3 files changed, 29 insertions, 20 deletions

diff --git a/runsc/mitigate/mitigate.go b/runsc/mitigate/mitigate.go
index 24f67414c..88409af8f 100644
--- a/runsc/mitigate/mitigate.go
+++ b/runsc/mitigate/mitigate.go
@@ -50,7 +50,7 @@ const (
 type CPUSet map[threadID]*ThreadGroup
 
 // NewCPUSet creates a CPUSet from data read from /proc/cpuinfo.
-func NewCPUSet(data []byte, vulnerable func(Thread) bool) (CPUSet, error) {
+func NewCPUSet(data []byte) (CPUSet, error) {
 	processors, err := getThreads(string(data))
 	if err != nil {
 		return nil, err
@@ -67,7 +67,7 @@ func NewCPUSet(data []byte, vulnerable func(Thread) bool) (CPUSet, error) {
 			core = &ThreadGroup{}
 			set[p.id] = core
 		}
-		core.isVulnerable = core.isVulnerable || vulnerable(p)
+		core.isVulnerable = core.isVulnerable || p.IsVulnerable()
 		core.threads = append(core.threads, p)
 	}
 
@@ -446,6 +446,7 @@ func buildRegex(key, match string) *regexp.Regexp {
 func parseRegex(data, key, match string) (string, error) {
 	r := buildRegex(key, match)
 	matches := r.FindStringSubmatch(data)
+
 	if len(matches) < 2 {
 		return "", fmt.Errorf("failed to match key %q: %q", key, data)
 	}
diff --git a/runsc/mitigate/mitigate_test.go b/runsc/mitigate/mitigate_test.go
index fbd8eb886..3bf9ef547 100644
--- a/runsc/mitigate/mitigate_test.go
+++ b/runsc/mitigate/mitigate_test.go
@@ -52,14 +52,13 @@ func TestMockCPUSet(t *testing.T) {
 	} {
 		t.Run(tc.testCase.Name, func(t *testing.T) {
 			data := tc.testCase.MakeCPUString()
-			vulnerable := func(t Thread) bool {
-				return t.IsVulnerable()
-			}
-			set, err := NewCPUSet([]byte(data), vulnerable)
+			set, err := NewCPUSet([]byte(data))
 			if err != nil {
 				t.Fatalf("Failed to create cpuSet: %v", err)
 			}
 
+			t.Logf("data: %s", data)
+
 			for _, tg := range set {
 				if err := checkSorted(tg.threads); err != nil {
 					t.Fatalf("Failed to sort cpuSet: %v", err)
@@ -258,11 +257,7 @@ func TestReadFile(t *testing.T) {
 		t.Fatalf("Failed to read cpuinfo: %v", err)
 	}
 
-	vulnerable := func(t Thread) bool {
-		return t.IsVulnerable()
-	}
-
-	set, err := NewCPUSet(data, vulnerable)
+	set, err := NewCPUSet(data)
 	if err != nil {
 		t.Fatalf("Failed to parse CPU data %v\n%s", err, data)
 	}
diff --git a/runsc/mitigate/mock/mock.go b/runsc/mitigate/mock/mock.go
index 2db718cb9..12c59e356 100644
--- a/runsc/mitigate/mock/mock.go
+++ b/runsc/mitigate/mock/mock.go
@@ -82,6 +82,19 @@ var Haswell2core = CPU{
 	ThreadsPerCore: 1,
 }
 
+// AMD2 is an two core AMD machine.
+var AMD2 = CPU{
+	Name:           "AMD",
+	VendorID:       "AuthenticAMD",
+	Family:         23,
+	Model:          49,
+	ModelName:      "AMD EPYC 7B12",
+	Bugs:           "sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass",
+	PhysicalCores:  1,
+	Cores:          1,
+	ThreadsPerCore: 2,
+}
+
 // AMD8 is an eight core AMD machine.
 var AMD8 = CPU{
 	Name:           "AMD",
@@ -115,15 +128,15 @@ bugs		: %s
 			for k := 0; k < tc.ThreadsPerCore; k++ {
 				processorNum := (i*tc.Cores+j)*tc.ThreadsPerCore + k
 				ret += fmt.Sprintf(template,
-					processorNum,              /*processor*/
-					tc.VendorID,               /*vendor_id*/
-					tc.Family,                 /*cpu family*/
-					tc.Model,                  /*model*/
-					tc.ModelName,              /*model name*/
-					i,                         /*physical id*/
-					j,                         /*core id*/
-					tc.Cores*tc.PhysicalCores, /*cpu cores*/
-					tc.Bugs,                   /*bugs*/
+					processorNum, /*processor*/
+					tc.VendorID,  /*vendor_id*/
+					tc.Family,    /*cpu family*/
+					tc.Model,     /*model*/
+					tc.ModelName, /*model name*/
+					i,            /*physical id*/
+					j,            /*core id*/
+					k,            /*cpu cores*/
+					tc.Bugs,      /*bugs*/
 				)
 			}
 		}