peter/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker.git synced 2026-04-23 17:13:18 +02:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: peter:8ae598802cfa6831bad124e0400b58e10247958d
Branches Tags
peter:master peter:test-build peter:test peter:source-build peter:source peter:vuln-watch
peter:v26.33.0420460 peter:v26.26.0404682 peter:v26.21.0401891 peter:v0.46 peter:v0.45 peter:v0.44 peter:v0.43 peter:v0.42 peter:v0.41 peter:v0.40 peter:v0.39 peter:v0.38 peter:v0.37 peter:v0.36 peter:v0.35 peter:v0.34 peter:v0.33 peter:v0.32 peter:v0.31 peter:v0.30 peter:v0.29 peter:v0.28 peter:v0.27 peter:v0.26 peter:v0.25 peter:v0.24 peter:v0.23 peter:v0.22 peter:v0.21 peter:v0.20 peter:v0.19 peter:v0.18 peter:v0.17 peter:v0.16 peter:v0.15 peter:v0.14 peter:v0.13 peter:v0.12 peter:v0.11 peter:v0.10 peter:v0.09 peter:v0.08 peter:v0.07 peter:v0.06 peter:v0.05 peter:v0.04 peter:v0.03 peter:v0.02 peter:v0.01
...
compare: peter:6212de226ae0f30688bfb935e2cc5205007d2d9b
Branches Tags
peter:test-build peter:test peter:master peter:source-build peter:source peter:vuln-watch
peter:v26.33.0420460 peter:v26.26.0404682 peter:v26.21.0401891 peter:v0.46 peter:v0.45 peter:v0.44 peter:v0.43 peter:v0.42 peter:v0.41 peter:v0.40 peter:v0.39 peter:v0.38 peter:v0.37 peter:v0.36 peter:v0.35 peter:v0.34 peter:v0.33 peter:v0.32 peter:v0.31 peter:v0.30 peter:v0.29 peter:v0.28 peter:v0.27 peter:v0.26 peter:v0.25 peter:v0.24 peter:v0.23 peter:v0.22 peter:v0.21 peter:v0.20 peter:v0.19 peter:v0.18 peter:v0.17 peter:v0.16 peter:v0.15 peter:v0.14 peter:v0.13 peter:v0.12 peter:v0.11 peter:v0.10 peter:v0.09 peter:v0.08 peter:v0.07 peter:v0.06 peter:v0.05 peter:v0.04 peter:v0.03 peter:v0.02 peter:v0.01

5 Commits
8ae598802c ... 6212de226a

Author SHA1 Message Date
github-actions[bot]
6212de226a enh: when reading CPUID is unavailable (VM?), fallback to cpuinfo where applicable 
built from commit 954eb13468
 dated 2026-04-06 18:58:36 +0200
 by Stéphane Lesimple (speed47_github@speed47.net)

 cap_* variable <= cpuinfo flag

cap_ibrs              <= ibrs
cap_ibpb              <= ibpb
cap_stibp             <= stibp
cap_ssbd              <= ssbd / virt_ssbd
cap_l1df              <= flush_l1d
cap_md_clear          <= md_clear
cap_arch_capabilities <= arch_capabilities

Should fix #288
 2026-04-06 17:00:15 +00:00
github-actions[bot]
f8873048fc enh: read/write_msr: clearer error messages 
built from commit be91749d3a
 dated 2026-04-06 18:43:36 +0200
 by Stéphane Lesimple (speed47_github@speed47.net)
 2026-04-06 16:44:52 +00:00
github-actions[bot]
463e33d61c fix: CVE-2017-5715 (Spectre V2): Red Hat specific fix for RSB Filling (fixes #235) 
built from commit d040c0ffc3
 dated 2026-04-06 17:40:59 +0200
 by Stéphane Lesimple (speed47_github@speed47.net)
 2026-04-06 15:42:13 +00:00
github-actions[bot]
4d1af90420 fix: better compatibility under busybox, silence buggy unzlma versions (fix #432) 
built from commit fc34cb729b
 dated 2026-04-06 17:12:21 +0200
 by Stéphane Lesimple (speed47_github@speed47.net)
 2026-04-06 15:14:01 +00:00
github-actions[bot]
e8a3c7d7f5 fix: wrmsr: specify core number (closes #294) 
built from commit fe5bf7c003
 dated 2026-04-06 17:01:17 +0200
 by Stéphane Lesimple (speed47_github@speed47.net)
 2026-04-06 15:02:33 +00:00
1 changed files with 125 additions and 34 deletions
Expand all files Collapse all files

159
spectre-meltdown-checker.sh
View File

@@ -13,7 +13,7 @@
#
# Stephane Lesimple
#
VERSION='26.32.0406542'
VERSION='26.32.0406707'
# --- Common paths and basedirs ---
readonly VULN_SYSFS_BASE="/sys/devices/system/cpu/vulnerabilities"
@@ -2562,7 +2562,9 @@ try_decompress() {
fi
pos=${pos%%:*}
# shellcheck disable=SC2086
tail -c+$pos "$6" 2>/dev/null | $3 $4 >"$g_kerneltmp" 2>/dev/null
# wrap in subshell so that if $3 segfaults (e.g. old BusyBox unlzma on random data),
# the "Segmentation fault" message printed by the shell goes to /dev/null
(tail -c+$pos "$6" 2>/dev/null | $3 $4 >"$g_kerneltmp" 2>/dev/null) 2>/dev/null
ret=$?
if [ ! -s "$g_kerneltmp" ]; then
# don't rely on $ret, sometimes it's != 0 but worked
@@ -2876,20 +2878,27 @@ readonly WRITE_MSR_RET_ERR=2
readonly WRITE_MSR_RET_LOCKDOWN=3
# Write a value to an MSR register across one or all cores
# Args: $1=msr_address $2=value(optional) $3=cpu_index(optional, default 0)
# Sets: ret_write_msr_msg
# Sets: ret_write_msr_msg, ret_write_msr_ADDR_msg (where ADDR is the hex address, e.g. ret_write_msr_0x123_msg)
# Returns: WRITE_MSR_RET_OK | WRITE_MSR_RET_KO | WRITE_MSR_RET_ERR | WRITE_MSR_RET_LOCKDOWN
write_msr() {
local ret core first_core_ret
local ret core first_core_ret msr_dec msr
msr_dec=$(($1))
msr=$(printf "0x%x" "$msr_dec")
if [ "$opt_cpu" != all ]; then
# we only have one core to write to, do it and return the result
write_msr_one_core "$opt_cpu" "$@"
return $?
ret=$?
# shellcheck disable=SC2163
eval "ret_write_msr_${msr}_msg=\$ret_write_msr_msg"
return $ret
fi
# otherwise we must write on all cores
for core in $(seq 0 "$g_max_core_id"); do
write_msr_one_core "$core" "$@"
ret=$?
# shellcheck disable=SC2163
eval "ret_write_msr_${msr}_msg=\$ret_write_msr_msg"
if [ "$core" = 0 ]; then
# save the result of the first core, for comparison with the others
first_core_ret=$ret
@@ -2897,6 +2906,8 @@ write_msr() {
# compare first core with the other ones
if [ "$first_core_ret" != "$ret" ]; then
ret_write_msr_msg="result is not homogeneous between all cores, at least core 0 and $core differ!"
# shellcheck disable=SC2163
eval "ret_write_msr_${msr}_msg=\$ret_write_msr_msg"
return $WRITE_MSR_RET_ERR
fi
fi
@@ -2923,10 +2934,17 @@ write_msr_one_core() {
mockvarname="SMC_MOCK_WRMSR_${msr}_RET"
# shellcheck disable=SC2086,SC1083
if [ -n "$(eval echo \${$mockvarname:-})" ]; then
pr_debug "write_msr: MOCKING enabled for msr $msr func returns $(eval echo \$$mockvarname)"
local mockret
mockret="$(eval echo \$$mockvarname)"
pr_debug "write_msr: MOCKING enabled for msr $msr func returns $mockret"
g_mocked=1
[ "$(eval echo \$$mockvarname)" = $WRITE_MSR_RET_LOCKDOWN ] && g_msr_locked_down=1
return "$(eval echo \$$mockvarname)"
if [ "$mockret" = "$WRITE_MSR_RET_LOCKDOWN" ]; then
g_msr_locked_down=1
ret_write_msr_msg="kernel lockdown is enabled, MSR writes are restricted"
elif [ "$mockret" = "$WRITE_MSR_RET_ERR" ]; then
ret_write_msr_msg="could not write MSR"
fi
return "$mockret"
fi
# proactive lockdown detection via sysfs (vanilla 5.4+, CentOS 8+, Rocky 9+):
@@ -2947,7 +2965,7 @@ write_msr_one_core() {
load_msr
fi
if [ ! -e $CPU_DEV_BASE/0/msr ] && [ ! -e ${BSD_CPUCTL_DEV_BASE}0 ]; then
ret_read_msr_msg="is msr kernel module available?"
ret_write_msr_msg="msr kernel module is not available"
return $WRITE_MSR_RET_ERR
fi
@@ -2957,14 +2975,13 @@ write_msr_one_core() {
ret=$?
else
# for Linux
# convert to decimal
if [ ! -w $CPU_DEV_BASE/"$core"/msr ]; then
ret_write_msr_msg="No write permission on $CPU_DEV_BASE/$core/msr"
return $WRITE_MSR_RET_ERR
# if wrmsr is available, use it
elif command -v wrmsr >/dev/null 2>&1 && [ "${SMC_NO_WRMSR:-}" != 1 ]; then
pr_debug "write_msr: using wrmsr"
wrmsr $msr_dec $value_dec 2>/dev/null
wrmsr -p "$core" $msr_dec $value_dec 2>/dev/null
ret=$?
# ret=4: msr doesn't exist, ret=127: msr.allow_writes=off
[ "$ret" = 127 ] && write_denied=1
@@ -3043,22 +3060,31 @@ readonly MSR_IA32_MCU_OPT_CTRL=0x123
readonly READ_MSR_RET_OK=0
readonly READ_MSR_RET_KO=1
readonly READ_MSR_RET_ERR=2
readonly READ_MSR_RET_LOCKDOWN=3
# Read an MSR register value across one or all cores
# Args: $1=msr_address $2=cpu_index(optional, default 0)
# Sets: ret_read_msr_value, ret_read_msr_value_hi, ret_read_msr_value_lo, ret_read_msr_msg
# Returns: READ_MSR_RET_OK | READ_MSR_RET_KO | READ_MSR_RET_ERR
# Sets: ret_read_msr_value, ret_read_msr_value_hi, ret_read_msr_value_lo, ret_read_msr_msg,
# ret_read_msr_ADDR_msg (where ADDR is the hex address, e.g. ret_read_msr_0x10a_msg)
# Returns: READ_MSR_RET_OK | READ_MSR_RET_KO | READ_MSR_RET_ERR | READ_MSR_RET_LOCKDOWN
read_msr() {
local ret core first_core_ret first_core_value
local ret core first_core_ret first_core_value msr_dec msr
msr_dec=$(($1))
msr=$(printf "0x%x" "$msr_dec")
if [ "$opt_cpu" != all ]; then
# we only have one core to read, do it and return the result
read_msr_one_core "$opt_cpu" "$@"
return $?
ret=$?
# shellcheck disable=SC2163
eval "ret_read_msr_${msr}_msg=\$ret_read_msr_msg"
return $ret
fi
# otherwise we must read all cores
for core in $(seq 0 "$g_max_core_id"); do
read_msr_one_core "$core" "$@"
ret=$?
# shellcheck disable=SC2163
eval "ret_read_msr_${msr}_msg=\$ret_read_msr_msg"
if [ "$core" = 0 ]; then
# save the result of the first core, for comparison with the others
first_core_ret=$ret
@@ -3067,6 +3093,8 @@ read_msr() {
# compare first core with the other ones
if [ "$first_core_ret" != "$ret" ] || [ "$first_core_value" != "$ret_read_msr_value" ]; then
ret_read_msr_msg="result is not homogeneous between all cores, at least core 0 and $core differ!"
# shellcheck disable=SC2163
eval "ret_read_msr_${msr}_msg=\$ret_read_msr_msg"
return $READ_MSR_RET_ERR
fi
fi
@@ -3078,7 +3106,7 @@ read_msr() {
# Read an MSR register value from a single CPU core
# Args: $1=core $2=msr_address
# Sets: ret_read_msr_value, ret_read_msr_value_hi, ret_read_msr_value_lo, ret_read_msr_msg
# Returns: READ_MSR_RET_OK | READ_MSR_RET_KO | READ_MSR_RET_ERR
# Returns: READ_MSR_RET_OK | READ_MSR_RET_KO | READ_MSR_RET_ERR | READ_MSR_RET_LOCKDOWN
read_msr_one_core() {
local ret core msr msr_dec mockvarname msr_h msr_l mockval
core="$1"
@@ -3110,21 +3138,28 @@ read_msr_one_core() {
mockvarname="SMC_MOCK_RDMSR_${msr}_RET"
# shellcheck disable=SC2086,SC1083
if [ -n "$(eval echo \${$mockvarname:-})" ] && [ "$(eval echo \$$mockvarname)" -ne 0 ]; then
pr_debug "read_msr: MOCKING enabled for msr $msr func returns $(eval echo \$$mockvarname)"
local mockret
mockret="$(eval echo \$$mockvarname)"
pr_debug "read_msr: MOCKING enabled for msr $msr func returns $mockret"
g_mocked=1
return "$(eval echo \$$mockvarname)"
if [ "$mockret" = "$READ_MSR_RET_LOCKDOWN" ]; then
ret_read_msr_msg="kernel lockdown is enabled, MSR reads are restricted"
elif [ "$mockret" = "$READ_MSR_RET_ERR" ]; then
ret_read_msr_msg="could not read MSR"
fi
return "$mockret"
fi
# proactive lockdown detection via sysfs (vanilla 5.4+, CentOS 8+, Rocky 9+):
# if the kernel lockdown is set to integrity or confidentiality, MSR writes will be denied,
# so we can skip the write attempt entirely and avoid relying on dmesg parsing
# if the kernel lockdown is set to integrity or confidentiality, MSR reads will be denied,
# so we can skip the read attempt entirely and avoid relying on dmesg parsing
if [ -e "$SYSKERNEL_BASE/security/lockdown" ]; then
if grep -qE '\[integrity\]|\[confidentiality\]' "$SYSKERNEL_BASE/security/lockdown" 2>/dev/null; then
pr_debug "write_msr: kernel lockdown detected via $SYSKERNEL_BASE/security/lockdown"
g_mockme=$(printf "%b\n%b" "$g_mockme" "SMC_MOCK_WRMSR_${msr}_RET=$WRITE_MSR_RET_LOCKDOWN")
pr_debug "read_msr: kernel lockdown detected via $SYSKERNEL_BASE/security/lockdown"
g_mockme=$(printf "%b\n%b" "$g_mockme" "SMC_MOCK_RDMSR_${msr}_RET=$READ_MSR_RET_LOCKDOWN")
g_msr_locked_down=1
ret_write_msr_msg="your kernel is locked down, please reboot with lockdown=none in the kernel cmdline and retry"
return $WRITE_MSR_RET_LOCKDOWN
ret_read_msr_msg="kernel lockdown is enabled, MSR reads are restricted"
return $READ_MSR_RET_LOCKDOWN
fi
fi
@@ -3133,7 +3168,7 @@ read_msr_one_core() {
load_msr
fi
if [ ! -e $CPU_DEV_BASE/0/msr ] && [ ! -e ${BSD_CPUCTL_DEV_BASE}0 ]; then
ret_read_msr_msg="is msr kernel module available?"
ret_read_msr_msg="msr kernel module is not available"
return $READ_MSR_RET_ERR
fi
@@ -4226,6 +4261,15 @@ check_cpu() {
ret=invalid
pstatus yellow NO "unknown CPU"
fi
if [ -z "$cap_ibrs" ] && [ $ret = $READ_CPUID_RET_ERR ] && [ "$opt_live" = 1 ]; then
# CPUID device unavailable (e.g. in a VM): fall back to /proc/cpuinfo
if grep ^flags "$g_procfs/cpuinfo" | grep -qw ibrs; then
cap_ibrs='IBRS (cpuinfo)'
cap_spec_ctrl=1
pstatus green YES "ibrs flag in $g_procfs/cpuinfo"
ret=$READ_CPUID_RET_OK
fi
fi
if [ $ret = $READ_CPUID_RET_KO ]; then
pstatus yellow NO
elif [ $ret = $READ_CPUID_RET_ERR ]; then
@@ -4294,6 +4338,10 @@ check_cpu() {
if [ $ret = $READ_CPUID_RET_OK ]; then
cap_ibpb='IBPB_SUPPORT'
pstatus green YES "IBPB_SUPPORT feature bit"
elif [ $ret = $READ_CPUID_RET_ERR ] && [ "$opt_live" = 1 ] && grep ^flags "$g_procfs/cpuinfo" | grep -qw ibpb; then
# CPUID device unavailable (e.g. in a VM): fall back to /proc/cpuinfo
cap_ibpb='IBPB (cpuinfo)'
pstatus green YES "ibpb flag in $g_procfs/cpuinfo"
elif [ $ret = $READ_CPUID_RET_KO ]; then
pstatus yellow NO
else
@@ -4329,7 +4377,7 @@ check_cpu() {
elif [ "$spec_ctrl_msr" = 0 ]; then
pstatus yellow NO
else
pstatus yellow UNKNOWN "is msr kernel module available?"
pstatus yellow UNKNOWN "$ret_read_msr_msg"
fi
pr_info_nol " * CPU indicates STIBP capability: "
@@ -4361,6 +4409,14 @@ check_cpu() {
ret=invalid
pstatus yellow UNKNOWN "unknown CPU"
fi
if [ -z "$cap_stibp" ] && [ $ret = $READ_CPUID_RET_ERR ] && [ "$opt_live" = 1 ]; then
# CPUID device unavailable (e.g. in a VM): fall back to /proc/cpuinfo
if grep ^flags "$g_procfs/cpuinfo" | grep -qw stibp; then
cap_stibp='STIBP (cpuinfo)'
pstatus green YES "stibp flag in $g_procfs/cpuinfo"
ret=$READ_CPUID_RET_OK
fi
fi
if [ $ret = $READ_CPUID_RET_KO ]; then
pstatus yellow NO
elif [ $ret = $READ_CPUID_RET_ERR ]; then
@@ -4425,6 +4481,15 @@ check_cpu() {
fi
fi
if [ -z "$cap_ssbd" ] && [ "$ret24" = $READ_CPUID_RET_ERR ] && [ "$ret25" = $READ_CPUID_RET_ERR ] && [ "$opt_live" = 1 ]; then
# CPUID device unavailable (e.g. in a VM): fall back to /proc/cpuinfo
if grep ^flags "$g_procfs/cpuinfo" | grep -qw ssbd; then
cap_ssbd='SSBD (cpuinfo)'
elif grep ^flags "$g_procfs/cpuinfo" | grep -qw virt_ssbd; then
cap_ssbd='SSBD in VIRT_SPEC_CTRL (cpuinfo)'
fi
fi
if [ -n "${cap_ssbd:=}" ]; then
pstatus green YES "$cap_ssbd"
elif [ "$ret24" = $READ_CPUID_RET_ERR ] && [ "$ret25" = $READ_CPUID_RET_ERR ]; then
@@ -4480,6 +4545,10 @@ check_cpu() {
if [ $ret = $READ_CPUID_RET_OK ]; then
pstatus green YES "L1D flush feature bit"
cap_l1df=1
elif [ $ret = $READ_CPUID_RET_ERR ] && [ "$opt_live" = 1 ] && grep ^flags "$g_procfs/cpuinfo" | grep -qw flush_l1d; then
# CPUID device unavailable (e.g. in a VM): fall back to /proc/cpuinfo
pstatus green YES "flush_l1d flag in $g_procfs/cpuinfo"
cap_l1df=1
elif [ $ret = $READ_CPUID_RET_KO ]; then
pstatus yellow NO
cap_l1df=0
@@ -4496,6 +4565,10 @@ check_cpu() {
if [ $ret = $READ_CPUID_RET_OK ]; then
cap_md_clear=1
pstatus green YES "MD_CLEAR feature bit"
elif [ $ret = $READ_CPUID_RET_ERR ] && [ "$opt_live" = 1 ] && grep ^flags "$g_procfs/cpuinfo" | grep -qw md_clear; then
# CPUID device unavailable (e.g. in a VM): fall back to /proc/cpuinfo
cap_md_clear=1
pstatus green YES "md_clear flag in $g_procfs/cpuinfo"
elif [ $ret = $READ_CPUID_RET_KO ]; then
cap_md_clear=0
pstatus yellow NO
@@ -4562,6 +4635,10 @@ check_cpu() {
if [ $ret = $READ_CPUID_RET_OK ]; then
pstatus green YES
cap_arch_capabilities=1
elif [ $ret = $READ_CPUID_RET_ERR ] && [ "$opt_live" = 1 ] && grep ^flags "$g_procfs/cpuinfo" | grep -qw arch_capabilities; then
# CPUID device unavailable (e.g. in a VM): fall back to /proc/cpuinfo
pstatus green YES "arch_capabilities flag in $g_procfs/cpuinfo"
cap_arch_capabilities=1
elif [ $ret = $READ_CPUID_RET_KO ]; then
pstatus yellow NO
cap_arch_capabilities=0
@@ -4754,7 +4831,8 @@ check_cpu() {
elif [ "$cap_tsx_ctrl_rtm_disable" = 0 ]; then
pstatus blue NO
else
pstatus yellow UNKNOWN "couldn't read MSR"
# shellcheck disable=SC2154
pstatus yellow UNKNOWN "$ret_read_msr_0x122_msg"
fi
pr_info_nol " * TSX_CTRL MSR indicates TSX CPUID bit is cleared: "
@@ -4763,7 +4841,8 @@ check_cpu() {
elif [ "$cap_tsx_ctrl_cpuid_clear" = 0 ]; then
pstatus blue NO
else
pstatus yellow UNKNOWN "couldn't read MSR"
# shellcheck disable=SC2154
pstatus yellow UNKNOWN "$ret_read_msr_0x122_msg"
fi
fi
@@ -4788,7 +4867,8 @@ check_cpu() {
pr_info_nol " * GDS microcode mitigation is disabled (GDS_MITG_DIS): "
if [ "$cap_gds_mitg_dis" = -1 ]; then
pstatus yellow UNKNOWN "couldn't read MSR"
# shellcheck disable=SC2154
pstatus yellow UNKNOWN "$ret_read_msr_0x123_msg"
elif [ "$cap_gds_mitg_dis" = 1 ]; then
pstatus yellow YES
else
@@ -4797,7 +4877,8 @@ check_cpu() {
pr_info_nol " * GDS microcode mitigation is locked in enabled state (GDS_MITG_LOCK): "
if [ "$cap_gds_mitg_lock" = -1 ]; then
pstatus yellow UNKNOWN "couldn't read MSR"
# shellcheck disable=SC2154
pstatus yellow UNKNOWN "$ret_read_msr_0x123_msg"
elif [ "$cap_gds_mitg_lock" = 1 ]; then
pstatus blue YES
else
@@ -4985,7 +5066,8 @@ check_cpu() {
elif [ "$cap_tsx_force_abort_rtm_disable" = 0 ]; then
pstatus blue NO
else
pstatus yellow UNKNOWN "couldn't read MSR"
# shellcheck disable=SC2154
pstatus yellow UNKNOWN "$ret_read_msr_0x10f_msg"
fi
pr_info_nol " * TSX_FORCE_ABORT MSR indicates TSX CPUID bit is cleared: "
@@ -4994,7 +5076,8 @@ check_cpu() {
elif [ "$cap_tsx_force_abort_cpuid_clear" = 0 ]; then
pstatus blue NO
else
pstatus yellow UNKNOWN "couldn't read MSR"
# shellcheck disable=SC2154
pstatus yellow UNKNOWN "$ret_read_msr_0x10f_msg"
fi
fi
@@ -6695,7 +6778,15 @@ check_CVE_2017_5715_linux() {
fi
fi
if [ "$rsb_filling" = 0 ]; then
if [ -n "$g_kernel_err" ]; then
# Red Hat kernels (RHEL 6/7/8) stuff RSB on context switch as part of
# their retpoline implementation when retp_enabled=1, but don't use the
# upstream X86_FEATURE_RSB_CTXSW flag or "Filling RSB on context switch"
# string. Detect this via the RHEL-specific debugfs knob.
# See https://bugzilla.redhat.com/show_bug.cgi?id=1616245#c8
if [ "$retp_enabled" = 1 ]; then
rsb_filling=1
pstatus green YES "Red Hat kernel with retpoline enabled includes RSB filling"
elif [ -n "$g_kernel_err" ]; then
pstatus yellow UNKNOWN "couldn't check ($g_kernel_err)"
else
if grep -qw -e 'Filling RSB on context switch' "$g_kernel"; then
@@ -11249,7 +11340,7 @@ if [ -n "$g_mockme" ] && [ "$opt_mock" = 1 ]; then
# not a useless use of cat: gzipping cpuinfo directly doesn't work well
# shellcheck disable=SC2002
if command -v "base64" >/dev/null 2>&1; then
g_mock_cpuinfo="$(cat /proc/cpuinfo | gzip -c | base64 -w0)"
g_mock_cpuinfo="$(cat /proc/cpuinfo | gzip -c | base64 | tr -d '\n')"
elif command -v "uuencode" >/dev/null 2>&1; then
g_mock_cpuinfo="$(cat /proc/cpuinfo | gzip -c | uuencode -m - | grep -Fv 'begin-base64' | grep -Fxv -- '====' | tr -d "\n")"
fi