zirias@
Developer
I'm having a few doubts here. First about the microcode:
Is this a typo? Or does it mean there is no microcode update addressing this specific problem yet, but the mitigation needs some instruction introduced much earlier?Ensure that the BIOS update or devcpu-data package is dated after 2014-05-14.
What exactly does this mitigation do? Why is there the recommendation to still disable HT? Does that mean the mitigation is known not to address all possible problems or does it mean it's just unknown whether there's still a risk left with HT?Mitigation Configuration
Systems with users, processes, or virtual machines in different trust
domains should disable Hyper-Threading
[...]
To activate the MDS mitigation set the hw.mds_disable sysctl.
[...]