On Thu, Aug 23, 2018 at 10:05:20PM +0200, Michal Hocko wrote:
On Thu 23-08-18 12:38:33, Andi Kleen wrote:
There are people who care about L1TF mitigations. I am not going to question their motivation. In any case a hint how to make the mitigation active again sounds more useful than something that sounds as scary as "you are vulnerable".
FWIW an early version of these patches automatically limited the available memory, but Linus pointed out that people likely prefer their memory.
Nobody is questioning that. The point is to give them a hint on how to make the mitigation active again without going to call for help. The message does tell them how to _enable_ it and point them to the documentation on how to _decide_.
On the message I guess there are two cases:
- either it's very little memory that is lost like in the 32GB + memory hole case. In this case maybe it's better if we just limit automatically if the overlap is small enough (<2GB perhaps?)
- Or it's a lot of memory then people are unlikely to want to lose their memory and I don't think we really need the message either.
Also I checked the bug again and it looks like the reporter has an IvyBridge. There is actually a better solution for those (anything Nehalem and newer) because they internally have at least 44 bits in the cache, which is good enough for the mitigation. Just need a quirk to override the bit width in this case (will submit a patch)
-Andi