@@ -12551,7 +12551,7 @@ CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING policy<{'amd64': '0xa'}>
CONFIG_BOOTPARAM_HOTPLUG_CPU0 policy<{'amd64': 'n', 'i386': 'n'}>
CONFIG_DEBUG_HOTPLUG_CPU0 policy<{'amd64': 'n', 'i386': 'n'}>
CONFIG_MODIFY_LDT_SYSCALL policy<{'amd64': 'y', 'i386': 'y'}>
-CONFIG_GDS_FORCE_MITIGATION policy<{'amd64': 'y'}>
+CONFIG_GDS_FORCE_MITIGATION policy<{'amd64': 'n'}>
#
CONFIG_ZONE_DMA note<LP:1628523>
CONFIG_X86_LEGACY_VM86 note<LP:1499089>
@@ -3475,7 +3475,7 @@ CONFIG_GART_IOMMU=y
CONFIG_GCC_VERSION=90400
# CONFIG_GCOV_KERNEL is not set
CONFIG_GDB_SCRIPTS=y
-CONFIG_GDS_FORCE_MITIGATION=y
+CONFIG_GDS_FORCE_MITIGATION=n
CONFIG_GEMINI_ETHERNET=m
CONFIG_GENERIC_ADC_BATTERY=m
CONFIG_GENERIC_ADC_THERMAL=m
BugLink: https://bugs.launchpad.net/bugs/2031093 That option will disable AVX on systems where microcode mitigation has not been provided. Though it can be flipeed by a boot option, it has been shown to break some versions of gnutls, which are used by apt or git when dealing with https. Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com> --- debian.master/config/annotations | 2 +- debian.master/config/config.common.ubuntu | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)