Re: [PATCH] x86/speculation: Add document to describe Spectre and its mitigations

From: Ben Greear
Date: Mon Dec 31 2018 - 11:28:05 EST




On 12/21/2018 05:17 PM, Tim Chen wrote:
On 12/21/18 1:59 PM, Ben Greear wrote:
On 12/21/18 9:44 AM, Tim Chen wrote:
Thomas,

Andi and I have made an update to our draft of the Spectre admin guide.
We may be out on Christmas vacation for a while. But we want to
send it out for everyone to take a look.

Can you add a section on how to compile out all mitigations that have anything
beyond negligible performance impact for those running systems where performance
is more important than security?


If you don't worry about security and performance is paramount, then
boot with "nospectre_v2". That's explained in the document.

There seem to be lots of different variants of this type of problem. It was not clear
to me that just doing nospectre_v2 would be sufficient to get back full performance.

And anyway, I would like to compile the kernel to not need that command-line option,
so I am still interesting in what compile options need to be set to what values...

Thanks,
Ben

--
Ben Greear <greearb@xxxxxxxxxxxxxxx>
Candela Technologies Inc http://www.candelatech.com