Re: [PATCH 1/5] x86/cpufeatures: Define feature bits to support mitigation of PSF

[Saripalli, RK]

On 4/9/2021 3:19 PM, Borislav Petkov wrote:
> On Fri, Apr 09, 2021 at 02:45:23PM -0500, Saripalli, RK wrote:
>> Yes, these options should be fine for now.
>> Like you said, if we get the need to add prctl and seccomp, I can always do that later.
>>
>> What do you think auto should default to?. 
>> In SSBD case, I believe auto defaults to prctl or seccomp.
>> Since we will not have that here, we should choose something for auto.
> 
> Or not add it yet. Just have "on" and "off" for now.

OK

> 
> Which begs the question should this be controllable by the mitigations=
> switch too?

> 
> I wanna say, let's have people evaluate and play with it first and
> we can add it to that switch later. As long as we don't change the
> user-visible controls - if anything we'll be extending them later,
> potentially - we should be fine usage-wise and from user visibility POV.

Agreed. We can add this later.
> 
>> All the other mitigation x86 mitigation code goes into kernel/cpu/bugs.c.
>> I think psf_cmdline() or equivalent also belongs there and not in kernel/cpu/amd.c.
> 
> It being AMD-specific, it can dwell in amd.c initially.

OK
> 
> Thx.
>