diff options
| -rwxr-xr-x | spectre-meltdown-checker.sh | 45 |
1 files changed, 40 insertions, 5 deletions
diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh index 8fdb396..71e740b 100755 --- a/spectre-meltdown-checker.sh +++ b/spectre-meltdown-checker.sh @@ -8,7 +8,7 @@ # # Stephane Lesimple # -VERSION=0.20 +VERSION=0.21 # Script configuration show_usage() @@ -36,6 +36,35 @@ show_usage() -v, --verbose Increase verbosity level --batch Produce machine readable output + IMPORTANT: + A false sense of security is worse than no security at all. + Please use the --disclaimer option to understand exactly what this script does. + +EOF +} + +show_disclaimer() +{ + cat <<EOF +Disclaimer: + +This tool does its best to determine whether your system is immune (or has proper mitigations in place) for the +collectively named "speculative execution" vulnerabilities. It doesn't attempt to run any kind of exploit, and can't guarantee +that your system is secure, but rather helps you verifying whether your system has the known correct mitigations in place. +However, some mitigations could also exist in your kernel that this script doesn't know (yet) how to detect, or it might +falsely detect mitigations that in the end don't work as expected (for example, on backported or modified kernels). + +Your system exposure also depends on your CPU. As of now, AMD and ARM processors are marked as immune to some or all of these +vulnerabilities (except some specific ARM models). All Intel processors manufactured since circa 1995 are thought to be vulnerable. +Whatever processor one uses, one might seek more information from the manufacturer of that processor and/or of the device +in which it runs. + +The nature of the discovered vulnerabilities being quite new, the landscape of vulnerable processors can be expected +to change over time, which is why this script makes the assumption that all CPUs are vulnerable, except if the manufacturer +explicitely stated otherwise in a verifiable public announcement. + +This tool has been released in the hope that it'll be useful, but don't use it to jump to conclusions about your security. + EOF } @@ -111,11 +140,11 @@ is_cpu_vulnerable() variant1=0 variant2=1 variant3=1 - elif grep -qi 'CPU implementer : 0x41' /proc/cpuinfo; then + elif grep -qi 'CPU implementer\s*:\s*0x41' /proc/cpuinfo; then # ARM # reference: https://developer.arm.com/support/security-update - cpupart=$(awk '/CPU part :/ {print $4;exit}' /proc/cpuinfo) - cpuarch=$(awk '/CPU architecture:/ {print $3;exit}' /proc/cpuinfo) + cpupart=$(awk '/CPU part/ {print $4;exit}' /proc/cpuinfo) + cpuarch=$(awk '/CPU architecture/ {print $3;exit}' /proc/cpuinfo) if [ -n "$cpupart" -a -n "$cpuarch" ]; then # Cortex-R7 and Cortex-R8 are real-time and only used in medical devices or such # I can't find their CPU part number, but it's probably not that useful anyway @@ -214,6 +243,10 @@ while [ -n "$1" ]; do show_header show_usage exit 0 + elif [ "$1" = "--disclaimer" ]; then + show_header + show_disclaimer + exit 0 else show_header show_usage @@ -399,7 +432,7 @@ if [ -e "$opt_kernel" ]; then extract_vmlinux "$opt_kernel" fi else - vmlinux_err="couldn't find your kernel image in /boot, if you used neboot, this is normal" + vmlinux_err="couldn't find your kernel image in /boot, if you used netboot, this is normal" fi if [ -z "$vmlinux" -o ! -r "$vmlinux" ]; then [ -z "$vmlinux_err" ] && vmlinux_err="couldn't extract your kernel from $opt_kernel" @@ -692,4 +725,6 @@ fi _info +_info "A false sense of security is worse than no security at all, see --disclaimer" + [ -n "$dumped_config" ] && rm -f "$dumped_config" |