Class: Bootloader::CpuMitigationsWidget

Inherits:
CWM::ComboBox
  • Object
show all
Defined in:
src/lib/bootloader/generic_widgets.rb

Overview

Represents decision if smt is enabled

Instance Method Summary collapse

Constructor Details

#initializeCpuMitigationsWidget

Returns a new instance of CpuMitigationsWidget.



117
118
119
120
121
 
# File 'src/lib/bootloader/generic_widgets.rb', line 117

def initialize
  textdomain "bootloader"

  super
end

Instance Method Details

#helpObject 



133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
 
# File 'src/lib/bootloader/generic_widgets.rb', line 133

def help
  _(
    "<p><b>CPU Mitigations</b><br>\n" \
    "The option selects which default settings should be used for CPU \n" \
    "side channels mitigations. A highlevel description is on our Technical Information \n" \
    "Document TID 7023836. Following options are available:<ul>\n" \
    "<li><b>Auto</b>: This option enables all the mitigations needed for your CPU model. \n" \
    "This setting can impact performance to some degree, depending on CPU model and \n" \
    "workload. It provides all security mitigations, but it does not protect against \n" \
    "cross-CPU thread attacks.</li>\n" \
    "<li><b>Auto + No SMT</b>: This option enables all the above mitigations in \n" \
    "\"Auto\", and also disables Simultaneous Multithreading to avoid \n" \
    "side channel attacks across multiple CPU threads. This setting can \n" \
    "further impact performance, depending on your \n" \
    "workload. This setting provides the full set of available security mitigations.</li>\n" \
    "<li><b>Off</b>: All CPU Mitigations are disabled. This setting has no performance \n" \
    "impact, but side channel attacks against your CPU are possible, depending on CPU \n" \
    "model.</li>\n" \
    "<li><b>Manual</b>: This setting does not specify a mitigation level and leaves \n" \
    "this to be the kernel default. The administrator can add other mitigations options \n" \
    "in the <i>kernel command line</i> widget.\n" \
    "All CPU mitigation specific options can be set manually.</li></ul></p>"
  )
end

#initObject 



158
159
160
161
162
163
164
 
# File 'src/lib/bootloader/generic_widgets.rb', line 158

def init
  if Bootloader::BootloaderFactory.current.respond_to?(:cpu_mitigations)
    self.value = Bootloader::BootloaderFactory.current.cpu_mitigations.value.to_s
  else
    disable
  end
end

#itemsObject 



127
128
129
130
131
 
# File 'src/lib/bootloader/generic_widgets.rb', line 127

def items
  ::Bootloader::CpuMitigations::ALL.map do |m|
    [m.value.to_s, m.to_human_string]
  end
end

#labelObject 



123
124
125
 
# File 'src/lib/bootloader/generic_widgets.rb', line 123

def label
  _("CPU Mitigations")
end

#storeObject 



166
167
168
169
170
171
 
# File 'src/lib/bootloader/generic_widgets.rb', line 166

def store
  return unless enabled?

  Bootloader::BootloaderFactory.current.cpu_mitigations =
    ::Bootloader::CpuMitigations.new(value.to_sym)
end