summaryrefslogtreecommitdiff
path: root/src/conf_mode/system_option.py
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2024-01-22 21:27:20 -0600
committerJohn Estabrook <jestabro@vyos.io>2024-01-23 10:32:15 -0600
commit256346a66cc3bb20e93c68245ebca2f68f42e7b5 (patch)
treeeb4c7c191a126ecd6c4e9dec1da224c0b60b60fe /src/conf_mode/system_option.py
parent1b1569d5b88a20994fc65fd529f8103db371bf3f (diff)
downloadvyos-1x-256346a66cc3bb20e93c68245ebca2f68f42e7b5.tar.gz
vyos-1x-256346a66cc3bb20e93c68245ebca2f68f42e7b5.zip
T5979: add configurable kernel boot option 'disable-mitigations'
Diffstat (limited to 'src/conf_mode/system_option.py')
-rwxr-xr-xsrc/conf_mode/system_option.py11
1 files changed, 9 insertions, 2 deletions
diff --git a/src/conf_mode/system_option.py b/src/conf_mode/system_option.py
index d92121b3d..3b5b67437 100755
--- a/src/conf_mode/system_option.py
+++ b/src/conf_mode/system_option.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2019-2023 VyOS maintainers and contributors
+# Copyright (C) 2019-2024 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -22,6 +22,7 @@ from time import sleep
from vyos.config import Config
from vyos.configverify import verify_source_interface
+from vyos.system import grub_util
from vyos.template import render
from vyos.utils.process import cmd
from vyos.utils.process import is_systemd_service_running
@@ -39,7 +40,6 @@ time_format_to_locale = {
'24-hour': 'en_GB.UTF-8'
}
-
def get_config(config=None):
if config:
conf = config
@@ -87,6 +87,13 @@ def verify(options):
def generate(options):
render(curlrc_config, 'system/curlrc.j2', options)
render(ssh_config, 'system/ssh_config.j2', options)
+
+ cmdline_options = []
+ if 'kernel' in options:
+ if 'disable_mitigations' in options['kernel']:
+ cmdline_options.append('mitigations=off')
+ grub_util.update_kernel_cmdline_options(' '.join(cmdline_options))
+
return None
def apply(options):