diff --git a/image/.csp/aws b/image/.csp/aws new file mode 100644 index 0000000000..e69de29bb2 diff --git a/image/mkosi.conf.d/mkosi.aws.conf b/image/mkosi.conf.d/mkosi.aws.conf index b9924a650f..5862d9cf50 100644 --- a/image/mkosi.conf.d/mkosi.aws.conf +++ b/image/mkosi.conf.d/mkosi.aws.conf @@ -1,2 +1,5 @@ [Match] PathExists=../.csp/aws + +[Output] +KernelCommandLine=mitigations=auto idle=poll diff --git a/image/mkosi.conf.d/mkosi.azure.conf b/image/mkosi.conf.d/mkosi.azure.conf index d36fc5b5ef..61bb8b1b60 100644 --- a/image/mkosi.conf.d/mkosi.azure.conf +++ b/image/mkosi.conf.d/mkosi.azure.conf @@ -1,2 +1,5 @@ [Match] PathExists=../.csp/azure + +[Output] +KernelCommandLine=mitigations=auto,nosmt diff --git a/image/mkosi.conf.d/mkosi.conf b/image/mkosi.conf.d/mkosi.conf index 56a72622e8..246aeda2f3 100644 --- a/image/mkosi.conf.d/mkosi.conf +++ b/image/mkosi.conf.d/mkosi.conf @@ -6,7 +6,7 @@ Release=38 Format=disk ManifestFormat=json,changelog Bootable=yes -KernelCommandLine=mitigations=auto idle=poll preempt=full rd.shell=0 rd.emergency=reboot loglevel=8 console=ttyS0 +KernelCommandLine=preempt=full rd.shell=0 rd.emergency=reboot loglevel=8 console=ttyS0 SplitArtifacts=yes # Enable Secure Boot with own PKI SecureBoot=yes diff --git a/image/mkosi.conf.d/mkosi.gcp.conf b/image/mkosi.conf.d/mkosi.gcp.conf index 04e7bfb3cf..392813c028 100644 --- a/image/mkosi.conf.d/mkosi.gcp.conf +++ b/image/mkosi.conf.d/mkosi.gcp.conf @@ -1,2 +1,5 @@ [Match] PathExists=../.csp/gcp + +[Output] +KernelCommandLine=mitigations=auto,nosmt diff --git a/image/mkosi.conf.d/mkosi.openstack.conf b/image/mkosi.conf.d/mkosi.openstack.conf index 24f7976b6f..a761879ec3 100644 --- a/image/mkosi.conf.d/mkosi.openstack.conf +++ b/image/mkosi.conf.d/mkosi.openstack.conf @@ -2,7 +2,7 @@ PathExists=../.csp/openstack [Output] -KernelCommandLine=mem_encrypt=on kvm_amd.sev=1 module_blacklist=qemu_fw_cfg console=tty0 console=ttyS0 +KernelCommandLine=mem_encrypt=on kvm_amd.sev=1 module_blacklist=qemu_fw_cfg console=tty0 console=ttyS0 mitigations=auto,nosmt [Content] Autologin=yes diff --git a/image/mkosi.conf.d/mkosi.qemu.conf b/image/mkosi.conf.d/mkosi.qemu.conf index 770c3de85d..02e64fd193 100644 --- a/image/mkosi.conf.d/mkosi.qemu.conf +++ b/image/mkosi.conf.d/mkosi.qemu.conf @@ -4,3 +4,6 @@ PathExists=../.csp/qemu [Content] Autologin=yes Environment=CONSOLE_MOTD=true + +[Output] +KernelCommandLine=mitigations=auto,nosmt