# platform = multi_platform_debian,multi_platform_fedora,multi_platform_ol,multi_platform_rhel,multi_platform_rhv,multi_platform_sle,multi_platform_slmicro,multi_platform_ubuntu,multi_platform_almalinux
# Remediation is applicable only in certain platforms
if ( dpkg-query --show --showformat='${db:Status-Status}' 'grub2-common' 2>/dev/null | grep -q '^installed$' && dpkg-query --show --showformat='${db:Status-Status}' 'linux-base' 2>/dev/null | grep -q '^installed$' ) && { ( grep -sqE "^.*\.x86_64$" /proc/sys/kernel/osrelease || grep -sqE "^x86_64$" /proc/sys/kernel/arch; ); }; then

if /bin/false ; then
    KARGS_DIR="/usr/lib/bootc/kargs.d/"
    if grep -q -E "vsyscall" "$KARGS_DIR/*.toml" ; then
        sed -i -E "s/^(\s*kargs\s*=\s*\[.*)\"vsyscall=[^\"]*\"(.*]\s*)/\1\"vsyscall=none\"\2/" "$KARGS_DIR/*.toml"
    else
        echo "kargs = [\"vsyscall=none\"]" >> "$KARGS_DIR/10-vsyscall.toml"
    fi
else


    # Correct the form of default kernel command line in GRUB
    if grep -q '^\s*GRUB_CMDLINE_LINUX=.*vsyscall=.*"'  '/etc/default/grub' ; then
           # modify the GRUB command-line if an vsyscall= arg already exists
           sed -i "s/\(^\s*GRUB_CMDLINE_LINUX=\".*\)vsyscall=[^[:space:]]\+\(.*\"\)/\1vsyscall=none\2/"  '/etc/default/grub'
    # Add to already existing GRUB_CMDLINE_LINUX parameters
    elif grep -q '^\s*GRUB_CMDLINE_LINUX='  '/etc/default/grub' ; then
           # no vsyscall=arg is present, append it
           sed -i "s/\(^\s*GRUB_CMDLINE_LINUX=\".*\)\"/\1 vsyscall=none\"/"  '/etc/default/grub'
    # Add GRUB_CMDLINE_LINUX parameters line
    else
           echo "GRUB_CMDLINE_LINUX=\"vsyscall=none\"" >> '/etc/default/grub'
    fi
    update-grub 

fi

else
    >&2 echo 'Remediation is not applicable, nothing was done'
fi