From e819a279398d58451c7698a3897efdd75a9bba98 Mon Sep 17 00:00:00 2001
From: Dario Faggioli <dfaggioli@suse.com>
Date: Fri, 19 Apr 2019 15:05:00 +0200
Subject: [PATCH] L1TF/Linux: detect "running an hypervisor" via lsmod

If the 'kvm_intel' module is loaded, this host can run VMs, and is
hence potentially L1TF-vulnerable.
---
 spectre-meltdown-checker.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index 0c51387..e18b4e9 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -3797,6 +3797,10 @@ check_CVE_2018_3646_linux()
 		if [ "$has_vmm" = -1 ]; then
 			# Assumed to be running on bare metal unless evidence of vm is found.
 			has_vmm=0
+			# if we have the 'kvm_intel' module loaded, well, we defintely can run VMs!
+			if lsmod | grep -q kvm_intel; then
+				has_vmm=1
+			fi
 			# test for presence of hypervisor flag - definitive if set
 			if [ -e "$procfs/cpuinfo" ] && grep ^flags "$procfs/cpuinfo" | grep -qw hypervisor; then
 				has_vmm=1