L1 Terminal Fault (L1TF) is a hardware vulnerability which allows unprivileged
speculative access to data which is available in the Level 1 Data Cache when
the page table entry isn't present.
Select the appropriate mitigation by adding the argument
l1tf= to the default
GRUB 2 command line for the Linux operating system.
Configure the default Grub2 kernel command line to contain l1tf= as follows:
# grub2-editenv - set "$(grub2-editenv - list | grep kernelopts) l1tf="
Since Linux Kernel 4.19 you can check the L1TF vulnerability state with the
following command:
cat /sys/devices/system/cpu/vulnerabilities/l1tf