Re: [PATCH v4 11/11] x86/vmscape: Add cmdline vmscape=on to override attack vector controls

From: Nikolay Borisov
Date: Tue Nov 25 2025 - 06:42:14 EST

Next message: Tomas Melin: "Re: [PATCH] Revert "arm64: zynqmp: Add an OP-TEE node to the device tree""
Previous message: patchwork-bot+netdevbpf: "Re: [PATCH net v6 0/5] net: dsa: microchip: Fix resource releases in error path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/20/25 08:20, Pawan Gupta wrote:

In general, individual mitigation controls can be used to override the
attack vector controls. But, nothing exists to select BHB clearing
mitigation for VMSCAPE. The =force option comes close, but with a
side-effect of also forcibly setting the bug, hence deploying the
mitigation on unaffected parts too.

Add a new cmdline option vmscape=on to enable the mitigation based on the
VMSCAPE variant the CPU is affected by.

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@xxxxxxxxxxxxxxx>

Reviewed-by: Nikolay Borisov <nik.borisov@xxxxxxxx>

Next message: Tomas Melin: "Re: [PATCH] Revert "arm64: zynqmp: Add an OP-TEE node to the device tree""
Previous message: patchwork-bot+netdevbpf: "Re: [PATCH net v6 0/5] net: dsa: microchip: Fix resource releases in error path"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]