[3/3] smt: Do not disable SMT in virtual machines
Commit Message
Processors in virtual machines are *virtual*. Therefore this
only degrades the performance of the guest, but does not increase
it's security.
This patch always leaves SMT enabled in all virtual environments.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
src/initscripts/system/smt | 5 +++++
1 file changed, 5 insertions(+)
@@ -20,6 +20,11 @@ case "${1}" in
exit 0
fi 2>/dev/null
+ # Do not disable SMT inside virtual machines
+ if [ -d "/sys/hypervisor" ]; then
+ exit 0
+ fi
+
# Disable SMT when the processor is vulnerable to Foreshadow or Fallout/ZombieLoad/RIDL
for vuln in l1tf mds; do
if [ -r "/sys/devices/system/cpu/vulnerabilities/${vuln}" ] && \