Re: [PATCH 2/2] x86/bugs: spectre user default must depend on MITIGATION_SPECTRE_V2
From: Pawan Gupta
Date: Wed Oct 30 2024 - 14:41:10 EST
On Tue, Oct 29, 2024 at 02:19:12AM -0700, Breno Leitao wrote:
> > If this is the intention it should be
> > clearly documented that enabling kernel mitigation does not enable user
> > mitigation. And an explicit spectre_v2_user= is required to enable user
> > mitigation.
>
> That is fair. I didn't find a place where to document about diferent
> behavior when CONFIG_MITIGATION_X is disabled. What would you suggest?
You could describe the behavior in the commit message and update kernel
parameter documentation.
With that:
Reviewed-by: Pawan Gupta <pawan.kumar.gupta@xxxxxxxxxxxxxxx>
---
diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
index 1518343bbe22..f8bc02cd10ec 100644
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -6241,6 +6241,8 @@
Selecting 'on' will also enable the mitigation
against user space to user space task attacks.
+ Selecting specific mitigation does not force enable
+ user mitigations.
Selecting 'off' will disable both the kernel and
the user space protections.