when not having installed an intel-microcode version containing the
mitigation, this options disables AVX instructions, which breaks quite
a lot of software (e.g. firefox, electron apps)
Reported-by: Stefan Hanreich <s.hanre...@proxmox.com>
Tested-by: Stefan Hanreich <s.hanre...@proxmox.com>
Signed-off-by: Stoiko Ivanov <s.iva...@proxmox.com>
---
quickly build a kernel with this and Stefan tested his reproducer from
yesterday without an updated microcode.
debian/rules | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/debian/rules b/debian/rules
index 9a26a0bf4317..dac31d4e3749 100755
--- a/debian/rules
+++ b/debian/rules
@@ -98,7 +98,7 @@ PMX_CONFIG_OPTS= \
--set-str CONFIG_LSM lockdown,yama,integrity,apparmor \
-e CONFIG_PAGE_TABLE_ISOLATION \
-e CONFIG_ARCH_HAS_CPU_FINALIZE_INIT \
--e CONFIG_GDS_FORCE_MITIGATION
+-d CONFIG_GDS_FORCE_MITIGATION
debian/control: $(wildcard debian/*.in)
sed -e 's/@@KVNAME@@/$(KVNAME)/g' < debian/proxmox-kernel.prerm.in >
debian/$(PMX_KERNEL_PKG).prerm
--
2.39.2
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
