Re: [RFC PATCH 00/34] x86/bugs: Attack vector controls

From: Pawan Gupta
Date: Tue Sep 17 2024 - 13:04:32 EST

Next message: David Teigland: "[GIT PULL] dlm updates for 6.12"
Previous message: Arnaud POULIQUEN: "Re: [PATCH v9 4/7] remoteproc: core: Add TEE interface support for firmware release"
Next in thread: Kaplan, David: "RE: [RFC PATCH 00/34] x86/bugs: Attack vector controls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Sep 12, 2024 at 02:08:23PM -0500, David Kaplan wrote:
> The rest of the patches define new "attack vector" command line options
> to make it easier to select appropriate mitigations based on the usage
> of the system. While many users may not be intimately familiar with the
> details of these CPU vulnerabilities, they are likely better able to
> understand the intended usage of their system. As a result, unneeded
> mitigations may be disabled, allowing users to recoup more performance.

How much performance improvement are you seeing with each of the attack
vector?

There aren't many vulnerabilities that only affect a single attack vector.
So, selecting to mitigate single attack vector mitigates a lot more than
that.

We may be able to get better performance improvement by adding vector-based
switches at the mitigation points. And only enable them if user asked for it.

Next message: David Teigland: "[GIT PULL] dlm updates for 6.12"
Previous message: Arnaud POULIQUEN: "Re: [PATCH v9 4/7] remoteproc: core: Add TEE interface support for firmware release"
Next in thread: Kaplan, David: "RE: [RFC PATCH 00/34] x86/bugs: Attack vector controls"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]