#!/bin/sh
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
+########################################################################
+# Begin $rc_base/init.d/smt
+########################################################################
. /etc/sysconfig/rc
. ${rc_functions}
exit 0
fi
- # Disable SMT when the processor is vulnerable to Foreshadow or Fallout/ZombieLoad/RIDL
- for vuln in l1tf mds; do
- if [ -r "/sys/devices/system/cpu/vulnerabilities/${vuln}" ] && \
- [[ "$(</sys/devices/system/cpu/vulnerabilities/${vuln})" =~ "SMT vulnerable" ]]; then
+ # Disable SMT when the processor is vulnerable if SMT is enabled
+ for vuln in $(ls /sys/devices/system/cpu/vulnerabilities/*) ; do
+ if [ -r "${vuln}" ] && \
+ [[ "$(<${vuln})" =~ "SMT vulnerable" ]]; then
# Disable SMT
boot_mesg "Disabling Simultaneous Multi-Threading (SMT)..."
echo "forceoff" > /sys/devices/system/cpu/smt/control
exit 1
;;
esac
+
+# End $rc_base/init.d/smt