false positive due to missing System.map ? (ie. awk: fatal: cannot open file ) AND using same exit code of 1 for usage() and vulnerable detection

[ghost]

$ ./run.sh 
looking for linux_proc_banner in /proc/kallsyms
protected. requires root
../run.sh:18+ find_linux_proc_banner /proc/kallsyms sudo
../run.sh:4+ sudo awk '
	/linux_proc_banner/ {
		if (strtonum("0x"$1))
			print $1;
		exit 0;
	}' /proc/kallsyms
[sudo] password for xftroxgpx: 
./run.sh:18+ linux_proc_banner=
./run.sh:20+ set +x
not found. reading /boot/System.map-4.15.0-rc5-g2758b3e3e630
.../run.sh:26+ uname -r
../run.sh:26+ find_linux_proc_banner /boot/System.map-4.15.0-rc5-g2758b3e3e630 sudo
../run.sh:4+ sudo awk '
	/linux_proc_banner/ {
		if (strtonum("0x"$1))
			print $1;
		exit 0;
	}' /boot/System.map-4.15.0-rc5-g2758b3e3e630
awk: fatal: cannot open file `/boot/System.map-4.15.0-rc5-g2758b3e3e630' for reading (No such file or directory)
./run.sh:26+ linux_proc_banner=
./run.sh:27+ set +x
./meltdown: [hexaddr] [size]
VULNERABLE ON
4.15.0-rc5-g2758b3e3e630 #172 SMP PREEMPT Sat Dec 30 10:44:19 CET 2017 unknown
processor	: 0
vendor_id	: AuthenticAMD
cpu family	: 18
model		: 1
model name	: AMD A6-3400M APU with Radeon(tm) HD Graphics
stepping	: 0
microcode	: 0x3000027
cpu MHz		: 2269.781
cache size	: 1024 KB
physical id	: 0

[ghost]

looks like usage() and vulnerable both return the same exit code (1) :

$ ./meltdown ; echo $?
./meltdown: [hexaddr] [size]
1

[GustavoBlaze]

i had the same issue

looking for linux_proc_banner in /proc/kallsyms
awk: fatal: cannot open file `/proc/kallsyms' for reading (No such file or directory)
protected. requires root
+ find_linux_proc_banner /proc/kallsyms sudo
+ sudo awk
        /linux_proc_banner/ {
                if (strtonum("0x"$1))
                        print $1;
                exit 0;
        } /proc/kallsyms
[sudo] password for scot:
awk: fatal: cannot open file `/proc/kallsyms' for reading (No such file or directory)
+ linux_proc_banner=
+ set +x
not found. reading /boot/System.map-4.4.0-43-Microsoft
+ uname -r
+ find_linux_proc_banner /boot/System.map-4.4.0-43-Microsoft sudo
+ sudo awk
        /linux_proc_banner/ {
                if (strtonum("0x"$1))
                        print $1;
                exit 0;
        } /boot/System.map-4.4.0-43-Microsoft
awk: fatal: cannot open file `/boot/System.map-4.4.0-43-Microsoft' for reading (No such file or directory)
+ linux_proc_banner=
+ set +x
./meltdown: [hexaddr] [size]
VULNERABLE ON
4.4.0-43-Microsoft #1-Microsoft Wed Dec 31 14:42:53 PST 2014 x86_64
processor       : 0
vendor_id       : AuthenticAMD
cpu family      : 21
model           : 2
model name      : AMD FX-8320E Eight-Core Processor
stepping        : 0
microcode       : 0xffffffff
cpu MHz         : 3200.000
cache size      : 2048 KB
physical id     : 0

[ghost]

if i use start_cpu0 symbol instead of linux_proc_banner, then it works for me. More info

console output

$ ./run.sh 
looking for start_cpu0 in /proc/kallsyms
protected. requires root
../run.sh:20+ find_start_cpu0 /proc/kallsyms sudo
../run.sh:6+ sudo awk '
	/start_cpu0/ {
		if (strtonum("0x"$1))
			print $1;
		exit 0;
	}' /proc/kallsyms
[sudo] password for xftroxgpx: 
./run.sh:20+ start_cpu0=ffffffffba4001e0
./run.sh:22+ set +x
cached = 56, uncached = 121, threshold 82
read ffffffffba4001e0 = 5b [
read ffffffffba4001e1 = 58 X
read ffffffffba4001e2 = 64 d
read ffffffffba4001e3 = 2c ,
read ffffffffba4001e4 = 44 D
read ffffffffba4001e5 = 3f ?
read ffffffffba4001e6 = 4e N
read ffffffffba4001e7 = 61 a
read ffffffffba4001e8 = 5b [
read ffffffffba4001e9 = 67 g
read ffffffffba4001ea = 57 W
read ffffffffba4001eb = 47 G
read ffffffffba4001ec = 60 `
read ffffffffba4001ed = 6b k
read ffffffffba4001ee = 6d m
read ffffffffba4001ef = 4b K
NOT VULNERABLE

[paboldin]

Thanks for this. Fixed usage() return.
Can't really change to anything other than linux_proc_banner since it's content is fixed since ages.