Re: [PATCH v5 3/3] x86/bugs: Add 'spectre_bhi=vmexit' cmdline option

From: Josh Poimboeuf
Date: Wed May 08 2024 - 01:20:04 EST

Next message: David Wei: "Re: [PATCH net-next 3/5] gve: Add flow steering device option"
Previous message: Ankur Arora: "Re: [PATCH 00/30] PREEMPT_AUTO: support lazy rescheduling"
Next in thread: Nikolay Borisov: "Re: [PATCH v5 3/3] x86/bugs: Add 'spectre_bhi=vmexit' cmdline option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 07, 2024 at 07:58:07AM -0700, Daniel Sneddon wrote:
> On 5/6/24 22:30, Josh Poimboeuf wrote:
> > In cloud environments it can be useful to *only* enable the vmexit
> > mitigation and leave syscalls vulnerable. Add that as an option.
> >
> > This is similar to the old spectre_bhi=auto option which was removed
> > with the following commit:
> >
> > 36d4fe147c87 ("x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto")
> >
> > with the main difference being that this has a more descriptive name and
> > is disabled by default.
> >
> > Requested-by: Maksim Davydov <davydov-max@xxxxxxxxxxxxxx>
> > Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
> > ---
>
> Does the KConfig option need to be updated to support this as well?

In general we don't provide a config option for every possible
mitigation cmdline option. If someone requests it we could add it
later.

> Reviewed-by: Daniel Sneddon <daniel.sneddon@xxxxxxxxxxxxxxx>

Thanks!

--
Josh

Next message: David Wei: "Re: [PATCH net-next 3/5] gve: Add flow steering device option"
Previous message: Ankur Arora: "Re: [PATCH 00/30] PREEMPT_AUTO: support lazy rescheduling"
Next in thread: Nikolay Borisov: "Re: [PATCH v5 3/3] x86/bugs: Add 'spectre_bhi=vmexit' cmdline option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]