Transient schedular Attack (TSA) patches for openAnolis 6.6 kernel: 
 
cpufreq: intel_pstate: Update hybrid scaling factor for Meteor Lake 
EDAC/i10nm: Add Intel Grand Ridge micro-server support 
cpufreq: intel_pstate: Update default EPPs for Meteor Lake 
x86/CPU/AMD: Improve the erratum 1386 workaround 
x86/bugs: Switch to new Intel CPU model defines 
x86/apic: Switch to new Intel CPU model defines 
x86/aperfmperf: Switch to new Intel CPU model defines 
EDAC/i10nm: Switch to new Intel CPU model defines 
EDAC/skx: Switch to new Intel CPU model defines 
cpufreq: Switch to new Intel CPU model defines 
cpufreq: intel_pstate: Switch to new Intel CPU model defines 
platform/x86/intel/ifs: Switch to new Intel CPU model defines 
x86/cpu: Introduce new microcode matching helper 
x86/cpu: Expose only stepping min/max interface 
x86/cpu: Shorten CPU matching macro 
x86/bugs: Rename MDS machinery to something more generic 
x86/bugs: Add a Transient Scheduler Attacks mitigation 
KVM: VMX: Split off hyperv_evmcs.{ch} 
KVM: nVMX: Split off helper for emulating VMCLEAR on Hyper-V eVMCS 
KVM: x86: Make Hyper-V emulation optional 
KVM: x86: Advertise AVX10.1 CPUID to userspace 
KVM: x86: Rename kvm_cpu_cap_mask() to kvm_cpu_cap_init() 
KVM: x86: Explicitly do runtime CPUID updates "after" initial setup 
KVM: x86: Swap incoming guest CPUID into vCPU before massaging in KVM_SET_CPUID2 
KVM: x86: Replace guts of "governed" features with comprehensive cpu_caps 
KVM: SVM: Advertise TSA CPUID bits to guests 
x86/microcode/AMD: Add TSA microcode SHAs 
x86/process: Move the buffer clearing before MONITOR 
 
Unit test Results:

* Add tsa=on | off | user | vm to the kernel command line in /etc/default/grub 
* Run the following command to check TSA support: 
 
[amd@titanite-hostos ~]$ uname -r 
6.6.88tsa_patches+ 

Test Case 1: tsa=on
[amd@titanite-hostos ~]$ lscpu | grep -i tsa 
Vulnerability Tsa:                    Mitigation; Clear CPU buffers
 
[amd@titanite-hostos ~]$ grep . /sys/devices/system/cpu/vulnerabilities/t* 
/sys/devices/system/cpu/vulnerabilities/tsa:Mitigation: Clear CPU buffers 

Test Case 2 : tsa=off

[amd@titanite-hostos ~]$ dmesg | grep tsa=off
[    0.000000] Command line: BOOT_IMAGE=(hd0,gpt2)/vmlinuz-6.6.88tsa_patches+ root=/dev/mapper/ao_anolis-root ro crashkernel=0M-2G:0M,2G-8G:192M,8G-128G:256M,128G-376G:384M,376G-:448M cgroup.memory=nokmem resume=UUID=cc7c14df-187a-43be-bd6a-5191660c5ba0 rd.lvm.lv=ao_anolis/root rd.lvm.lv=ao_anolis/swap rhgb quiet tsa=off

[amd@titanite-hostos ~]$ lscpu | grep -i tsa
Vulnerability Tsa:                    Vulnerable

Test case 3 : tsa=user

[root@titanite-hostos amd]# dmesg | grep tsa=user
[    0.000000] Command line: BOOT_IMAGE=(hd0,gpt2)/vmlinuz-6.6.88tsa_patches+ root=/dev/mapper/ao_anolis-root ro crashkernel=0M-2G:0M,2G-8G:192M,8G-128G:256M,128G-376G:384M,376G-:448M cgroup.memory=nokmem resume=UUID=cc7c14df-187a-43be-bd6a-5191660c5ba0 rd.lvm.lv=ao_anolis/root rd.lvm.lv=ao_anolis/swap rhgb quiet tsa=user

[root@titanite-hostos amd]# lscpu | grep -i tsa
Vulnerability Tsa:                    Mitigation; Clear CPU buffers user/kernel boundary

Test case 4 : tsa=vm

[amd@titanite-hostos ~]$ dmesg | grep tsa=vm
[    0.000000] Command line: BOOT_IMAGE=(hd0,gpt2)/vmlinuz-6.6.88tsa_patches+ root=/dev/mapper/ao_anolis-root ro crashkernel=0M-2G:0M,2G-8G:192M,8G-128G:256M,128G-376G:384M,376G-:448M cgroup.memory=nokmem resume=UUID=cc7c14df-187a-43be-bd6a-5191660c5ba0 rd.lvm.lv=ao_anolis/root rd.lvm.lv=ao_anolis/swap rhgb quiet tsa=vm

[amd@titanite-hostos ~]$ lscpu | grep -i tsa
Vulnerability Tsa:                    Mitigation; Clear CPU buffers VM