Lines Matching +full:can +full:- +full:disable

1 .. SPDX-License-Identifier: GPL-2.0
3 GDS - Gather Data Sampling
10 -------
17 attacks. GDS is a purely sampling-based attack.
24 Because the buffers are shared between Hyper-Threads cross Hyper-Thread attacks
28 ----------------
29 Without mitigation, GDS can infer stale data across virtually all
32 	Non-enclaves can infer SGX enclave data
33 	Userspace can infer kernel data
34 	Guests can infer data from hosts
35 	Guest can infer guest from other guests
36 	Users can infer data from other users
39 lower-privilege contexts like guests and when running outside SGX enclaves.
42 that guests are not allowed to disable the GDS mitigation. If a host erred and
43 allowed this, a guest could theoretically disable GDS mitigation, mount an
44 attack, and re-enable it.
47 --------------------
59                                           Can't be cleared once set.
62 GDS can also be mitigated on systems that don't have updated microcode by
63 disabling AVX. This can be done by setting gather_data_sampling="force" or
64 "clearcpuid=avx" on the kernel command-line.
66 If used, these options will disable AVX use by turning off XSAVE YMM support.
72 ---------------------------------------------
73 The mitigation can be disabled by setting "gather_data_sampling=off" or
76 use the microcode mitigation when available or disable AVX on affected systems
80 ------------------------
82 GDS this can be accessed by the following sysfs file:
107 ----------------------