Re: [PATCH] x86/speculation: Add document to describe Spectre and its mitigations

From: Tim Chen
Date: Tue Jan 08 2019 - 20:41:41 EST


On 1/8/19 5:11 PM, Alexei Starovoitov wrote:

>>
>> Alexi,
>>
>> Do you have any suggestions on how to rewrite this two paragraphs? You
>> are probably the best person to update content for this section.
>
> how about moving bpf bits out of this doc and placing them under Documentation/bpf/ ?
> We can create bpf_security.rst there with specdown mitigations, best practices,
> useful sysctl and config knobs, etc.
>

Maybe we can provide some minimum but accurate info here on this category of Spectre attack
for completeness. We can later provide a link to bpf_security.rst here with more details
when that becomes available.

Otherwise, I can remove it if you prefer. But people concerned about Spectre will most likely read
this doc first. I want them to be pointed to the detailed BPF security doc.

Tim