[PATCH v2 1/2] arch/Kconfig: Make CONFIG_CPU_SPECTRE available for all architectures
Pawan Gupta
pawan.kumar.gupta at linux.intel.com
Thu Oct 28 12:36:58 PDT 2021
On 28.10.2021 14:49, Mark Rutland wrote:
>On Wed, Oct 27, 2021 at 06:33:22PM -0700, Pawan Gupta wrote:
>> Borrow CONFIG_CPU_SPECTRE from ARM to be available for all
>> architectures. This will help in configuration of features that depend
>> on CPU being affected by spectre class of vulnerabilities.
>>
>> Signed-off-by: Pawan Gupta <pawan.kumar.gupta at linux.intel.com>
>
>Given that spectre isn't one specific issue, biut rather a blanket term
>for a bunch of things that can have variable overlap, I don't think this
>makes much sense unless we're going to add finer-grained options for all
>the variants, and IMO it'd make more sene for the architectures to
>directly select the things that'd otherwise be dependent on this.
Isn't ARM already using CPU_SPECTRE for selecting things:
config HARDEN_BRANCH_PREDICTOR
bool "Harden the branch predictor against aliasing attacks" if EXPERT
depends on CPU_SPECTRE
This was the whole motivation for doing the same for x86.
Adding a condition for all architectures is also okay, but its going to
a little messier:
config BPF_UNPRIV_DEFAULT_OFF
default y if X86 || ARM || ...
This approach would make sense if architectures wants to explicitly
select the defaults irrespective of architecture being affected by
spectre.
If that's the case I will change the BPF_UNPRIV_DEFAULT_OFF default to
depend on architecture. I hope BPF maintainer, Daniel is okay with it?
Pawan
Added BPF maintainers and bpf at vger to cc.
More information about the linux-arm-kernel
mailing list