From 2c6d075e2a9749d2805fb52ec5a2c7274f73dfc7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Beno=C3=AEt=2ES?= <benpro@benpro.fr>
Date: Thu, 11 Jan 2018 11:24:42 +0100
Subject: [PATCH] Add IS_MELTDOWN

We check kaiser flags in /proc/cpuinfo and CONFIG_PAGE_TABLE_ISOLATION in
kernel config file.
---
 evocheck.sh | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/evocheck.sh b/evocheck.sh
index 529d89f..f5dc5a1 100755
--- a/evocheck.sh
+++ b/evocheck.sh
@@ -97,6 +97,7 @@ IS_REDIS_BACKUP=1
 IS_ELASTIC_BACKUP=1
 IS_MONGO_BACKUP=1
 IS_MOUNT_FSTAB=1
+IS_MELTDOWN=1
 
 #Proper to OpenBSD
 IS_SOFTDEP=1
@@ -704,6 +705,18 @@ if [ -e /etc/debian_version ]; then
                 && test -f /etc/squid/evolinux-custom.conf) || echo 'IS_SQUIDEVOLINUXCONF FAILED!'
         fi
     fi
+
+    if [ "$IS_MELTDOWN" = 1 ]; then
+        if grep -q BOOT_IMAGE= /proc/cmdline; then
+            # We check if the current running kernel has CONFIG_PAGE_TABLE_ISOLATION enabled
+            kernelPath=$(grep -Eo 'BOOT_IMAGE=[^ ]+' /proc/cmdline | cut -d= -f2)
+            kernelVer=${kernelPath##*/vmlinuz-}
+            kernelConfig="config-${kernelVer}"
+            grep -Eq '^(CONFIG_PAGE_TABLE_ISOLATION|CONFIG_KAISER)=y' /boot/$kernelConfig || echo 'IS_MELTDOWN FAILED!'
+        fi
+        # We check if the running kernel has kaiser loaded
+        grep -Eq '^flags\s+:\s+.+(kaiser).+' /proc/cpuinfo || echo 'IS_MELTDOWN FAILED!'
+    fi
 fi