1
0
mirror of https://github.com/speed47/spectre-meltdown-checker synced 2024-12-23 04:43:37 +01:00

feat: more robust validation of extracted kernel image

This commit is contained in:
Stéphane Lesimple 2018-03-17 16:02:11 +01:00
parent 6a94c3f158
commit 701cf882ad

View File

@ -563,7 +563,12 @@ vmlinux=''
vmlinux_err='' vmlinux_err=''
check_vmlinux() check_vmlinux()
{ {
"${opt_arch_prefix}readelf" -h "$1" >/dev/null 2>&1 && return 0 # checking the return code of readelf -h is not enough, we could get
# a damaged ELF file and validate it, check for stderr warnings too
_readelf_warnings=$("${opt_arch_prefix}readelf" -S "$1" 2>&1 >/dev/null); ret=$?
if [ $ret -eq 0 ] && [ -z "$_readelf_warnings" ]; then
return 0
fi
return 1 return 1
} }
@ -1033,6 +1038,10 @@ else
# try harder with some kernels (such as Red Hat) that don't have ^Linux version before their version string # try harder with some kernels (such as Red Hat) that don't have ^Linux version before their version string
vmlinux_version=$("${opt_arch_prefix}strings" "$vmlinux" 2>/dev/null | grep -E '^[[:alnum:]][^[:space:]]+ \([^[:space:]]+\) #[0-9]+ .+ (19|20)[0-9][0-9]$' | head -1) vmlinux_version=$("${opt_arch_prefix}strings" "$vmlinux" 2>/dev/null | grep -E '^[[:alnum:]][^[:space:]]+ \([^[:space:]]+\) #[0-9]+ .+ (19|20)[0-9][0-9]$' | head -1)
fi fi
if [ -z "$vmlinux_version" ]; then
# try even harder with some kernels (such as ARM) that split the release (uname -r) and version (uname -v) in 2 adjacent strings
vmlinux_version=$("${opt_arch_prefix}strings" "$vmlinux" 2>/dev/null | grep -E -B1 '^#[0-9]+ .+ (19|20)[0-9][0-9]$' | tr "\n" " ")
fi
if [ -n "$vmlinux_version" ]; then if [ -n "$vmlinux_version" ]; then
# in live mode, check if the img we found is the correct one # in live mode, check if the img we found is the correct one
if [ "$opt_live" = 1 ]; then if [ "$opt_live" = 1 ]; then