Re: [PATCH v3 01/10] x86/bugs: Add a separate config for GDS
From: Breno Leitao
Date: Mon Jul 15 2024 - 08:15:08 EST
Hello Borislav,
On Fri, Jul 12, 2024 at 07:21:32PM +0200, Borislav Petkov wrote:
> On Mon, Apr 22, 2024 at 09:58:15AM -0700, Breno Leitao wrote:
> > +config MITIGATION_GDS
> > + bool "Mitigate Gather Data Sampling"
> > + depends on CPU_SUP_INTEL
> > + default y
> > + help
> > + Enable mitigation for Gather Data Sampling (GDS). GDS is a hardware
> > + vulnerability which allows unprivileged speculative access to data
> > + which was previously stored in vector registers. The attacker uses gather
> > + instructions to infer the stale vector register data.
> > +
> > config MITIGATION_GDS_FORCE
>
> Btw, can we get rid of that thing, while at it?
Sure, I will send a v4 and get rid of GDS_FORCE_MITIGATION completely.
Thanks for the review.
--breno