mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-22 00:42:59 +02:00
6a83dbb451
SMT can be forced on. By default, all systems that are vulnerable to RIDL/Fallout will have SMT disabled by default. Systems that are not vulnerable to that will keep SMT enabled. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
41 lines
984 B
Bash
41 lines
984 B
Bash
#!/bin/sh
|
|
########################################################################
|
|
# Begin $rc_base/init.d/smt
|
|
########################################################################
|
|
|
|
. /etc/sysconfig/rc
|
|
. ${rc_functions}
|
|
|
|
eval $(/usr/local/bin/readhash /var/ipfire/main/security)
|
|
|
|
case "${1}" in
|
|
start)
|
|
# Nothing to do here when SMT is forced on
|
|
if [ "${ENABLE_SMT}" = "on" ]; then
|
|
exit 0
|
|
fi
|
|
|
|
# Nothing to do if this processor is not vulnerable
|
|
# to Fallout/RIDL.
|
|
if [ -r "/sys/devices/system/cpu/vulnerabilities/mds" ]; then
|
|
if [ "$(</sys/devices/system/cpu/vulnerabilities/mds)" = "Not affected" ]; then
|
|
exit 0
|
|
fi
|
|
|
|
# Disable SMT when supported and enabled
|
|
if [ "$(</sys/devices/system/cpu/smt/control)" = "on" ]; then
|
|
boot_mesg "Disabling Simultaneous Multi-Threading (SMT)..."
|
|
echo "forceoff" > /sys/devices/system/cpu/smt/control
|
|
echo_ok
|
|
fi
|
|
fi
|
|
;;
|
|
|
|
*)
|
|
echo "Usage: ${0} {start}"
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
# End $rc_base/init.d/smt
|