On 11/19/2018 6:00 AM, Linus Torvalds wrote:
On Sun, Nov 18, 2018 at 1:49 PM Jiri Kosina jikos@kernel.org wrote:
So why do that STIBP slow-down by default when the people who *really* care already disabled SMT?
BTW for them, there is no impact at all.
Right. People who really care about security and are anal about it do not see *any* advantage of the patch.
In the documentation, AMD officially recommends against this by default, and I can speak for Intel that our position is that as well: this really must not be on by default.
STIBP and its friends are there as tools, and were created early on as big hammers because that is all that one can add in a microcode update.. expensive big hammers.
In some ways it's analogous to the "disable caches" bit in CR0. sure it's there as a big hammer, but you don't set that always just because caches could be used for a side channel
Using these tools much more surgically is fine, if a paranoid task wants it for example, or when you know you are doing a hard core security transition. But always on? Yikes.