On Wed, 5 Sep 2018, Andi Kleen wrote:
> > So, after giving it a bit more thought, I still believe "I want spectre V2
> > protection" vs. "I do not care about spectre V2 on my system
> > (=nospectre_v2)" are the sane options we should provide; so I'll respin v4
> > of my patchset, including the ptrace check in switch_mm() (statically
> > patched out on !IBPB-capable systems), and we can then later see whether
> > the LSM implementation, once it exists, should be used instead.
>
> Please if you repost include plenty of performance numbers for multi threaded
> workloads. It's ridiculous to even discuss this without them.
Either we care about that problem and provide a proper mechanism to protect
systems or we do not. That's not a performance number problem at all.
Thanks,
tglx
