peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-09 10:13:18 +02:00
Code Issues Projects Releases Wiki Activity

new batch mode docs, add doc/ to -build branch

Browse Source
This commit is contained in:
Stéphane Lesimple
2026-04-08 21:57:03 +02:00
parent f0fb59310e
commit ff42393fa6
13 changed files with 1330 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/vulns/CVE-2017-5715.sh
View File

@@ -1157,7 +1157,7 @@ check_CVE_2017_5715_linux() {
elif [ "$g_ibpb_enabled" = 2 ] && [ "$smt_enabled" != 0 ]; then
pvulnstatus "$cve" OK "Full IBPB is mitigating the vulnerability"
# Offline mode fallback
# No-runtime mode fallback
elif [ "$opt_runtime" != 1 ]; then
if [ "$retpoline" = 1 ] && [ -n "$g_ibpb_supported" ]; then
pvulnstatus "$cve" OK "no-runtime mode: kernel supports retpoline + IBPB to mitigate the vulnerability"

4
src/vulns/CVE-2017-5753.sh
View File

@@ -62,7 +62,7 @@ check_CVE_2017_5753_linux() {
# Primary detection: grep for sysfs mitigation strings in the kernel binary.
# The string "__user pointer sanitization" is present in all kernel versions
# that have spectre_v1 sysfs support (x86 v4.16+, ARM64 v5.2+, ARM32 v5.17+),
# including RHEL "Load fences" variants. This is cheap and works offline.
# including RHEL "Load fences" variants. This is cheap and works in no-runtime mode.
pr_info_nol "* Kernel has spectre_v1 mitigation (kernel image): "
v1_kernel_mitigated=''
v1_kernel_mitigated_err=''
@@ -98,7 +98,7 @@ check_CVE_2017_5753_linux() {
# Fallback for v4.15-era kernels: binary pattern matching for array_index_mask_nospec().
# The sysfs mitigation strings were not present in the kernel image until v4.16 (x86)
# and v5.2 (ARM64), but the actual mitigation code landed in v4.15 (x86) and v4.16 (ARM64).
# For offline analysis of these old kernels, match the specific instruction patterns.
# For no-runtime analysis of these old kernels, match the specific instruction patterns.
if [ -z "$v1_kernel_mitigated" ]; then
pr_info_nol "* Kernel has array_index_mask_nospec (v4.15 binary pattern): "
# vanilla: look for the Linus' mask aka array_index_mask_nospec()

2
src/vulns/CVE-2018-3640.sh
View File

@@ -12,7 +12,7 @@ check_CVE_2018_3640() {
msg=''
# Detect whether the target kernel is ARM64, for both live and no-runtime modes.
# In offline cross-inspection (x86 host, ARM kernel), cpu_vendor reflects the host,
# In no-runtime cross-inspection (x86 host, ARM kernel), cpu_vendor reflects the host,
# so also check for arm64_sys_ symbols (same pattern used in CVE-2018-3639).
is_arm64_kernel=0
if [ "$cpu_vendor" = ARM ] || [ "$cpu_vendor" = CAVIUM ] || [ "$cpu_vendor" = PHYTIUM ]; then