Get-SpeculationControlSettings one-line result

1. $NtQSIDefinition = @'
2. [DllImport("ntdll.dll")]
3. public static extern int NtQuerySystemInformation(uint systemInformationClass, IntPtr systemInformation, uint systemInformationLength, IntPtr returnLength);
4. '@
5. $ntdll = Add-Type -MemberDefinition $NtQSIDefinition -Name 'ntdll' -Namespace 'Win32' -PassThru
6. [System.IntPtr]$systemInformationPtr = [System.Runtime.InteropServices.Marshal]::AllocHGlobal(4)
7. [System.IntPtr]$returnLengthPtr = [System.Runtime.InteropServices.Marshal]::AllocHGlobal(4)
8. $Output
9.  
10. try {
11.     $btiHardwarePresent = $false
12.     $btiWindowsSupportPresent = $false
13.     $btiWindowsSupportEnabled = $false
14.     $btiDisabledBySystemPolicy = $false
15.     $btiDisabledByNoHardwareSupport = $false
16.  
17.     [System.UInt32]$systemInformationClass = 201
18.     [System.UInt32]$systemInformationLength = 4
19.  
20.     $retval = $ntdll::NtQuerySystemInformation($systemInformationClass, $systemInformationPtr, $systemInformationLength, $returnLengthPtr)
21.  
22.     if ($retval -eq 0xc0000003 -or $retval -eq 0xc0000002) {
23.         # fallthrough
24.     }
25.     elseif ($retval -ne 0) {
26.         throw (("Querying branch target injection information failed with error {0:X8}" -f $retval))
27.     }
28.     else {
29.  
30.         [System.UInt32]$scfBpbEnabled = 0x01
31.         [System.UInt32]$scfBpbDisabledSystemPolicy = 0x02
32.         [System.UInt32]$scfBpbDisabledNoHardwareSupport = 0x04
33.         [System.UInt32]$scfHwReg1Enumerated = 0x08
34.         [System.UInt32]$scfHwReg2Enumerated = 0x10
35.         [System.UInt32]$scfHwMode1Present = 0x20
36.         [System.UInt32]$scfHwMode2Present = 0x40
37.         [System.UInt32]$scfSmepPresent = 0x80
38.  
39.         [System.UInt32]$flags = [System.UInt32][System.Runtime.InteropServices.Marshal]::ReadInt32($systemInformationPtr)
40.  
41.         $btiHardwarePresent = ((($flags -band $scfHwReg1Enumerated) -ne 0) -or (($flags -band $scfHwReg2Enumerated)))
42.         $btiWindowsSupportPresent = $true
43.         $btiWindowsSupportEnabled = (($flags -band $scfBpbEnabled) -ne 0)
44.  
45.         if ($btiWindowsSupportEnabled -eq $false) {
46.             $btiDisabledBySystemPolicy = (($flags -band $scfBpbDisabledSystemPolicy) -ne 0)
47.             $btiDisabledByNoHardwareSupport = (($flags -band $scfBpbDisabledNoHardwareSupport) -ne 0)
48.         }
49.  
50.  
51.     }
52.  
53.     if ($btiHardwarePresent) { $Output += "BTI_HwSupported-"} else {$Output += "BTI_NoHwSupport-"}
54.     if ($btiWindowsSupportPresent) { $Output += "BTI_OSSupported-"} else {$Output += "BTI_NoOSSupport-"}
55.     if ($btiWindowsSupportEnabled) { $Output += "BTI_OSEnabled-"} else {$Output += "BTI_OSDisabled-"}    
56.  
57.  
58.     $kvaShadowRequired = $true
59.     $kvaShadowPresent = $false
60.     $kvaShadowEnabled = $false
61.     $kvaShadowPcidEnabled = $false
62.  
63.     $cpu = Get-WmiObject Win32_Processor
64.  
65.     if ($cpu.Manufacturer -eq "AuthenticAMD") {
66.         $kvaShadowRequired = $false
67.     }
68.     elseif ($cpu.Manufacturer -eq "GenuineIntel") {
69.         $regex = [regex]'Family (\d+) Model (\d+) Stepping (\d+)'
70.         $result = $regex.Match($cpu.Description)
71.        
72.         if ($result.Success) {
73.             $family = [System.UInt32]$result.Groups[1].Value
74.             $model = [System.UInt32]$result.Groups[2].Value
75.             $stepping = [System.UInt32]$result.Groups[3].Value
76.            
77.             if (($family -eq 0x6) -and
78.                 (($model -eq 0x1c) -or
79.                  ($model -eq 0x26) -or
80.                  ($model -eq 0x27) -or
81.                  ($model -eq 0x36) -or
82.                  ($model -eq 0x35))) {
83.  
84.                 $kvaShadowRequired = $false
85.             }
86.         }
87.     }
88.     else {
89.         throw ("Unsupported processor manufacturer: {0}" -f $cpu.Manufacturer)
90.     }
91.  
92.     [System.UInt32]$systemInformationClass = 196
93.     [System.UInt32]$systemInformationLength = 4
94.  
95.     $retval = $ntdll::NtQuerySystemInformation($systemInformationClass, $systemInformationPtr, $systemInformationLength, $returnLengthPtr)
96.  
97.     if ($retval -eq 0xc0000003 -or $retval -eq 0xc0000002) {
98.     }
99.     elseif ($retval -ne 0) {
100.         throw (("Querying kernel VA shadow information failed with error {0:X8}" -f $retval))
101.     }
102.     else {
103.  
104.         [System.UInt32]$kvaShadowEnabledFlag = 0x01
105.         [System.UInt32]$kvaShadowUserGlobalFlag = 0x02
106.         [System.UInt32]$kvaShadowPcidFlag = 0x04
107.         [System.UInt32]$kvaShadowInvpcidFlag = 0x08
108.  
109.         [System.UInt32]$flags = [System.UInt32][System.Runtime.InteropServices.Marshal]::ReadInt32($systemInformationPtr)
110.  
111.         $kvaShadowPresent = $true
112.         $kvaShadowEnabled = (($flags -band $kvaShadowEnabledFlag) -ne 0)
113.         $kvaShadowPcidEnabled = ((($flags -band $kvaShadowPcidFlag) -ne 0) -and (($flags -band $kvaShadowInvpcidFlag) -ne 0))
114.  
115.     }
116.  
117.     if ($kvaShadowRequired) {
118.         if ($kvaShadowEnabled) { $Output += "ShadowEnabledOrUnnecessary"} else {$Output += "ShadowNeededNotEnabled"}        
119.     } else {
120.         $Output += "ShadowEnabledOrUnnecessary"
121.     }
122.  
123. }
124. finally
125. {
126.     if ($systemInformationPtr -ne [System.IntPtr]::Zero) {
127.         [System.Runtime.InteropServices.Marshal]::FreeHGlobal($systemInformationPtr)
128.     }
129.  
130.     if ($returnLengthPtr -ne [System.IntPtr]::Zero) {
131.         [System.Runtime.InteropServices.Marshal]::FreeHGlobal($returnLengthPtr)
132.     }
133. }    
134.  
135. Write-Output $Output