Quote L1TF - L1 Terminal Fault — The Linux Kernel documentation
The kernel does not by default enforce the disabling of SMT, which leaves SMT systems vulnerable when running untrusted guests with EPT enabled.
Since we disable SMT (mds=full,nosmt) that should be ok?
As per L1TF - L1 Terminal Fault — The Linux Kernel documentation there is also a separate kernel boot parameter nosmt=force which I find confusing. Should we set that as well?
Let’s please reconsider this. Quote L1TF - L1 Terminal Fault — The Linux Kernel documentation
The kernel does not by default enforce the disabling of SMT, which leaves SMT systems vulnerable when running untrusted guests with EPT enabled.
The administrators of cloud and hosting setups have to carefully analyze the risk for their scenarios and make the appropriate mitigation choices, which might even vary across their deployed machines and also result in other changes of their overall setup. There is no way for the kernel to provide a sensible default for this kind of scenarios.
My reading of that page is that the kernel developers do not want to set secure defaults for all scenarios due to:
- the huge degraded performance as well as
- breaking existing systems that use unattended upgrades.
But we have secure by default development goals and more flexibility of blessing some scenarios “then you need to change back the settings” or unsupported.