enh: guard x86/arm specific checks in kernel/cpu for the proper arch

src/vulns/CVE-2022-40982.sh

@@ -119,17 +119,17 @@ check_CVE_2022_40982_linux() {
         kernel_gds_err=''
         if [ -n "$g_kernel_err" ]; then
             kernel_gds_err="$g_kernel_err"
-        elif grep -q 'gather_data_sampling' "$g_kernel"; then
+        elif is_x86_kernel && grep -q 'gather_data_sampling' "$g_kernel"; then
             kernel_gds="found gather_data_sampling in kernel image"
         fi
-        if [ -z "$kernel_gds" ] && [ -r "$opt_config" ]; then
+        if [ -z "$kernel_gds" ] && is_x86_kernel && [ -r "$opt_config" ]; then
             if grep -q '^CONFIG_GDS_FORCE_MITIGATION=y' "$opt_config" ||
                 grep -q '^CONFIG_MITIGATION_GDS_FORCE=y' "$opt_config" ||
                 grep -q '^CONFIG_MITIGATION_GDS=y' "$opt_config"; then
                 kernel_gds="GDS mitigation config option found enabled in kernel config"
             fi
         fi
-        if [ -z "$kernel_gds" ] && [ -n "$opt_map" ]; then
+        if [ -z "$kernel_gds" ] && is_x86_kernel && [ -n "$opt_map" ]; then
             if grep -q 'gds_select_mitigation' "$opt_map"; then
                 kernel_gds="found gds_select_mitigation in System.map"
             fi
@@ -152,10 +152,10 @@ check_CVE_2022_40982_linux() {
                 if [ "$dmesgret" -eq 0 ]; then
                     kernel_avx_disabled="AVX disabled by the kernel (dmesg)"
                     pstatus green YES "$kernel_avx_disabled"
-                elif [ "$cap_avx2" = 0 ]; then
+                elif [ "$cap_avx2" = 0 ] && is_x86_cpu; then
                     # Find out by ourselves
                     # cpuinfo says we don't have AVX2, query
-                    # the CPU directly about AVX2 support
+                    # the CPU directly about AVX2 support (x86-only)
                     read_cpuid 0x7 0x0 "$EBX" 5 1 1
                     ret=$?
                     if [ "$ret" -eq "$READ_CPUID_RET_OK" ]; then