sched-gran doesn’t work on CPUs that are asymmetric, like the Intel E and P core CPUs.
It also does solve all problems, transient HT exploits are still possible even if you change the scheduling granularity to core.
If you want to use smt then sched-gran=core is better than cpu, if you can use it, but it doesn’t make smt safe.
If smt is worth it depends on your threat model, and your work load, but if you need the highest level of security you shouldn’t enable smt, it’s never going to be safe.