Diff for /wikisrc/security/intel_taa.mdwn between versions 1.1 and 1.2

version 1.1, 2019/11/12 21:16:32 version 1.2, 2019/11/12 21:19:44
Line 35  Before enabling the TAA mitigation, you  Line 35  Before enabling the TAA mitigation, you 
 [enable the MDS mitigation](https://wiki.netbsd.org/security/intel_mds/)  [enable the MDS mitigation](https://wiki.netbsd.org/security/intel_mds/)
 if not already enabled.  if not already enabled.
   
 Two cases must be considered, depending the content of "machdep.taa.method":  Two cases must be considered, depending the content of `machdep.taa.method`:
   
  * If this leaf is set to "[MDS]", then there is no TAA-specific mitigation to   * If this leaf is set to `[MDS]`, then there is no TAA-specific mitigation to
    use: the "machdep.taa.mitigated" leaf will be equal to "machdep.mds.mitigated",     use: the `machdep.taa.mitigated` leaf will be equal to `machdep.mds.mitigated`,
    and only the latter is to be used.     and only the latter is to be used.
   
  * Otherwise, there is a TAA-specific mitigation needed. Two sub-cases must be   * Otherwise, there is a TAA-specific mitigation needed. Two sub-cases must be
    considered:     considered:
   
  * * If the BIOS provides an updated microcode containing this TAA-specific   ** If the BIOS provides an updated microcode containing this TAA-specific
      mitigation, then NetBSD will have set "machdep.taa.mitigated=1" automatically       mitigation, then NetBSD will have set `machdep.taa.mitigated=1` automatically
      at boot time.       at boot time.
   
  * * If the BIOS does not provide this updated microcode, you may use NetBSD's   ** If the BIOS does not provide this updated microcode, you may use NetBSD's
      pkgsrc to fetch the latest microcode distribution from Intel via the       pkgsrc to fetch the latest microcode distribution from Intel via the
      **sysutils/intel-microcode-netbsd** package. Once loaded, you can issue the       **sysutils/intel-microcode-netbsd** package. Once loaded, you can issue the
      "sysctl -w machdep.taa.mitigated=1" command to enable the TAA-specific       `sysctl -w machdep.taa.mitigated=1` command to enable the TAA-specific
      mitigation.       mitigation.

Removed from v.1.1  
changed lines
  Added in v.1.2


CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb