Re: [PATCH v5 3/3] x86/bugs: Add 'spectre_bhi=vmexit' cmdline option

From: Maksim Davydov
Date: Mon May 27 2024 - 06:46:36 EST

Next message: Sukrit.Bhatnagar@xxxxxxxx: "RE: [PATCH 0/2] Improve dump_page() output for slab pages"
Previous message: Benno Lossin: "Re: [PATCH v2 8/9] rust: list: support heterogeneous lists"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/8/24 08:19, Josh Poimboeuf wrote:

On Tue, May 07, 2024 at 07:58:07AM -0700, Daniel Sneddon wrote:

On 5/6/24 22:30, Josh Poimboeuf wrote:

In cloud environments it can be useful to *only* enable the vmexit
mitigation and leave syscalls vulnerable. Add that as an option.

This is similar to the old spectre_bhi=auto option which was removed
with the following commit:

36d4fe147c87 ("x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto")

with the main difference being that this has a more descriptive name and
is disabled by default.

Requested-by: Maksim Davydov <davydov-max@xxxxxxxxxxxxxx>
Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
---

Does the KConfig option need to be updated to support this as well?

In general we don't provide a config option for every possible
mitigation cmdline option. If someone requests it we could add it
later.

Reviewed-by: Daniel Sneddon <daniel.sneddon@xxxxxxxxxxxxxxx>

Thanks!

I think it will be useful for us to have appropriate Kconfig option. Could you please add it to the next version?

--
Best regards,
Maksim Davydov

Next message: Sukrit.Bhatnagar@xxxxxxxx: "RE: [PATCH 0/2] Improve dump_page() output for slab pages"
Previous message: Benno Lossin: "Re: [PATCH v2 8/9] rust: list: support heterogeneous lists"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]