mitigation-patching.sh (1381B)
1#!/usr/bin/env bash 2 3set -euo pipefail 4 5TIMEOUT=10 6 7function do_one 8{ 9 local mitigation="$1" 10 local orig 11 local start 12 local now 13 14 orig=$(cat "$mitigation") 15 16 start=$(date +%s) 17 now=$start 18 19 while [[ $((now-start)) -lt "$TIMEOUT" ]] 20 do 21 echo 0 > "$mitigation" 22 echo 1 > "$mitigation" 23 24 now=$(date +%s) 25 done 26 27 echo "$orig" > "$mitigation" 28} 29 30rc=0 31cd /sys/kernel/debug/powerpc || rc=1 32if [[ "$rc" -ne 0 ]]; then 33 echo "Error: couldn't cd to /sys/kernel/debug/powerpc" >&2 34 exit 1 35fi 36 37tainted=$(cat /proc/sys/kernel/tainted) 38if [[ "$tainted" -ne 0 ]]; then 39 echo "Error: kernel already tainted!" >&2 40 exit 1 41fi 42 43mitigations="barrier_nospec stf_barrier count_cache_flush rfi_flush entry_flush uaccess_flush" 44 45for m in $mitigations 46do 47 if [[ -f /sys/kernel/debug/powerpc/$m ]] 48 then 49 do_one "$m" & 50 fi 51done 52 53echo "Spawned threads enabling/disabling mitigations ..." 54 55if stress-ng > /dev/null 2>&1; then 56 stress="stress-ng" 57elif stress > /dev/null 2>&1; then 58 stress="stress" 59else 60 stress="" 61fi 62 63if [[ -n "$stress" ]]; then 64 "$stress" -m "$(nproc)" -t "$TIMEOUT" & 65 echo "Spawned VM stressors ..." 66fi 67 68echo "Waiting for timeout ..." 69wait 70 71tainted=$(cat /proc/sys/kernel/tainted) 72if [[ "$tainted" -ne 0 ]]; then 73 echo "Error: kernel became tainted!" >&2 74 exit 1 75fi 76 77echo "OK" 78exit 0