From e7aa3b9d167b9054cbd2c47be0ab593a11d0e213 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= <speed47_github@speed47.net>
Date: Sun, 21 Jan 2018 18:07:25 +0100
Subject: [PATCH] feat(retpoline): check if retpoline is enabled

Before we would just check if retpoline was compiled
in, now we also check that it's enabled at runtime
(only in live mode)
---
 spectre-meltdown-checker.sh | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index 904cfbb..a48716c 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -1162,6 +1162,20 @@ check_variant2()
 		else
 			pstatus yellow UNKNOWN "couldn't find your kernel image or System.map"
 		fi
+
+		_info_nol "*   Retpoline enabled: "
+		if [ "$opt_live" = 1 ]; then
+			# kernel adds this flag when retpoline is supported and enabled,
+			# regardless of the fact that it's minimal / full and generic / amd
+			if grep -qw retpoline /proc/cpuinfo; then
+				pstatus green YES
+				retpoline_enabled=1
+			else
+				pstatus red NO
+			fi
+		else
+			pstatus blue N/A "can't check this in offline mode"
+		fi
 	elif [ "$sys_interface_available" = 0 ]; then
 		# we have no sysfs but were asked to use it only!
 		msg="/sys vulnerability interface use forced, but it's not available!"