Lines Matching full:smt
95 multi threading (SMT). The Intel implementation of SMT is called
138 - SMT status:
141 'VMX: SMT vulnerable' SMT is enabled
142 'VMX: SMT disabled' SMT is disabled
205 **Note**, that L1D flush does not prevent the SMT problem because the
218 To address the SMT problem, it is possible to make a guest or a group of
223 If only a single guest or related guests run on sibling SMT threads on
227 Host memory is attackable, when one of the sibling SMT threads runs in
238 scenario. Disabling SMT might be a viable alternative for particular
275 4. SMT control
278 To prevent the SMT issues of L1TF it might be necessary to disable SMT
279 completely. Disabling SMT can have a significant performance impact, but
281 The impact of disabling SMT needs also to be weighted against the impact
284 The kernel provides a sysfs interface to retrieve the status of SMT and
286 control SMT.
301 undo the SMT disable via the sysfs interface.
306 - /sys/devices/system/cpu/smt/control
307 - /sys/devices/system/cpu/smt/active
309 /sys/devices/system/cpu/smt/control:
311 This file allows to read out the SMT control state and provides the
312 ability to disable or (re)enable SMT. The possible states are:
315 on SMT is supported by the CPU and enabled. All
319 off SMT is supported by the CPU and disabled. Only
320 the so called primary SMT threads can be onlined
327 notsupported The processor does not support SMT. It's therefore
328 not affected by the SMT implications of L1TF.
332 The possible states which can be written into this file to control SMT
339 /sys/devices/system/cpu/smt/active:
341 This file reports whether SMT is enabled and active, i.e. if on any
344 SMT control is also possible at boot time via the l1tf kernel command
352 with SMT enabled, because the effective page tables for guests are
360 address the performance impact of disabling SMT or EPT.
372 vulnerability. Disables SMT and enables all mitigations in
375 SMT control and L1D flush control via the sysfs interface
378 insecure configuration, i.e. SMT enabled or L1D flush
381 full,force Same as 'full', but disables SMT and L1D flush runtime
383 (i.e. sysfs control of SMT is disabled.)
385 flush Leaves SMT enabled and enables the default hypervisor
388 SMT control and L1D flush control via the sysfs interface
391 insecure configuration, i.e. SMT enabled or L1D flush
394 flush,nosmt Disables SMT and enables the default hypervisor mitigation,
397 SMT control and L1D flush control via the sysfs interface
400 insecure configuration, i.e. SMT enabled or L1D flush
475 3.1. SMT not supported or disabled
478 If SMT is not supported by the processor or disabled in the BIOS or by
488 the system is fully protected. SMT can stay enabled and L1D flushing on
493 3.3. SMT and EPT supported and active
496 If SMT and EPT are supported and active then various degrees of
531 - Disabling SMT:
533 Disabling SMT and enforcing the L1D flushing provides the maximum
537 SMT control and L1D flushing can be tuned by the command line
546 not depending on any of the above mitigation methods. SMT can stay
589 The kernel does not by default enforce the disabling of SMT, which leaves
590 SMT systems vulnerable when running untrusted guests with EPT enabled.
594 - Force disabling SMT can break existing setups, especially with