Hello, I wanted to create a VM on virt-manager but I noticed that it offers me 16 cpu instead of 32 because I have 2 processors of 16 threads. After some research I saw that kicksecure had indeed found 32 threads but that half of them are disabled, so I tried to enable them manually by going through the sys folder but I have no right to modify the /sys/devices/system/cpu/cpu1/online file. How can I fix this? Thanks in advance
The feature you’re referencing is called “hyperthreading”. In essence, your CPU chip has 16 actual CPUs on it, but each one of those is “pretending” to be two CPUs. This allows more efficient utilization of the CPUs, but also opens up the possibility for data to leak between two unrelated processes that happen to be running on the same CPU at the same time. This has resulted in many real-world vulnerabilities, collectively known as “Microarchitectural Data Sampling” (or “MDS” for short). See Microarchitectural Data Sampling - Wikipedia. Kicksecure intentionally disables hyperthreading for this reason, using a kernel boot parameter.
If you must, you can re-enable hyperthreading, but it’s not recommended. Run sudo nano /etc/default/grub.d/40_cpu_mitigations.cfg
, then find all instances of nosmt
in this file and remove them (you may have to remove some commas too, and there’s at least one instance of nosmt=force
that will need removed entirely). Be careful to not break your system when doing this, you should NOT do this unless you know what you’re doing with editing GRUB configuration. Once you have edited the file, save your changes and then reboot. This should enable all 32 threads on the CPU.
Related documentation - which does disable a lot more CPU mitiggations than only re-enabling SMT - see Kicksecure Tuning wiki page chapter Disable CPU Mitigations.