From a934b3fd19403859cf6a46713b82945524f9ac28 Mon Sep 17 00:00:00 2001
From: Laurent Peuch <cortex@worlddomination.be>
Date: Fri, 5 Jan 2018 16:30:33 +0100
Subject: [PATCH] [mod] move spectre-meltdown check to diagnosis function

---
 data/actionsmap/yunohost.yml |  5 -----
 src/yunohost/tools.py        | 17 +++++++++--------
 2 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml
index 9e8022964..966de21df 100644
--- a/data/actionsmap/yunohost.yml
+++ b/data/actionsmap/yunohost.yml
@@ -1460,11 +1460,6 @@ tools:
                     full: --force
                     action: store_true
 
-        ### tools_reboot()
-        meltdown-spectre-check:
-            action_help: Check if the server is vulnerable to meltdown/spectre
-            api: GET /meltdown-spectre-check
-
     subcategories:
 
       migrations:
diff --git a/src/yunohost/tools.py b/src/yunohost/tools.py
index 13f3ea5fd..46bcd06d5 100644
--- a/src/yunohost/tools.py
+++ b/src/yunohost/tools.py
@@ -42,8 +42,12 @@ import apt.progress
 from moulinette import msettings, msignals, m18n
 from moulinette.core import MoulinetteError, init_authenticator
 from moulinette.utils.log import getActionLogger
+<<<<<<< b60d8ca822d08c8e3fdf8a17505ff3e285b28164
 from moulinette.utils.process import check_output
 from moulinette.utils.filesystem import read_json, write_to_json
+=======
+from moulinette.utils.filesystem import read_json, write_to_json, read_file
+>>>>>>> [mod] move spectre-meltdown check to diagnosis function
 from yunohost.app import app_fetchlist, app_info, app_upgrade, app_ssowatconf, app_list, _install_appslist_fetch_cron
 from yunohost.domain import domain_add, domain_list, get_public_ip, _get_maindomain, _set_maindomain
 from yunohost.dyndns import _dyndns_available, _dyndns_provides
@@ -632,6 +636,11 @@ def tools_diagnosis(auth, private=False):
 
         diagnosis['private']['regen_conf'] = service_regen_conf(with_diff=True, dry_run=True)
 
+    diagnosis['security'] = {
+        # source https://askubuntu.com/questions/992137/how-to-check-that-kpti-is-enabled-on-my-ubuntu
+        "spectre-meltdown": "cpu_insecure" not in read_file("/proc/cpuinfo")
+    }
+
     return diagnosis
 
 
@@ -836,14 +845,6 @@ def tools_migrations_state():
     return read_json(MIGRATIONS_STATE_PATH)
 
 
-def tools_meltdown_spectre_check():
-    """
-    Check if the installation is vulnerable to meltdown/spectre.
-    """
-    # source https://askubuntu.com/questions/992137/how-to-check-that-kpti-is-enabled-on-my-ubuntu
-    return {"safe": "cpu_insecure" in open("/proc/cpuinfo")}
-
-
 def tools_shell(auth, command=None):
     """
     Launch an (i)python shell in the YunoHost context.