release v0.46

enh: assume CPU is immune to Zenbleed regardless of vendor except AMD
This contradicts our usual "if we don't know, consider vulnerable" motto, but as this vuln is extremely specific (which is not the case for the Spectre range of vulnerabilities, for example), this is the correct approach here.
2023-07-26 18:07:02 +02:00 · 2023-07-26 17:54:44 +02:00 · 2023-07-26 16:38:02 +02:00
1 changed files with 6 additions and 7 deletions
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@ -12,7 +12,7 @@
 #
 # Stephane Lesimple
 #
-VERSION='0.45'
+VERSION='0.46'

 trap 'exit_cleanup' EXIT
 trap '_warn "interrupted, cleaning up..."; exit_cleanup; exit 1' INT
@ -352,7 +352,8 @@ is_cpu_affected()
 	variant_taa=''
 	variant_itlbmh=''
 	variant_srbds=''
-	variant_zenbleed=''
+	# Zenbleed if extremely AMD specific, look for "is_and" below:
+	variant_zenbleed=immune

 	if is_cpu_mds_free; then
 		[ -z "$variant_msbds" ] && variant_msbds=immune
@ -385,7 +386,6 @@ is_cpu_affected()
 		variant_mdsum=immune
 		variant_taa=immune
 		variant_srbds=immune
-		variant_zenbleed=immune
 	elif is_intel; then
 		# Intel
 		# https://github.com/crozone/SpectrePoC/issues/1 ^F E5200 => spectre 2 not affected
@ -461,7 +461,6 @@ is_cpu_affected()
 			_debug "is_cpu_affected: intel family < 6 is immune to l1tf"
 			[ -z "$variantl1tf" ] && variantl1tf=immune
 		fi
-		variant_zenbleed=immune
 	elif is_amd || is_hygon; then
 		# AMD revised their statement about variant2 => affected
 		# https://www.amd.com/en/corporate/speculative-execution
@ -478,7 +477,6 @@ is_cpu_affected()
 		variantl1tf=immune

 		# Zenbleed
-		variant_zenbleed=immune
 		amd_legacy_erratum "$(amd_model_range 0x17 0x30 0x0 0x4f 0xf)" && variant_zenbleed=vuln
 		amd_legacy_erratum "$(amd_model_range 0x17 0x60 0x0 0x7f 0xf)" && variant_zenbleed=vuln
 		amd_legacy_erratum "$(amd_model_range 0x17 0xa0 0x0 0xaf 0xf)" && variant_zenbleed=vuln
@ -587,7 +585,6 @@ is_cpu_affected()
 			_debug "is_cpu_affected: for cpu$i and so far, we have <$variant1> <$variant2> <$variant3> <$variant3a> <$variant4>"
 		done
 		variantl1tf=immune
-		variant_zenbleed=immune
 	fi

 	# we handle iTLB Multihit here (not linked to is_specex_free)
@ -6038,7 +6035,9 @@ check_CVE_2023_20593_linux()
 			explain "Your CPU vendor may have a new microcode for your CPU model that mitigates this issue (refer to the hardware section above).\n " \
 "Otherwise, the Linux kernel is able to mitigate this issue regardless of the microcode version you have, but in this case\n " \
 "your kernel is too old to support this, your Linux distribution vendor might have a more recent version you should upgrade to.\n " \
-"Note that either having an up to date microcode OR an up to date kernel is enough to mitigate this issue."
+"Note that either having an up to date microcode OR an up to date kernel is enough to mitigate this issue.\n " \
+"To manually mitigate the issue right now, you may use the following command: \`wrmsr -a 0xc0011029 \$((\$(rdmsr -c 0xc0011029) | (1<<9)))\`,\n " \
+"however note that this manual mitigation will only be active until the next reboot."
 		fi
 		unset zenbleed_print_vuln
 	else
Author	SHA1	Message	Date
Stéphane Lesimple	b8f8c81d51	release v0.46	2023-07-26 18:07:02 +02:00
Stéphane Lesimple	f34dd5fa7b	enh: assume CPU is immune to Zenbleed regardless of vendor except AMD This contradicts our usual "if we don't know, consider vulnerable" motto, but as this vuln is extremely specific (which is not the case for the Spectre range of vulnerabilities, for example), this is the correct approach here.	2023-07-26 17:54:44 +02:00
Stéphane Lesimple	c0869d7341	enh: zenbleed: give a manual mitigation in --explain	2023-07-26 16:38:02 +02:00