Utility for mitigations CVE-2017-5715 and CVE-2017-5754 status check

Discussion in 'Operating Systems' started by mbk1969, Jan 10, 2018.

  1. Chrysalis

    Chrysalis Master Guru

    Messages:
    373
    Likes Received:
    90
    GPU:
    RTX 3080 FE
    It is skylake and newer.
     
  2. mbk1969

    mbk1969 Ancient Guru

    Messages:
    15,542
    Likes Received:
    13,561
    GPU:
    GF RTX 4070
    As I take some some CPUs do not need retpoline:
    https://software.intel.com/security...line-A-Branch-Target-Injection-Mitigation.pdf
    (About enhanced IBRS - https://software.intel.com/content/...lative-execution-side-channel-mitigations.pdf)

    ***

    As for your question about PowerShell module and this tool, you see these two lines in PowerShell:
    Code:
    BTIKernelRetpolineEnabled           : False
    BTIKernelImportOptimizationEnabled  : True
    
    and you see these two lines in tool:
    Code:
    Windows OS support for kernel retpoline is enabled: False
    Windows OS support for kernel import optimization is enabled: True
    
     
    Last edited: Apr 19, 2021
  3. Astyanax

    Astyanax Ancient Guru

    Messages:
    17,017
    Likes Received:
    7,353
    GPU:
    GTX 1080ti
    Retpoline and Import optimization is supported up to Broadwell, but PCID optimizatin is not.
    Import and PCID optimization is supported on skylake but retpoline is not.
     
    Chrysalis likes this.
  4. tsunami231

    tsunami231 Ancient Guru

    Messages:
    14,725
    Likes Received:
    1,855
    GPU:
    EVGA 1070Ti Black
    I did not know that, guess I was reading that wrong.

    As for the 2 listed there i didnt know they were same just worded diffrently, what about all the other stuff under stuff in the power shell? i dont see entires for all them in your tool?

    This just curiosity at point I all but stopped paying attention to all his.
     

  5. tsunami231

    tsunami231 Ancient Guru

    Messages:
    14,725
    Likes Received:
    1,855
    GPU:
    EVGA 1070Ti Black
    This what happens when they use word i didnt undestand o_O I had to look up "subsequent" dont remeber which article I was reading that in that used that instead of "newer"
     
  6. mbk1969

    mbk1969 Ancient Guru

    Messages:
    15,542
    Likes Received:
    13,561
    GPU:
    GF RTX 4070
    Other stuff in PowerShell just duplicates the text above:
    - lines with "BTI" prefix are about "branch target injection" section;
    - lines with "KVA" prefix are about "rogue data cache load" (kernel VA) section;
    - lines with "SSBD" are about "speculative store bypass" section;
    - lines with "L1TF" are about "L1 terminal fault" section;
    - lines with "MDS" prefix are about "microarchitectural data sampling" section.
    You can easily find their fuller presentation in according section (except for two lines you asked about).
     
  7. mbk1969

    mbk1969 Ancient Guru

    Messages:
    15,542
    Likes Received:
    13,561
    GPU:
    GF RTX 4070
    I just noticed that the original PowerShell script was updated from v1.0.14 to v1.0.17 - https://www.powershellgallery.com/packages/SpeculationControl/1.0.17

    So I went and updated C# version accordingly

    http://www.mediafire.com/file/2321zihyiaefbzj/MitigationStatus.zip
    MD5 hash for zip-file: 054F6769C2BF0C1F8466F06D68F25CD8

    Changelog from PowerShell script:
    • Add support for querying SPDR, FBSDP and PSDP mitigation settings
    • Use Family Model Stepping of CPU for L1TF detection
    Also I slightly changed the format of output in hope to increase readability, and guidance notice with proper link was added to the end of output.
     
    Chrysalis and aufkrawall2 like this.
  8. Chrysalis

    Chrysalis Master Guru

    Messages:
    373
    Likes Received:
    90
    GPU:
    RTX 3080 FE
    That's great thanks, could you perhaps make it auto detect if script is already installed and if newer than the one included in the app make it use that? then the app wouldnt need to be updated when script is updated, current script is 1.0.18.
     
  9. mbk1969

    mbk1969 Ancient Guru

    Messages:
    15,542
    Likes Received:
    13,561
    GPU:
    GF RTX 4070
    No PS script is included in he app. PS script is "translated" into C# code. I will look into this 1.0.18 update, thanks for notification.

    Upd.: Only difference I found is in the testing of "CVE-2018-3620 (L1 terminal fault – OS)".
     
    Last edited: Aug 31, 2023
    Chrysalis likes this.
  10. mbk1969

    mbk1969 Ancient Guru

    Messages:
    15,542
    Likes Received:
    13,561
    GPU:
    GF RTX 4070
    Chrysalis and MerolaC like this.

Share This Page