From b60d8ca822d08c8e3fdf8a17505ff3e285b28164 Mon Sep 17 00:00:00 2001
From: Laurent Peuch <cortex@worlddomination.be>
Date: Fri, 5 Jan 2018 12:54:11 +0100
Subject: [PATCH] [enh] add new api entry point to check for meltdown
 vulnerability

---
 data/actionsmap/yunohost.yml | 5 +++++
 src/yunohost/tools.py        | 8 ++++++++
 2 files changed, 13 insertions(+)

diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml
index 966de21df..9e8022964 100644
--- a/data/actionsmap/yunohost.yml
+++ b/data/actionsmap/yunohost.yml
@@ -1460,6 +1460,11 @@ tools:
                     full: --force
                     action: store_true
 
+        ### tools_reboot()
+        meltdown-spectre-check:
+            action_help: Check if the server is vulnerable to meltdown/spectre
+            api: GET /meltdown-spectre-check
+
     subcategories:
 
       migrations:
diff --git a/src/yunohost/tools.py b/src/yunohost/tools.py
index cf52ad38f..13f3ea5fd 100644
--- a/src/yunohost/tools.py
+++ b/src/yunohost/tools.py
@@ -836,6 +836,14 @@ def tools_migrations_state():
     return read_json(MIGRATIONS_STATE_PATH)
 
 
+def tools_meltdown_spectre_check():
+    """
+    Check if the installation is vulnerable to meltdown/spectre.
+    """
+    # source https://askubuntu.com/questions/992137/how-to-check-that-kpti-is-enabled-on-my-ubuntu
+    return {"safe": "cpu_insecure" in open("/proc/cpuinfo")}
+
+
 def tools_shell(auth, command=None):
     """
     Launch an (i)python shell in the YunoHost context.