Closed daniejstriata closed 9 months ago
This isn't something Amazon Linux has control on. I talked to our hypervisor folks, they say this has to do with mitigations not being exposed to the guest (but present in the hypervisor) to avoid changing the performance profile of existing instances. There are general informations about our approach towards mitigations here: https://docs.aws.amazon.com/whitepapers/latest/security-design-of-aws-nitro-system/the-ec2-approach-to-preventing-side-channels.html
I have a
t3a.medium
and noticed during boot:Should the firmware not be installed for affected AMD CPUs? User space tasks may still be vulnerable.
https://kernel.org/doc/html/latest/admin-guide/hw-vuln/srso.html
release: 20231113 kernel: 6.1.61-85.141.amzn2023.x86_64