diff mbox series

[v2] x86/retbleed: add "stuff" mode admin documentation

Message ID	20230109160808.30740-1-rdunlap@infradead.org
State	New
Headers	Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; From: Randy Dunlap <rdunlap@infradead.org> To: linux-kernel@vger.kernel.org Cc: Randy Dunlap <rdunlap@infradead.org>, Thomas Gleixner <tglx@linutronix.de>, Borislav Petkov <bp@alien8.de>, Ingo Molnar <mingo@redhat.com>, Dave Hansen <dave.hansen@linux.intel.com>, x86@kernel.org, Jonathan Corbet <corbet@lwn.net>, linux-doc@vger.kernel.org, Ingo Molnar <mingo@kernel.org> Subject: [PATCH v2] x86/retbleed: add "stuff" mode admin documentation Date: Mon, 9 Jan 2023 08:08:08 -0800 Message-Id: <20230109160808.30740-1-rdunlap@infradead.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	[v2] x86/retbleed: add "stuff" mode admin documentation \| [v2] x86/retbleed: add "stuff" mode admin documentation

Commit Message

Randy Dunlap Jan. 9, 2023, 4:08 p.m. UTC

  Add admin documentation for "retbleed=stuff", based on commit
description and source code.

Fixes: d82a0345cf21 ("x86/retbleed: Add call depth tracking mitigation")
Signed-off-by: Randy Dunlap <rdunlap@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: x86@kernel.org
Cc: Jonathan Corbet <corbet@lwn.net>
Cc: linux-doc@vger.kernel.org
Acked-by: Ingo Molnar <mingo@kernel.org>
---
v2: fix typo "if effect" -> "in effect" (thanks Ingo)

 Documentation/admin-guide/kernel-parameters.txt |    8 ++++++++
 1 file changed, 8 insertions(+)

Comments

Dave Hansen Jan. 9, 2023, 5:19 p.m. UTC | #1

On 1/9/23 08:08, Randy Dunlap wrote:
> +			stuff        - Enables "stuffing" mode mitigation,
> +				       which uses return thunking and call depth
> +				       tracking.  Only in effect if
> +				       CONFIG_CALL_DEPTH_TRACKING is set and
> +				       Spectre V2 mitigation mode is
> +				       "retpoline".
> +				       IBRS is fully secure mitigation but is
> +				       more costly (slower) than stuffing.

The "fully secure" thing makes me cringe a bit.

I'd suggest saying:

	IBRS is a stronger mitigation
	but is more costly than stuffing
	(slower).

Randy Dunlap Jan. 9, 2023, 9:08 p.m. UTC | #2

On 1/9/23 09:19, Dave Hansen wrote:
> On 1/9/23 08:08, Randy Dunlap wrote:
>> +			stuff        - Enables "stuffing" mode mitigation,
>> +				       which uses return thunking and call depth
>> +				       tracking.  Only in effect if
>> +				       CONFIG_CALL_DEPTH_TRACKING is set and
>> +				       Spectre V2 mitigation mode is
>> +				       "retpoline".
>> +				       IBRS is fully secure mitigation but is
>> +				       more costly (slower) than stuffing.
> 
> The "fully secure" thing makes me cringe a bit.
> 
> I'd suggest saying:
> 
> 	IBRS is a stronger mitigation
> 	but is more costly than stuffing
> 	(slower).

OK, will do (v3).  :)

Thanks.

diff mbox series

Patch

diff -- a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
@@ -5364,6 +5364,14 @@ 
 				       when STIBP is not available. This is
 				       the alternative for systems which do not
 				       have STIBP.
+			stuff        - Enables "stuffing" mode mitigation,
+				       which uses return thunking and call depth
+				       tracking.  Only in effect if
+				       CONFIG_CALL_DEPTH_TRACKING is set and
+				       Spectre V2 mitigation mode is
+				       "retpoline".
+				       IBRS is fully secure mitigation but is
+				       more costly (slower) than stuffing.
 			unret        - Force enable untrained return thunks,
 				       only effective on AMD f15h-f17h based
 				       systems.