- 日本語 (ja)
- English (en)
最近の更新
- 2025.02.08 Redirects with # created
- 2025.01.17 AMD Speculative Return Stack Overflow (SRSO) [AlmaLinux/Rocky]
- 2025.01.17 AMD Speculative Return Stack Overflow (SRSO) [Almalinux/Rocky]
最近の更新
A recent issue with CPU performance degradation on newer kernels due to AMD vulnerability mitigation patches.
Disabling the mitigation patches can roughly double CPU performance.
Attacks exploiting SRSO must be executed directly on the server. Therefore, servers with access restricted to administrators, such as cloud VMs, have a low risk of SRSO.
If the following shows “Safe RET,” the mitigation is active:
$ sudo cat /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow Vulnerable: Safe RET, no microcode
Add spec_rstack_overflow=off:
/etc/default/grub
GRUB_CMDLINE_LINUX="spec_rstack_overflow=off"
sudo update-grub sudo reboot
Add spec_rstack_overflow=off
/etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="console=ttyS0,115200n8 no_timer_check crashkernel=1G-4G:192M,4G-64G:256M,64G-:512M net.ifnames=0" GRUB_ENABLE_BLSCFG=true to GRUB_CMDLINE_LINUX_DEFAULT="console=ttyS0,115200n8 no_timer_check crashkernel=1G-4G:192M,4G-64G:256M,64G-:512M spec_rstack_overflow=off net.ifnames=0" #GRUB_ENABLE_BLSCFG=true
About GRUB_ENABLE_BLSCFG: 2025.01.16 BLS (Boot Loader Specification)
grub2-mkconfig -o /boot/grub2/grub.cfg reboot