mirrors/security-misc
1
0
Fork 0
mirror of https://github.com/Kicksecure/security-misc.git synced 2025-07-21 05:10:41 +07:00
Code Issues Packages Projects Releases Wiki Activity

CPU mitigation - L1D FLushing

Browse Source
This commit is contained in:
Raja Grewal
2022-07-19 02:32:41 +10:00
parent 8531fbf99d
commit 59e90ff122
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
etc/default/grub.d/40_cpu_mitigations.cfg
View File

@ -46,3 +46,8 @@ GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX kvm.nx_huge_pages=force"
## ##
## https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/special-register-buffer-data-sampling.html ## https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/special-register-buffer-data-sampling.html
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX srbds=on" GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX srbds=on"
## Enables the prctl interface to prevent leaks from L1D on context switches.
##
## https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1d_flush.html
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX l1d_flush=on"