mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-02-03 12:55:52 +07:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #280 from raja-grewal/ssbd

Browse Source 
Enable `ssbd=force-on`
This commit is contained in:
Patrick Schleizer 2024-11-08 07:39:40 -05:00 committed by GitHub
commit 238f32e81d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
etc/default/grub.d/40_cpu_mitigations.cfg
View File

@ -47,10 +47,12 @@ GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX spectre_v2=on"
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX spectre_bhi=on"
## Disable Speculative Store Bypass (Spectre Variant 4).
## Unconditionally enable mitigation for both kernel and userspace.
##
## https://www.suse.com/support/kb/doc/?id=000019189
##
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX spec_store_bypass_disable=on"
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX ssbd=force-on"
## Enable mitigations for the L1TF vulnerability through disabling SMT
## and L1D flush runtime control.