Chirishman/PuppyFriendlySpeculationControl

Getting different results from original module SpeculationControl

Opened this issue · 3 comments

DarwinJS commented

This is for at least versions 1.5.2.1 and 1.5.2.2:

image

Chirishman commented

Found it. Looks like I never saw this on my machine because it actually does evaluate to false on the machine I've built this on because $kvaQuery does equal 0xc0000003 for me.

PuppyFriendlySpeculationControl/PuppyFriendlySpeculationControl/PuppyFriendlySpeculationControl.psm1

Line 263 in 100c955

$kvaFlags.kvaShadowPresent = $true

Looks like when I switched from passing $kvaFlags out to using a reference object I forgot to change this line.

Old:

$kvaFlags.kvaShadowPresent = $true

New:

$StatusObject.Value['kvaShadowPresent'] = $true
Chirishman commented

As to kvaShadowRequired, that's very odd, that is one of the least changed portions of code.

Theirs:

$kvaShadowRequired = $true
$kvaShadowPresent = $false
$kvaShadowEnabled = $false
$kvaShadowPcidEnabled = $false

$cpu = Get-WmiObject Win32_Processor

if ($cpu -is [array]) {
	$cpu = $cpu[0]
}

$manufacturer = $cpu.Manufacturer

if ($manufacturer -eq "AuthenticAMD") {
	$kvaShadowRequired = $false
}
elseif ($manufacturer -eq "GenuineIntel") {
	$regex = [regex]'Family (\d+) Model (\d+) Stepping (\d+)'
	$result = $regex.Match($cpu.Description)
	
	if ($result.Success) {
		$family = [System.UInt32]$result.Groups[1].Value
		$model = [System.UInt32]$result.Groups[2].Value
		$stepping = [System.UInt32]$result.Groups[3].Value
		
		if (($family -eq 0x6) -and 
			(($model -eq 0x1c) -or
			 ($model -eq 0x26) -or
			 ($model -eq 0x27) -or
			 ($model -eq 0x36) -or
			 ($model -eq 0x35))) {

			$kvaShadowRequired = $false
		}
	}
}

Mine

function Get-ProcessorInfo {
    [CmdletBinding()]
    Param(
        [Parameter(Mandatory=$true)]
        [ref]$StatusObject
    )
    $cpu = Get-WmiObject Win32_Processor | select -first 1

    if ($cpu.Manufacturer -eq "AuthenticAMD") {
        $StatusObject.Value.kvaShadowRequired = $false
    }
    elseif ($cpu.Manufacturer -eq "GenuineIntel") {
        $regex = [regex]'Family (\d+) Model (\d+) Stepping (\d+)'
        $result = $regex.Match($cpu.Description)
            
        if ($result.Success) {
            $family = [System.UInt32]$result.Groups[1].Value
            $model = [System.UInt32]$result.Groups[2].Value
            $stepping = [System.UInt32]$result.Groups[3].Value
                
            if (($family -eq 0x6) -and ($model -in @(0x1c,0x26,0x27,0x36,0x35))) {
                $StatusObject.Value.kvaShadowRequired = $false
            }
        }
    }
    else {
        throw ("Unsupported processor manufacturer: {0}" -f $cpu.Manufacturer)
    }
}

I'm having trouble replicating the issue with KVAShadowRequired because on my system the two outputs are currently matching. Can you give me a sample output of Get-WmiObject Win32_Processor so that I can see what I'm missing here?

DarwinJS commented

Yesterday Microsoft has added a -silent switch to their original.