Enable mitigations for RETBleed vulnerability and disable SMT

This commit is contained in:
raja-grewal 2024-01-29 12:58:51 +00:00 committed by GitHub
parent 4509a5fc95
commit 6c54e35027
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -63,3 +63,8 @@ GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX l1d_flush=on"
## ##
## https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html ## https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/processor_mmio_stale_data.html
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX mmio_stale_data=full,nosmt" GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX mmio_stale_data=full,nosmt"
## Enable mitigations for RETBleed (Arbitrary Speculative Code Execution with
## Return Instructions) vulnerability and disable SMT.
##
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX retbleed=auto,nosmt"