Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp3207317rdh; Thu, 28 Sep 2023 05:59:31 -0700 (PDT) X-Google-Smtp-Source: AGHT+IG9RZA+kSjQd867//K9H00Sgreavc0WYd54+y5ZtsRqZnDxFlF0z2/GG8E/JdhN4g7DBUKu X-Received: by 2002:a05:6a00:1a13:b0:68e:3f0b:5e6f with SMTP id g19-20020a056a001a1300b0068e3f0b5e6fmr1151630pfv.24.1695905971508; Thu, 28 Sep 2023 05:59:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695905971; cv=none; d=google.com; s=arc-20160816; b=yP0UFYYUhzOiAGgK46DXfqZUvUY2opw/yDTUm8RvdwdLry5P9x64VTWWC1eu61D2hw mUGvSEZEOb5okDtgz+Bpjg/qROT+ngO/EVA0+i+KgxSmAhvZb9RYC8tH7EiHxWiu5hLk PqafikbouedJyuYXS328TLxs3PvxymooTG8+gGwrEbUr8FZgmFxcXJBrzqSw9EjKnhCV Wfa2f6uFD7uOtyrZPVoFyMFkTKN09oqLpwUkmVM+MS/5z45s7dNMd9s6yOuIBmXCiJDb VeZdcZZonXWxLBXKCEyvx8CC1cWUAmJ3FE0R87SARZaaO6Q40H0THM3x0Bvbl9AbMCYY 3JSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=LqyFyejgRJ3HVV9uFW0VQLQllqmaovz7EFt7peLUQxg=; fh=0YNDTn4BlLVGxop58ulfW6ZFgiJ+6+n8oGZyGtYHQvY=; b=JmqmdOk/oRdDn3FfftQzcm7FwPuXAaGFyQkU93BO70gotBS+VJqVDz+2Iy1E4MgzSw TBtIg3F/2K+nVjQe6YgKKgt2V4L1iVdXl7uOiJ3hB6w0gVd2dfyDkRx9taRF1P0EhqbM hK/cdZlqdC16AeS2W3u+zFGgOTXcKYFxumFlLzSItQ2OdqRfTT5pXClnZzrSYUx/m+D1 o4zv+cL7fIcnePa5inI+oEDLLp+/qzbGIY2z6SrUOC4brP7qqDBYB6nBgYILkUvhiBBW 16/cJSahOJAa3TGRI7yeQaqGtMHUF1uguMo7wcBpn7RGZEpDKnuAm4/IbFbQcORNmFCi TQ4A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id w1-20020a63c101000000b005653316de6fsi18873733pgf.271.2023.09.28.05.59.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Sep 2023 05:59:31 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id CCAB9803956A; Thu, 28 Sep 2023 05:45:54 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232514AbjI1Mpl (ORCPT + 99 others); Thu, 28 Sep 2023 08:45:41 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58354 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232490AbjI1Mpj (ORCPT ); Thu, 28 Sep 2023 08:45:39 -0400 Received: from mail-ej1-f47.google.com (mail-ej1-f47.google.com [209.85.218.47]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B1D8E139 for ; Thu, 28 Sep 2023 05:45:36 -0700 (PDT) Received: by mail-ej1-f47.google.com with SMTP id a640c23a62f3a-99c1c66876aso1675869966b.2 for ; Thu, 28 Sep 2023 05:45:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695905135; x=1696509935; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=LqyFyejgRJ3HVV9uFW0VQLQllqmaovz7EFt7peLUQxg=; b=F2eqsSSE0IrfEpD63jHxFNhhL1+z3ZvFivzXB5xsSfcyrjuuH2T2zoVFcQjClt9ZPA aeHo7Zjyhh1XdzswATfEyHmisAshQIuKAKXfnSWPvMd3grpqn3/l1LCgB/l3CrrgCKdm 7m6Bk5yshMCt0J+M2onFlYcwM3ZA7FAfYYScPoskU5v/VYX5ffbc4TC5+TwOR8xzxzyb 45sbN7luB6xPwfHz8Ut081Wbj5kHJTXURYIN6GudU8zGenYrzU7FEpWugM3nn98wxU9M ajzheo6EBSyIu4j+TU2NqbIWG5hylS8WoV+pVZfJYibiCH/MuWhsqsfRe4GkTer8lUrT dfAA== X-Gm-Message-State: AOJu0Yy9m+/rfhyX7Oqb/lbLt6RLg9tZB9qTe98RlnJ0EJ21ATqDFYjT LcgrEVIfM/2oEhJNh+O4OSc= X-Received: by 2002:a17:907:1dcb:b0:9ae:5367:fe90 with SMTP id og11-20020a1709071dcb00b009ae5367fe90mr1203899ejc.32.1695905134918; Thu, 28 Sep 2023 05:45:34 -0700 (PDT) Received: from gmail.com (fwdproxy-cln-022.fbsv.net. [2a03:2880:31ff:16::face:b00c]) by smtp.gmail.com with ESMTPSA id l25-20020a1709066b9900b0099cc36c4681sm10778878ejr.157.2023.09.28.05.45.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Sep 2023 05:45:34 -0700 (PDT) Date: Thu, 28 Sep 2023 05:45:32 -0700 From: Breno Leitao To: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" , Peter Zijlstra , Josh Poimboeuf , Pawan Gupta Cc: leit@meta.com, "open list:X86 ARCHITECTURE (32-BIT AND 64-BIT)" Subject: Re: [PATCH v3] x86/bugs: Add a separate config for each mitigation Message-ID: References: <20230628142129.2468174-1-leitao@debian.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20230628142129.2468174-1-leitao@debian.org> X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Thu, 28 Sep 2023 05:45:55 -0700 (PDT) On Wed, Jun 28, 2023 at 07:21:28AM -0700, leitao@debian.org wrote: > From: Breno Leitao > > Create an entry for each CPU mitigation under > CONFIG_SPECULATION_MITIGATIONS. This allow users to enable or disable > them at compilation time. > > If a mitigation is disabled at compilation time, it could be enabled at > runtime using kernel command line arguments. I had a chat about this topic with Boris and Thomas at Kernel Recipes, and I would like to summarize the current state, and get it moving forward. 1) The hardware mitigations are half-way added to KCONFIG. I.e., half of the hardware mitigations are specified under SPECULATION_MITIGATIONS, but not all of them. * You can enabled/disabled just half of them at build time. 2) It is impossible to build a kernel with speculative mitigations disabled. * The only way to disable the mitigations is at boot time, using the "mitigations=off" boot parameter. So, disabling SPECULATION_MITIGATIONS, will only disable the mitigations that are under SPECULATION_MITIGATIONS. Other mitigations will continue to be enabled by default. This is is misleading for the user. Here are a few options moving forward: 1) Create one Kconfig entry per mitigation, so, the user can pick and choose what to enable and disable. (Version 3 of this patch. May need a re-spin due to the new mitigations being added.) 2) Keep the Kconfig entries as-is. Create a new Kconfig entry (CPU_MITIGATIONS_DEFAULT_OFF?) to disable the mitigations by default, similarly to the `mitigations=off` boot parameter (v1 of this patch) 3) Same as 2, but, reusing SPECULATION_MITIGATIONS instead of creating a new Kconfig entry. 4) Remove the current entries in SPECULATION_MITIGATIONS and the fine control on what to enable/disable?! What is the preferred way?