Class: Bootloader::Grub2Widget::CpuMitigationsWidget

Inherits:

CWM::ComboBox

• Object
• CWM::ComboBox
• Bootloader::Grub2Widget::CpuMitigationsWidget

Includes:

Grub2Helper

Defined in:

src/lib/bootloader/grub2_widgets.rb

Overview

Represents decision if smt is enabled

Instance Method Summary

• #help ⇒ Object
• #init ⇒ Object
• #initialize ⇒ CpuMitigationsWidget constructor

  A new instance of CpuMitigationsWidget.

• #items ⇒ Object
• #label ⇒ Object
• #store ⇒ Object

Methods included from Grub2Helper

#grub2, #grub_default, #password, #sections, #stage1

Constructor Details

#initialize ⇒ CpuMitigationsWidget

Returns a new instance of CpuMitigationsWidget.

# File 'src/lib/bootloader/grub2_widgets.rb', line 129

def initialize
  textdomain "bootloader"

  super
end

Instance Method Details

#help ⇒ Object

# File 'src/lib/bootloader/grub2_widgets.rb', line 145

def help
  _(
    "<p><b>CPU Mitigations</b><br>\n" \
    "The option selects which default settings should be used for CPU \n" \
    "side channels mitigations. A highlevel description is on our Technical Information \n" \
    "Document TID 7023836. Following options are available:<ul>\n" \
    "<li><b>Auto</b>: This option enables all the mitigations needed for your CPU model. \n" \
    "This setting can impact performance to some degree, depending on CPU model and \n" \
    "workload. It provides all security mitigations, but it does not protect against \n" \
    "cross-CPU thread attacks.</li>\n" \
    "<li><b>Auto + No SMT</b>: This option enables all the above mitigations in \n" \
    "\"Auto\", and also disables Simultaneous Multithreading to avoid \n" \
    "side channel attacks across multiple CPU threads. This setting can \n" \
    "further impact performance, depending on your \n" \
    "workload. This setting provides the full set of available security mitigations.</li>\n" \
    "<li><b>Off</b>: All CPU Mitigations are disabled. This setting has no performance \n" \
    "impact, but side channel attacks against your CPU are possible, depending on CPU \n" \
    "model.</li>\n" \
    "<li><b>Manual</b>: This setting does not specify a mitigation level and leaves \n" \
    "this to be the kernel default. The administrator can add other mitigations options \n" \
    "in the <i>kernel command line</i> widget.\n" \
    "All CPU mitigation specific options can be set manually.</li></ul></p>"
  )
end

#init ⇒ Object

# File 'src/lib/bootloader/grub2_widgets.rb', line 170

def init
  if grub2.respond_to?(:cpu_mitigations)
    self.value = grub2.cpu_mitigations.value.to_s
  else
    # do not crash when use no bootloader. This widget is also used in security dialog.
    # (bsc#1184968)
    disable
  end
end

#items ⇒ Object

# File 'src/lib/bootloader/grub2_widgets.rb', line 139

def items
  ::Bootloader::CpuMitigations::ALL.map do |m|
    [m.value.to_s, m.to_human_string]
  end
end

#label ⇒ Object

# File 'src/lib/bootloader/grub2_widgets.rb', line 135

def label
  _("CPU Mitigations")
end

#store ⇒ Object

# File 'src/lib/bootloader/grub2_widgets.rb', line 180

def store
  grub2.cpu_mitigations = ::Bootloader::CpuMitigations.new(value.to_sym) if enabled?
end