Re: [PATCH v4] x86/bugs: Add a separate config for each mitigation

[Josh Poimboeuf]

On Wed, Oct 11, 2023 at 09:03:17PM +0200, Borislav Petkov wrote:
> On Tue, Oct 10, 2023 at 09:42:52PM -0700, Josh Poimboeuf wrote:
> >   MITIGATION_PAGE_TABLE_ISOLATION
> >   MITIGATION_RETPOLINE
> >   MITIGATION_UNRET_ENTRY
> >   MITIGATION_CALL_DEPTH_TRACKING
> >   MITIGATION_IBPB_ENTRY
> >   MITIGATION_IBRS_ENTRY
> >   MITIGATION_SRSO
> >   MITIGATION_SLS
> 
> The train has already left the station on those. The other mitigations
> don't have "MITIGAT*" at all in front of the name. I.e.:
> 
> config RETHUNK
> config CALL_DEPTH_TRACKING
> ...
> 
> and prepending them all with MITIGATION_ is going to cause too much
> senseless churn for a reason which I don't think is worth the effort.

I wouldn't call it senseless churn.  There are concrete benefits -- for
both users and developers -- of having all the mitigation config options
living in the same config namespace.

Sure, the change might cause pain for users who disable these options,
but do those users actually exist?

-- 
Josh