diff options
Diffstat (limited to 'nixos/modules/security/misc.nix')
-rw-r--r-- | nixos/modules/security/misc.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/nixos/modules/security/misc.nix b/nixos/modules/security/misc.nix index 3c83ff8d77397..6833452a570e1 100644 --- a/nixos/modules/security/misc.nix +++ b/nixos/modules/security/misc.nix @@ -52,7 +52,7 @@ with lib; security.allowSimultaneousMultithreading = mkOption { type = types.bool; default = true; - description = '' + description = lib.mdDoc '' Whether to allow SMT/hyperthreading. Disabling SMT means that only physical CPU cores will be usable at runtime, potentially at significant performance cost. @@ -62,7 +62,7 @@ with lib; e.g., shared caches). This attack vector is unproven. Disabling SMT is a supplement to the L1 data cache flushing mitigation - (see <xref linkend="opt-security.virtualisation.flushL1DataCache"/>) + (see [](#opt-security.virtualisation.flushL1DataCache)) versus malicious VM guests (SMT could "bring back" previously flushed data). ''; |