dsanchez/spectre-meltdown-checker
1
0
Fork 0
mirror of https://github.com/speed47/spectre-meltdown-checker synced 2024-11-07 06:33:38 +01:00
Code Issues Releases Wiki Activity

Check for obsolete dd

Browse Source 
On linux systems which need dd, this check if the version is compatible before continuing with hardware checks.
If the install of dd is obsolete, user is warnd, and hardware checks do not continue, any other requested checks performed as normal.

(Old versions (before circa 2012) of dd do not support the iflag=skip_bytes option. They are therefore unable to read from cpuid, or msr, where read offset is used to pass the required page. To complicate matters, some versions of dd may not return an error code when this happens.)
This commit is contained in:
Rob Gill 2018-05-22 20:40:57 +10:00 committed by GitHub
parent 65c123f309
commit e04c6b9850
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 25 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
spectre-meltdown-checker.sh
View File

@ -1453,6 +1453,21 @@ read_msr()
return 0 return 0
} }
check_dd()
{
# Old versions of dd do not support iflag=skip_bytes so are unable to read cpuid and MSR
# also some versions may fail silently.
if [ "$os" = Linux ]; then
printf ddskipsupport | dd bs=2 skip=2 iflag=skip_bytes count=2 2>/dev/null | grep skip >/dev/null
dd_support=$?
if [ "$dd_support" != "0" ]; then
_debug "dd does not support iflag=skip_bytes"
_warn "Obsolete version of dd does not support required features"
_info
fi
fi
}
check_cpu() check_cpu()
{ {
_info "\033[1;34mHardware check\033[0m" _info "\033[1;34mHardware check\033[0m"
@ -1462,6 +1477,10 @@ check_cpu()
fi fi
_info "* Hardware support (CPU microcode) for mitigation techniques" _info "* Hardware support (CPU microcode) for mitigation techniques"
if [ "$dd_support" != "0" ]; then
pstatus yellow UNKNOWN "* Unable to determine Hardware support (CPU microcode) mitigation techniques"
return
fi
_info " * Indirect Branch Restricted Speculation (IBRS)" _info " * Indirect Branch Restricted Speculation (IBRS)"
_info_nol " * SPEC_CTRL MSR is available: " _info_nol " * SPEC_CTRL MSR is available: "
number_of_cpus number_of_cpus
@ -1793,6 +1812,11 @@ check_cpu()
check_cpu_vulnerabilities() check_cpu_vulnerabilities()
{ {
_info "* CPU vulnerability to the speculative execution attack variants" _info "* CPU vulnerability to the speculative execution attack variants"
if [ "$dd_support" != "0" ]; then
pstatus yellow UNKNOWN "* Unable to determine Hardware support (CPU microcode) mitigation techniques"
return
fi
for v in 1 2 3 3a 4; do for v in 1 2 3 3a 4; do
_info_nol " * Vulnerable to Variant $v: " _info_nol " * Vulnerable to Variant $v: "
if is_cpu_vulnerable $v; then if is_cpu_vulnerable $v; then
@ -2909,6 +2933,7 @@ check_variant4()
} }
if [ "$opt_no_hw" = 0 ] && [ -z "$opt_arch_prefix" ]; then if [ "$opt_no_hw" = 0 ] && [ -z "$opt_arch_prefix" ]; then
check_dd
check_cpu check_cpu
check_cpu_vulnerabilities check_cpu_vulnerabilities
_info _info