Lines Matching refs:attack
8 Administrators are encouraged to consider which attack vectors are relevant and
12 attack vector controls so administrators will likely not need to reconfigure
14 applied based on the chosen attack vector controls.
19 There are 5 sets of attack-vector mitigations currently supported by the kernel:
27 To control the enabled attack vectors, see :ref:`cmdline`.
34 The user-to-kernel attack vector involves a malicious userspace program
54 The user-to-user attack vector involves a malicious userspace program attempting
74 The guest-to-host attack vector involves a malicious VM attempting to leak
88 The guest-to-guest attack vector involves a malicious VM attempting to influence
96 Similar to the user-to-user attack vector, preventing a malicious VM from
107 The cross-thread attack vector involves a malicious userspace program or
136 or more options to disable various attack vectors.
140 | ``mitigations=[global],[attack vectors]``
147 'off' All attack vectors disabled.
148 'auto' All attack vectors enabled, partial cross-thread mitigations.
149 'auto,nosmt' All attack vectors enabled, full cross-thread mitigations.
164 Multiple attack vector options may be specified in a comma-separated list. If
166 'off' is equivalent to disabling all attack vectors.
171 Enable all attack vectors except user-to-kernel. Partial cross-thread
176 Enable all attack vectors and cross-thread mitigations except for
181 Enable all attack vectors but not cross-thread mitigations.
187 attack vector controls. Mitigations for individual vulnerabilities may be
188 turned on or off via their command-line options regardless of the attack vector
191 Summary of attack-vector mitigations
194 When a vulnerability is mitigated due to an attack-vector control, the default
199 attack vectors are enabled and assuming the CPU is vulnerable.
233 When an attack-vector is disabled, all mitigations for the vulnerabilities
235 different enabled attack-vector or a mitigation is explicitly selected via a