CPU Flags
De Le Wiki de Lug
Autres actions
Our documentation includes a list of the flags related to sidechannel attacks here. In short, if you're running a somewhat recent CPU with the newest firmware, you can enable the following flags to provide either performance benefits (i.e. less performance hit from mitigations) or security benefits by allowing the guest kernel to use CPU mitigations for guest userspace: * Intel: pcid, spec-ctrl, ssbd * AMD: ibpb (or use CPU type with suffix -IBPB), virt-ssbd, amd-ssbd (if supported on host)