Re: [PATCH v3 20/35] x86/bugs: Define attack vectors

From: Borislav Petkov
Date: Wed Feb 26 2025 - 16:03:12 EST

Next message: Pawan Gupta: "[PATCH] x86/speculation: Simplify and make CALL_NOSPEC consistent"
Previous message: Chuck Lever: "Re: [REGRESSION] Chrome and VSCode breakage with the commit b9b588f22a0c"
In reply to: Pawan Gupta: "Re: [PATCH v3 20/35] x86/bugs: Define attack vectors"
Next in thread: Pawan Gupta: "Re: [PATCH v3 20/35] x86/bugs: Define attack vectors"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Feb 26, 2025 at 12:14:53PM -0800, Pawan Gupta wrote:
> This is a bit ambiguous, mitigations=off,guest_host could be interpreted as
> disabling guest->host and enabling all others. Using attack vectors with
> both =on and =off seems unnecessary.

No, you'll have

mitigations=[global],[separate_vector(s)]

so global can be "on", "off", "auto" and the separate vector enables only that
specific one.

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Pawan Gupta: "[PATCH] x86/speculation: Simplify and make CALL_NOSPEC consistent"
Previous message: Chuck Lever: "Re: [REGRESSION] Chrome and VSCode breakage with the commit b9b588f22a0c"
In reply to: Pawan Gupta: "Re: [PATCH v3 20/35] x86/bugs: Define attack vectors"
Next in thread: Pawan Gupta: "Re: [PATCH v3 20/35] x86/bugs: Define attack vectors"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]