bump to v0.18 to reflect changes

When using /proc/config.gz, indicate it more clearly

spectre-meltdown-checker.sh

@@ -1,7 +1,14 @@
 #! /bin/sh
 # Spectre & Meltdown checker
+#
+# Check for the latest version at:
+# https://github.com/speed47/spectre-meltdown-checker
+# git clone https://github.com/speed47/spectre-meltdown-checker.git
+# or wget https://raw.githubusercontent.com/speed47/spectre-meltdown-checker/master/spectre-meltdown-checker.sh
+#
 # Stephane Lesimple
-VERSION=0.17
+#
+VERSION=0.18
 
 # print status function
 pstatus()
@@ -65,7 +72,7 @@ extract_vmlinux()
 {
 	[ -n "$1" ] || return 1
 	# Prepare temp files:
-	vmlinuxtmp="$(mktemp /tmp/vmlinux-XXX)"
+	vmlinuxtmp="$(mktemp /tmp/vmlinux-XXXXXX)"
 	trap "rm -f $vmlinuxtmp" EXIT
 
 	# Initial attempt for uncompressed images or objects:
@@ -186,11 +193,15 @@ if [ "$opt_live" = 1 ]; then
 	[ -e /boot/kernel-genkernel-$(uname -m)-$(uname -r) ] && opt_kernel=/boot/kernel-genkernel-$(uname -m)-$(uname -r)
 
 	# system.map
-	[ -e /boot/System.map-$(uname -r) ] && opt_map=/boot/System.map-$(uname -r)
+	if [ -e /proc/kallsyms ] ; then
+		opt_map="/proc/kallsyms"
+	elif [ -e /boot/System.map-$(uname -r) ] ; then
+		opt_map=/boot/System.map-$(uname -r)
+	fi
 
 	# config
 	if [ -e /proc/config.gz ] ; then
-		dumped_config="$(mktemp /tmp/config-XXX)"
+		dumped_config="$(mktemp /tmp/config-XXXXXX)"
 		gunzip -c /proc/config.gz > $dumped_config
 		# dumped_config will be deleted at the end of the script
 		opt_config=$dumped_config
@@ -203,9 +214,11 @@ fi
 if [ -n "$opt_kernel" ]; then
 	/bin/echo -e "Will use vmlinux image \033[35m$opt_kernel\033[0m"
 else
-	/bin/echo "Will use no vmlinux image (accuracy might be reduced"
+	/bin/echo "Will use no vmlinux image (accuracy might be reduced)"
 fi
-if [ -n "$opt_config" ]; then
+if [ -n "$dumped_config" ]; then
+	/bin/echo -e "Will use kconfig \033[35m/proc/config.gz\033[0m"
+elif [ -n "$opt_config" ]; then
 	/bin/echo -e "Will use kconfig \033[35m$opt_config\033[0m"
 else
 	/bin/echo "Will use no kconfig (accuracy might be reduced)"
@@ -234,7 +247,7 @@ fi
 ###########
 # SPECTRE 1
 /bin/echo -e "\033[1;34mCVE-2017-5753 [bounds check bypass] aka 'Spectre Variant 1'\033[0m"
-/bin/echo -n "* Kernel compiled with LFENCE opcode inserted at the proper places: "
+/bin/echo -n "* Checking count of LFENCE opcodes in kernel: "
 
 status=0
 if [ -n "$vmlinux_err" ]; then
@@ -262,8 +275,8 @@ fi
 
 /bin/echo -ne "> \033[46m\033[30mSTATUS:\033[0m "
 [ "$status" = 0 ] && pstatus yellow UNKNOWN
-[ "$status" = 1 ] && pstatus red VULNERABLE
+[ "$status" = 1 ] && pstatus red   'VULNERABLE'     'heuristic to be improved when official patches become available'
-[ "$status" = 2 ] && pstatus green 'NOT VULNERABLE'
+[ "$status" = 2 ] && pstatus green 'NOT VULNERABLE' 'heuristic to be improved when official patches become available'
 
 ###########
 # VARIANT 2