RE: [PATCH v3 20/35] x86/bugs: Define attack vectors

[Kaplan, David]

[AMD Official Use Only - AMD Internal Distribution Only]

> -----Original Message-----
> From: Pawan Gupta <pawan.kumar.gupta@xxxxxxxxxxxxxxx>
> Sent: Wednesday, February 26, 2025 4:13 PM
> To: Kaplan, David <David.Kaplan@xxxxxxx>
> Cc: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>; Borislav Petkov <bp@xxxxxxxxx>;
> Thomas Gleixner <tglx@xxxxxxxxxxxxx>; Peter Zijlstra <peterz@xxxxxxxxxxxxx>; Ingo
> Molnar <mingo@xxxxxxxxxx>; Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>;
> x86@xxxxxxxxxx; H . Peter Anvin <hpa@xxxxxxxxx>; linux-kernel@xxxxxxxxxxxxxxx
> Subject: Re: [PATCH v3 20/35] x86/bugs: Define attack vectors
>
>
> > But we could also combine that with mitigations=selective perhaps with
> > tokens like 'mitigate_smt' (enable all relevant SMT mitigations
> > including disabling SMT if needed) or 'no_mitigate_smt' (do not enable
> > any SMT mitigation).  If no token is specified, then we'd default to
> > the behavior today where SMT won't be disabled but other mitigations get applied.
> > Then everything is in one option.
>
> Agree.
>
> > If we like that, then a related question then, do we agree that
> > 'mitigations=off' should be equivalent to
> >
> 'mitigations=selective,no_user_kernel,no_user_user,no_guest_host,no_guest_gues
> t,no_mitigate_smt'?
> >
> > If so, and we're ok with individual bug cmdlines overriding this, then
> > I think we can get rid of cpu_mitigations_off() and just rely on the
> > attack vectors as Josh was suggesting.
>
> Does that mean to stop supporting "mitigations=off"?

No.  I'm saying that mitigations=off would be equivalent to the above command line.  The <vuln>_select_mitigation() functions wouldn't have to call cpu_mitigations_off() anymore, they'd just naturally chose no mitigation because no attack vectors would be selected.

--David Kaplan