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

feat(retpoline): check if retpoline is enabled 

Before we would just check if retpoline was compiled
in, now we also check that it's enabled at runtime
(only in live mode)
This commit is contained in:
Stéphane Lesimple 2018-01-21 18:07:25 +01:00
parent ff5c92fa6f
commit e7aa3b9d16
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
spectre-meltdown-checker.sh
View File

@ -1162,6 +1162,20 @@ check_variant2()
else
pstatus yellow UNKNOWN "couldn't find your kernel image or System.map"
fi
_info_nol "* Retpoline enabled: "
if [ "$opt_live" = 1 ]; then
# kernel adds this flag when retpoline is supported and enabled,
# regardless of the fact that it's minimal / full and generic / amd
if grep -qw retpoline /proc/cpuinfo; then
pstatus green YES
retpoline_enabled=1
else
pstatus red NO
fi
else
pstatus blue N/A "can't check this in offline mode"
fi
elif [ "$sys_interface_available" = 0 ]; then
# we have no sysfs but were asked to use it only!
msg="/sys vulnerability interface use forced, but it's not available!"