CPU Flags

De Le Wiki de Lug
Aller à la navigation Aller à la recherche

Source 

Our documentation includes a list of the flags related to sidechannel attacks here. In short, if you're running a somewhat recent CPU with the newest firmware, you can enable the following flags to provide either performance benefits 
(i.e. less performance hit from mitigations) or security benefits by allowing the guest kernel to use CPU mitigations for guest userspace:

* Intel: pcid, spec-ctrl, ssbd
* AMD: ibpb (or use CPU type with suffix -IBPB), virt-ssbd, amd-ssbd (if supported on host)
Récupérée de « https://lugwiki.stcgrupo.es/index.php?title=CPU_Flags&oldid=2819 »