Class: Bootloader::CpuMitigationsWidget

Inherits:
CWM::ComboBox
  • Object
show all
Defined in:
src/lib/bootloader/generic_widgets.rb

Overview

Represents decision if smt is enabled

Instance Method Summary collapse

Constructor Details

#initializeCpuMitigationsWidget

Returns a new instance of CpuMitigationsWidget.



235
236
237
238
239
 
# File 'src/lib/bootloader/generic_widgets.rb', line 235

def initialize
  textdomain "bootloader"

  super
end

Instance Method Details

#helpObject 



251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
 
# File 'src/lib/bootloader/generic_widgets.rb', line 251

def help
  _(
    "<p><b>CPU Mitigations</b><br>\n" \
    "The option selects which default settings should be used for CPU \n" \
    "side channels mitigations. A highlevel description is on our Technical Information \n" \
    "Document TID 7023836. Following options are available:<ul>\n" \
    "<li><b>Auto</b>: This option enables all the mitigations needed for your CPU model. \n" \
    "This setting can impact performance to some degree, depending on CPU model and \n" \
    "workload. It provides all security mitigations, but it does not protect against \n" \
    "cross-CPU thread attacks.</li>\n" \
    "<li><b>Auto + No SMT</b>: This option enables all the above mitigations in \n" \
    "\"Auto\", and also disables Simultaneous Multithreading to avoid \n" \
    "side channel attacks across multiple CPU threads. This setting can \n" \
    "further impact performance, depending on your \n" \
    "workload. This setting provides the full set of available security mitigations.</li>\n" \
    "<li><b>Off</b>: All CPU Mitigations are disabled. This setting has no performance \n" \
    "impact, but side channel attacks against your CPU are possible, depending on CPU \n" \
    "model.</li>\n" \
    "<li><b>Manual</b>: This setting does not specify a mitigation level and leaves \n" \
    "this to be the kernel default. The administrator can add other mitigations options \n" \
    "in the <i>kernel command line</i> widget.\n" \
    "All CPU mitigation specific options can be set manually.</li></ul></p>"
  )
end

#initObject 



276
277
278
279
280
281
282
 
# File 'src/lib/bootloader/generic_widgets.rb', line 276

def init
  if Bootloader::BootloaderFactory.current.respond_to?(:cpu_mitigations)
    self.value = Bootloader::BootloaderFactory.current.cpu_mitigations.value.to_s
  else
    disable
  end
end

#itemsObject 



245
246
247
248
249
 
# File 'src/lib/bootloader/generic_widgets.rb', line 245

def items
  ::Bootloader::CpuMitigations::ALL.map do |m|
    [m.value.to_s, m.to_human_string]
  end
end

#labelObject 



241
242
243
 
# File 'src/lib/bootloader/generic_widgets.rb', line 241

def label
  _("CPU Mitigations")
end

#storeObject 



284
285
286
287
288
289
 
# File 'src/lib/bootloader/generic_widgets.rb', line 284

def store
  return unless enabled?

  Bootloader::BootloaderFactory.current.cpu_mitigations =
    ::Bootloader::CpuMitigations.new(value.to_sym)
end