feat(retpoline): check if retpoline is enabled

Before we would just check if retpoline was compiled
in, now we also check that it's enabled at runtime
(only in live mode)

1 files changed, 14 insertions, 0 deletions

diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index 904cfbb..a48716c 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -1162,6 +1162,20 @@ check_variant2()
 		else
 			pstatus yellow UNKNOWN "couldn't find your kernel image or System.map"
 		fi
+
+		_info_nol "*   Retpoline enabled: "
+		if [ "$opt_live" = 1 ]; then
+			# kernel adds this flag when retpoline is supported and enabled,
+			# regardless of the fact that it's minimal / full and generic / amd
+			if grep -qw retpoline /proc/cpuinfo; then
+				pstatus green YES
+				retpoline_enabled=1
+			else
+				pstatus red NO
+			fi
+		else
+			pstatus blue N/A "can't check this in offline mode"
+		fi
 	elif [ "$sys_interface_available" = 0 ]; then
 		# we have no sysfs but were asked to use it only!
 		msg="/sys vulnerability interface use forced, but it's not available!"