From c6ee0358d1e1bbb3b502f7712546372679723cf4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= <speed47_github@speed47.net>
Date: Tue, 22 May 2018 09:18:30 +0200
Subject: [PATCH 1/2] feat(variant4): report SSB_NO CPUs as not vulnerable

---
 spectre-meltdown-checker.sh | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index 062eec8..900d33c 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -297,6 +297,13 @@ is_cpu_vulnerable()
 			variant3=immune
 			_debug "is_cpu_vulnerable: RDCL_NO is set so not vuln to meltdown"
 		fi
+		if [ "$capabilities_ssb_no" = 1 ]; then
+			# capability bit for future Intel processor that will explicitly state
+			# that they're not vulnerable to Variant 4
+			# this var is set in check_cpu()
+			variant4=immune
+			_debug "is_cpu_vulnerable: SSB_NO is set so not vuln to variant4"
+		fi
 	elif is_amd; then
 		# AMD revised their statement about variant2 => vulnerable
 		# https://www.amd.com/en/corporate/speculative-execution

From 725eaa8bf542d1ad37a150dc0cb9bc325fe4545c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Lesimple?= <speed47_github@speed47.net>
Date: Tue, 22 May 2018 09:19:29 +0200
Subject: [PATCH 2/2] feat(arm): adjust vulnerable ARM CPUs for variant3a and
 variant4

---
 spectre-meltdown-checker.sh | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/spectre-meltdown-checker.sh b/spectre-meltdown-checker.sh
index 900d33c..032c42f 100755
--- a/spectre-meltdown-checker.sh
+++ b/spectre-meltdown-checker.sh
@@ -365,14 +365,23 @@ is_cpu_vulnerable()
 					variant3a=vuln
 				else
 					_debug "checking cpu$i: this arm non vulnerable to variant3a"
-					[ -z "$variant3" ] && variant3a=immune
+					[ -z "$variant3a" ] && variant3a=immune
+				fi
+
+				# for variant4, only A57-72-73-75 are vulnerable
+				if [ "$cpuarch" = 8 ] && echo "$cpupart" | grep -Eq '^0xd0[789a]$'; then
+					_debug "checking cpu$i: arm A57-A72-A73-A75 vulnerable to variant4"
+					variant4=vuln
+				else
+					_debug "checking cpu$i: this arm non vulnerable to variant4"
+					[ -z "$variant4" ] && variant4=immune
 				fi
 			fi
 			_debug "is_cpu_vulnerable: for cpu$i and so far, we have <$variant1> <$variant2> <$variant3> <$variant3a> <$variant4>"
 		done
 	fi
 	# from the information we have for now, it seems that CPUs that are vulnerable to variant1 are also vulnerable to variant4
-	variant4=$variant1
+	[ -z "$variant4" ] && variant4=$variant1
 	_debug "is_cpu_vulnerable: temp results are <$variant1> <$variant2> <$variant3> <$variant3a> <$variant4>"
 	# if at least one of the cpu is vulnerable, then the system is vulnerable
 	[ "$variant1"  = "immune" ] && variant1=1  || variant1=0