fix broken logic of 68961f9, increment version to 0.20

spectre-meltdown-checker.sh

@@ -8,7 +8,7 @@
 #
 # Stephane Lesimple
 #
-VERSION=0.19
+VERSION=0.20
 
 # print status function
 pstatus()
@@ -149,14 +149,16 @@ _echo_nol()
 is_cpu_vulnerable()
 {
 	# param: 1, 2 or 3 (variant)
-	# returns 0 if vulnerable, 1 if vulnerable, 2 if not vulnerable, 255 on error
+	# returns 1 if vulnerable, 0 if not vulnerable, 255 on error
-	variant1=1
+	# by default, everything is vulnerable, we work in a "whitelist" logic here.
-	variant2=1
+	# usage: is_cpu_vulnerable 2 && do something if vulnerable
-	variant3=1
+	variant1=0
+	variant2=0
+	variant3=0
 	if grep -q AMD /proc/cpuinfo; then
-		variant1=1
+		variant1=0
-		variant2=0
+		variant2=1
-		variant3=0
+		variant3=1
 	elif grep -qi 'CPU implementer : 0x41' /proc/cpuinfo; then
 		# ARM
 		# reference: https://developer.arm.com/support/security-update
@@ -170,21 +172,21 @@ is_cpu_vulnerable()
 			# arch  7? 7? 7     7     7     8     8      8      8
 			if [ "$cpuarch" = 7 ] && echo "$cpupart" | grep -Eq '^0x(c09|c0f|c0e)$'; then
 				# armv7 vulnerable chips
-				variant1=1
-				variant2=1
-			elif [ "$cpuarch" = 8 ] && echo "$cpupart" | grep -Eq '^0x(d07|d08|d09|d0a)$'; then
-				# armv8 vulnerable chips
-				variant1=1
-				variant2=1
-			else
 				variant1=0
 				variant2=0
+			elif [ "$cpuarch" = 8 ] && echo "$cpupart" | grep -Eq '^0x(d07|d08|d09|d0a)$'; then
+				# armv8 vulnerable chips
+				variant1=0
+				variant2=0
+			else
+				variant1=1
+				variant2=1
 			fi
 			# for variant3, only A75 is vulnerable
 			if [ "$cpuarch" = 8 -a "$cpupart" = 0xd0a ]; then
-				variant3=1
-			else
 				variant3=0
+			else
+				variant3=1
 			fi
 		fi
 	fi