webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-05-12 07:31:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into next

Browse Source 
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
This commit is contained in:
Arne Fitzenreiter
2023-08-12 16:48:54 +02:00
parent 806cc1ffd1 41e3393152
commit cd78363404
24 changed files with 990 additions and 835 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/initscripts/system/smt
View File

@@ -2,7 +2,7 @@
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
# Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
@@ -41,10 +41,10 @@ case "${1}" in
exit 0
fi
# Disable SMT when the processor is vulnerable to Foreshadow or Fallout/ZombieLoad/RIDL
for vuln in l1tf mds; do
if [ -r "/sys/devices/system/cpu/vulnerabilities/${vuln}" ] && \
[[ "$(</sys/devices/system/cpu/vulnerabilities/${vuln})" =~ "SMT vulnerable" ]]; then
# Disable SMT when the processor is vulnerable if SMT is enabled
for vuln in $(ls /sys/devices/system/cpu/vulnerabilities/*) ; do
if [ -r "${vuln}" ] && \
[[ "$(<${vuln})" =~ "SMT vulnerable" ]]; then
# Disable SMT
boot_mesg "Disabling Simultaneous Multi-Threading (SMT)..."
echo "forceoff" > /sys/devices/system/cpu/smt/control