search

raphaelsc / Am-I-affected-by-Meltdown

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
https://meltdownattack.com/
BSD 2-Clause "Simplified" License
542 stars 71 forks source link

RedHat 7 VM on ESXi Host - Unable to read /proc/kallsyms #7

Closed g00nix closed 6 years ago

g00nix commented 6 years ago

Here is the error:

[root@server Am-I-affected-by-Meltdown]# ./meltdown-checker 
Unable to read /proc/kallsyms. That means your system doesn't allow non-root programs to read the file. 
By the time being, consider running the program as root to verify if your system is affected by Meltdown. 
Aborted 
[root@server Am-I-affected-by-Meltdown]# cat /proc/kallsyms | grep sys_call 
0000000000000000 t proc_sys_call_handler 
0000000000000000 t ret_from_sys_call 
0000000000000000 T int_ret_from_sys_call 
0000000000000000 t sysexit_from_sys_call 
0000000000000000 t sysretl_from_sys_call 
0000000000000000 t ia32_ret_from_sys_call 
0000000000000000 R sys_call_table 
0000000000000000 R ia32_sys_call_table

This gets me kind of confused. Why would a script running with root have problems reading a file?

raphaelsc commented 6 years ago

you may consider reading this: https://askubuntu.com/questions/307221/how-to-get-the-address-with-proc-kallsyms

I'll improve the message to not confuse users.

g00nix commented 6 years ago

this did the trick: sudo sh -c "echo 0 > /proc/sys/kernel/kptr_restrict"

thank you!