[pve-devel] [PATCH pve-kernel] d/rules: disable CONFIG_GDS_FORCE_MITIGATION
Stoiko Ivanov
s.ivanov at proxmox.com
Fri Aug 18 13:35:08 CEST 2023
when not having installed an intel-microcode version containing the
mitigation, this options disables AVX instructions, which breaks quite
a lot of software (e.g. firefox, electron apps)
Reported-by: Stefan Hanreich <s.hanreich at proxmox.com>
Tested-by: Stefan Hanreich <s.hanreich at proxmox.com>
Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
quickly build a kernel with this and Stefan tested his reproducer from
yesterday without an updated microcode.
debian/rules | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/debian/rules b/debian/rules
index 9a26a0bf4317..dac31d4e3749 100755
--- a/debian/rules
+++ b/debian/rules
@@ -98,7 +98,7 @@ PMX_CONFIG_OPTS= \
--set-str CONFIG_LSM lockdown,yama,integrity,apparmor \
-e CONFIG_PAGE_TABLE_ISOLATION \
-e CONFIG_ARCH_HAS_CPU_FINALIZE_INIT \
--e CONFIG_GDS_FORCE_MITIGATION
+-d CONFIG_GDS_FORCE_MITIGATION
debian/control: $(wildcard debian/*.in)
sed -e 's/@@KVNAME@@/$(KVNAME)/g' < debian/proxmox-kernel.prerm.in > debian/$(PMX_KERNEL_PKG).prerm
--
2.39.2
More information about the pve-devel
mailing list