mirror of
https://github.com/speed47/spectre-meltdown-checker.git
synced 2025-07-03 09:29:06 +02:00
Compare commits
No commits in common. "b8f8c81d519435c0871b13f02b5c4a72c5bffd5e" and "e99a548dcc81354e860445a6302cc29946015413" have entirely different histories.
b8f8c81d51
...
e99a548dcc
@ -12,7 +12,7 @@
|
||||
#
|
||||
# Stephane Lesimple
|
||||
#
|
||||
VERSION='0.46'
|
||||
VERSION='0.45'
|
||||
|
||||
trap 'exit_cleanup' EXIT
|
||||
trap '_warn "interrupted, cleaning up..."; exit_cleanup; exit 1' INT
|
||||
@ -352,8 +352,7 @@ is_cpu_affected()
|
||||
variant_taa=''
|
||||
variant_itlbmh=''
|
||||
variant_srbds=''
|
||||
# Zenbleed if extremely AMD specific, look for "is_and" below:
|
||||
variant_zenbleed=immune
|
||||
variant_zenbleed=''
|
||||
|
||||
if is_cpu_mds_free; then
|
||||
[ -z "$variant_msbds" ] && variant_msbds=immune
|
||||
@ -386,6 +385,7 @@ is_cpu_affected()
|
||||
variant_mdsum=immune
|
||||
variant_taa=immune
|
||||
variant_srbds=immune
|
||||
variant_zenbleed=immune
|
||||
elif is_intel; then
|
||||
# Intel
|
||||
# https://github.com/crozone/SpectrePoC/issues/1 ^F E5200 => spectre 2 not affected
|
||||
@ -461,6 +461,7 @@ is_cpu_affected()
|
||||
_debug "is_cpu_affected: intel family < 6 is immune to l1tf"
|
||||
[ -z "$variantl1tf" ] && variantl1tf=immune
|
||||
fi
|
||||
variant_zenbleed=immune
|
||||
elif is_amd || is_hygon; then
|
||||
# AMD revised their statement about variant2 => affected
|
||||
# https://www.amd.com/en/corporate/speculative-execution
|
||||
@ -477,6 +478,7 @@ is_cpu_affected()
|
||||
variantl1tf=immune
|
||||
|
||||
# Zenbleed
|
||||
variant_zenbleed=immune
|
||||
amd_legacy_erratum "$(amd_model_range 0x17 0x30 0x0 0x4f 0xf)" && variant_zenbleed=vuln
|
||||
amd_legacy_erratum "$(amd_model_range 0x17 0x60 0x0 0x7f 0xf)" && variant_zenbleed=vuln
|
||||
amd_legacy_erratum "$(amd_model_range 0x17 0xa0 0x0 0xaf 0xf)" && variant_zenbleed=vuln
|
||||
@ -585,6 +587,7 @@ is_cpu_affected()
|
||||
_debug "is_cpu_affected: for cpu$i and so far, we have <$variant1> <$variant2> <$variant3> <$variant3a> <$variant4>"
|
||||
done
|
||||
variantl1tf=immune
|
||||
variant_zenbleed=immune
|
||||
fi
|
||||
|
||||
# we handle iTLB Multihit here (not linked to is_specex_free)
|
||||
@ -6035,9 +6038,7 @@ check_CVE_2023_20593_linux()
|
||||
explain "Your CPU vendor may have a new microcode for your CPU model that mitigates this issue (refer to the hardware section above).\n " \
|
||||
"Otherwise, the Linux kernel is able to mitigate this issue regardless of the microcode version you have, but in this case\n " \
|
||||
"your kernel is too old to support this, your Linux distribution vendor might have a more recent version you should upgrade to.\n " \
|
||||
"Note that either having an up to date microcode OR an up to date kernel is enough to mitigate this issue.\n " \
|
||||
"To manually mitigate the issue right now, you may use the following command: \`wrmsr -a 0xc0011029 \$((\$(rdmsr -c 0xc0011029) | (1<<9)))\`,\n " \
|
||||
"however note that this manual mitigation will only be active until the next reboot."
|
||||
"Note that either having an up to date microcode OR an up to date kernel is enough to mitigate this issue."
|
||||
fi
|
||||
unset zenbleed_print_vuln
|
||||
else
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user