| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240917170407.jxtpb75iru3qg74c@desk> Date: Tue, 17 Sep 2024 10:04:07 -0700 From: Pawan Gupta <pawan.kumar.gupta@...ux.intel.com> To: David Kaplan <david.kaplan@....com> Cc: Thomas Gleixner <tglx@...utronix.de>, Borislav Petkov <bp@...en8.de>, Peter Zijlstra <peterz@...radead.org>, Josh Poimboeuf <jpoimboe@...nel.org>, Ingo Molnar <mingo@...hat.com>, Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org, "H . Peter Anvin" <hpa@...or.com>, linux-kernel@...r.kernel.org Subject: Re: [RFC PATCH 00/34] x86/bugs: Attack vector controls On Thu, Sep 12, 2024 at 02:08:23PM -0500, David Kaplan wrote: > The rest of the patches define new "attack vector" command line options > to make it easier to select appropriate mitigations based on the usage > of the system. While many users may not be intimately familiar with the > details of these CPU vulnerabilities, they are likely better able to > understand the intended usage of their system. As a result, unneeded > mitigations may be disabled, allowing users to recoup more performance. How much performance improvement are you seeing with each of the attack vector? There aren't many vulnerabilities that only affect a single attack vector. So, selecting to mitigate single attack vector mitigates a lot more than that. We may be able to get better performance improvement by adding vector-based switches at the mitigation points. And only enable them if user asked for it.
Powered by blists - more mailing lists