mirror of
https://github.com/speed47/spectre-meltdown-checker
synced 2024-12-21 20:03:36 +01:00
enh: downfall: detect kernel mitigation without sysfs
This commit is contained in:
parent
aca4e2a9b1
commit
dbe208fc48
@ -6229,17 +6229,30 @@ check_CVE_2022_40982_linux() {
|
||||
fi
|
||||
|
||||
if [ -n "$kernel_gds" ]; then
|
||||
_info_nol "* Is the kernel mitigation active: "
|
||||
_info_nol "* Kernel has disabled AVX as a mitigation: "
|
||||
|
||||
# Check dmesg message to see whether AVX has been disabled
|
||||
dmesg_grep 'Microcode update needed! Disabling AVX as mitigation'; ret=$?
|
||||
if [ $ret -eq 2 ]; then
|
||||
pstatus yellow UNKNOWN "dmesg truncated, AVX mitigation detection will be unreliable. Please reboot and relaunch this script"
|
||||
elif [ $ret -eq 0 ]; then
|
||||
kernel_avx_disabled="AVX disabled by the kernel"
|
||||
dmesg_grep 'Microcode update needed! Disabling AVX as mitigation'; dmesgret=$?
|
||||
if [ $dmesgret -eq 0 ]; then
|
||||
kernel_avx_disabled="AVX disabled by the kernel (dmesg)"
|
||||
pstatus green YES "$kernel_avx_disabled"
|
||||
elif [ "$has_avx2" = 0 ]; then
|
||||
# Find out by ourselves
|
||||
# cpuinfo says we don't have AVX2, query
|
||||
# the CPU directly about AVX2 support
|
||||
read_cpuid 0x7 0x0 $EBX 5 1 1; ret=$?
|
||||
if [ $ret -eq $READ_CPUID_RET_OK ]; then
|
||||
kernel_avx_disabled="AVX disabled by the kernel (cpuid)"
|
||||
pstatus green YES "$kernel_avx_disabled"
|
||||
elif [ $ret -eq $READ_CPUID_RET_KO ]; then
|
||||
pstatus yellow NO "CPU doesn't support AVX"
|
||||
elif [ $dmesgret -eq 2 ]; then
|
||||
pstatus yellow UNKNOWN "dmesg truncated, can't tell whether mitigation is active, please reboot and relaunch this script"
|
||||
else
|
||||
pstatus yellow UNKNOWN "No sign of mitigation in dmesg and couldn't read cpuid info"
|
||||
fi
|
||||
else
|
||||
pstatus red NO "No trace of AVX mitigation in dmesg"
|
||||
pstatus yellow NO "AVX support is enabled"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user