Consider disabling CPU vulnerabilities mitigation features in our Vagrant build box
Originally created by @intrigeri on #17386 (Redmine)
Given the kind of things we do in our Vagrant build box, it seems very unlikely that vulnerabilities such as Spectre and Meltdown can be exploited in there. So perhaps we can reclaim some of the performance cost of the corresponding mitigation features?
This can be done by adding mitigations=off
to the kernel command line.
Feature Branch: feature/17386-vagrant-disable-cpu-vuln-mitigations
Related issues
- Related to sysadmin#17387