From e0ede7cf39e513bd24d05080616f17e955d25943 Mon Sep 17 00:00:00 2001 From: Wolfgang Müller Date: Thu, 28 Apr 2022 18:40:31 +0200 Subject: fragments: Enable core scheduling for SMT This should be safe to have enabled (but unused) and gives us an extra layer of potential mitigation of SMT side channels. --- fragments/base/security | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fragments/base/security b/fragments/base/security index fb8d426..e786963 100644 --- a/fragments/base/security +++ b/fragments/base/security @@ -24,3 +24,5 @@ CONFIG_IOMMU_DEFAULT_DMA_STRICT=y CONFIG_GENTOO_KERNEL_SELF_PROTECTION=y CONFIG_GENTOO_KERNEL_SELF_PROTECTION_COMMON=y CONFIG_GENTOO_KERNEL_SELF_PROTECTION_X86_64=y + +CONFIG_SCHED_CORE=y -- cgit v1.2.3-2-gb3c3