From 3ac36669d99a188e221a03d79d60f62b558c4df8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= Date: Sun, 20 Mar 2022 13:17:04 +0100 Subject: [PATCH] feat: bsd: for unimplemented CVEs, at least report when CPU is not affected --- spectre-meltdown-checker.sh | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh index 3be7e5b..9eaadeb 100755 --- a/spectre-meltdown-checker.sh +++ b/spectre-meltdown-checker.sh @@ -5369,8 +5369,8 @@ check_CVE_2019_11135() _info "\033[1;34m$cve aka '$(cve2name "$cve")'\033[0m" if [ "$os" = Linux ]; then check_CVE_2019_11135_linux - #elif echo "$os" | grep -q BSD; then - # check_CVE_2019_11135_bsd + elif echo "$os" | grep -q BSD; then + check_CVE_2019_11135_bsd else _warn "Unsupported OS ($os)" fi @@ -5452,6 +5452,16 @@ check_CVE_2019_11135_linux() fi } +check_CVE_2019_11135_bsd() +{ + if ! is_cpu_vulnerable "$cve" ; then + # override status & msg in case CPU is not vulnerable after all + pvulnstatus "$cve" OK "your CPU vendor reported your CPU model as not affected" + else + pvulnstatus "$cve" UNK "your CPU is affected, but mitigation detection has not yet been implemented for BSD in this script" + fi +} + ####################### # iTLB Multihit section