On 28.10.2021 14:49, Mark Rutland wrote:

On Wed, Oct 27, 2021 at 06:33:22PM -0700, Pawan Gupta wrote:

quoted

Borrow CONFIG_CPU_SPECTRE from ARM to be available for all
architectures. This will help in configuration of features that depend
on CPU being affected by spectre class of vulnerabilities.

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>

Given that spectre isn't one specific issue, biut rather a blanket term
for a bunch of things that can have variable overlap, I don't think this
makes much sense unless we're going to add finer-grained options for all
the variants, and IMO it'd make more sene for the architectures to
directly select the things that'd otherwise be dependent on this.

Isn't ARM already using CPU_SPECTRE for selecting things: 

	config HARDEN_BRANCH_PREDICTOR
	     bool "Harden the branch predictor against aliasing attacks" if EXPERT
	     depends on CPU_SPECTRE

This was the whole motivation for doing the same for x86.

Adding a condition for all architectures is also okay, but its going to
a little messier:

	 config BPF_UNPRIV_DEFAULT_OFF
	        default y if X86 || ARM || ... 

This approach would make sense if architectures wants to explicitly
select the defaults irrespective of architecture being affected by
spectre.

If that's the case I will change the BPF_UNPRIV_DEFAULT_OFF default to
depend on architecture. I hope BPF maintainer, Daniel is okay with it?

Pawan

Added BPF maintainers and bpf@vger to cc.

_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel