vm_tools: concierge: Fix bug in mds parsing
This change fixes a bug in mds vulnerability status parsing. Previously,
we split the status on both ",;". However, it's required to only split
on ";" to parse the status correctly.
BUG=b:161549037
TEST=Start a VM.
Change-Id: Ic57a75e402c4bb2e2a60fb4f13f40634d9d943db
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/2318336
Reviewed-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-by: Stephen Barber <smbarber@chromium.org>
Tested-by: Abhishek Bhardwaj <abhishekbh@chromium.org>
Commit-Queue: Abhishek Bhardwaj <abhishekbh@chromium.org>
diff --git a/vm_tools/concierge/untrusted_vm_utils.cc b/vm_tools/concierge/untrusted_vm_utils.cc
index e10eff3..7b76be3 100644
--- a/vm_tools/concierge/untrusted_vm_utils.cc
+++ b/vm_tools/concierge/untrusted_vm_utils.cc
@@ -91,7 +91,7 @@
LOG(INFO) << "mds status: " << mds_status;
std::vector<base::StringPiece> mds_statuses = base::SplitStringPiece(
- mds_status, ",;", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL);
+ mds_status, ";", base::TRIM_WHITESPACE, base::SPLIT_WANT_ALL);
const size_t num_statuses = mds_statuses.size();
// The sysfs file should always return up to 2 statuses and no more.
if (num_statuses > 2) {
diff --git a/vm_tools/concierge/untrusted_vm_utils_test.cc b/vm_tools/concierge/untrusted_vm_utils_test.cc
index bd905a83..a2de335 100644
--- a/vm_tools/concierge/untrusted_vm_utils_test.cc
+++ b/vm_tools/concierge/untrusted_vm_utils_test.cc
@@ -161,9 +161,13 @@
CheckMDSStatus("Some gibberish; some more gibberish",
UntrustedVMUtils::MitigationStatus::VULNERABLE);
- CheckMDSStatus("Vulnerable: Clear CPU buffers attempted; no microcode",
+ CheckMDSStatus("Vulnerable: Clear CPU buffers attempted, no microcode",
UntrustedVMUtils::MitigationStatus::VULNERABLE);
+ CheckMDSStatus(
+ "Vulnerable: Clear CPU buffers attempted, no microcode; SMT enabled",
+ UntrustedVMUtils::MitigationStatus::VULNERABLE);
+
CheckMDSStatus("Vulnerable; SMT disabled",
UntrustedVMUtils::MitigationStatus::VULNERABLE);