no need to set vulnerable CPUs
According to comment above this code: 'by default, everything is vulnerable, we work in a "whitelist" logic here.'
This commit is contained in:
Corey Hickey
parent
1fd9fce46d
commit
b31711b42b
|
|
@ -159,7 +159,6 @@ is_cpu_vulnerable()
|
||||||
variant2=0
|
variant2=0
|
||||||
variant3=0
|
variant3=0
|
||||||
if grep -q AMD /proc/cpuinfo; then
|
if grep -q AMD /proc/cpuinfo; then
|
||||||
variant1=0
|
|
||||||
variant2=1
|
variant2=1
|
||||||
variant3=1
|
variant3=1
|
||||||
elif grep -qi 'CPU implementer\s*:\s*0x41' /proc/cpuinfo; then
|
elif grep -qi 'CPU implementer\s*:\s*0x41' /proc/cpuinfo; then
|
||||||
|
|
@ -175,20 +174,16 @@ is_cpu_vulnerable()
|
||||||
# arch 7? 7? 7 7 7 8 8 8 8
|
# arch 7? 7? 7 7 7 8 8 8 8
|
||||||
if [ "$cpuarch" = 7 ] && echo "$cpupart" | grep -Eq '^0x(c09|c0f|c0e)$'; then
|
if [ "$cpuarch" = 7 ] && echo "$cpupart" | grep -Eq '^0x(c09|c0f|c0e)$'; then
|
||||||
# armv7 vulnerable chips
|
# armv7 vulnerable chips
|
||||||
variant1=0
|
:
|
||||||
variant2=0
|
|
||||||
elif [ "$cpuarch" = 8 ] && echo "$cpupart" | grep -Eq '^0x(d07|d08|d09|d0a)$'; then
|
elif [ "$cpuarch" = 8 ] && echo "$cpupart" | grep -Eq '^0x(d07|d08|d09|d0a)$'; then
|
||||||
# armv8 vulnerable chips
|
# armv8 vulnerable chips
|
||||||
variant1=0
|
:
|
||||||
variant2=0
|
|
||||||
else
|
else
|
||||||
variant1=1
|
variant1=1
|
||||||
variant2=1
|
variant2=1
|
||||||
fi
|
fi
|
||||||
# for variant3, only A75 is vulnerable
|
# for variant3, only A75 is vulnerable
|
||||||
if [ "$cpuarch" = 8 -a "$cpupart" = 0xd0a ]; then
|
if ! [ "$cpuarch" = 8 -a "$cpupart" = 0xd0a ]; then
|
||||||
variant3=0
|
|
||||||
else
|
|
||||||
variant3=1
|
variant3=1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue