Hi: On 11/5/18 11:05 AM, Casey Schaufler wrote: > diff --git a/security/sidechannel/Kconfig b/security/sidechannel/Kconfig > new file mode 100644 > index 000000000000..653033027415 > --- /dev/null > +++ b/security/sidechannel/Kconfig > @@ -0,0 +1,13 @@ > +config SECURITY_SIDECHANNEL > + bool "Sidechannel attack safety extra checks" > + depends on SECURITY > + default n
Please drop the "default n" since it is already the default value. > + help > + Look for a variety of cases where a side-channel attack > + could potentially be exploited. Instruct the switching > + code to use the indirect_branch_prediction_barrier in > + cases where the passed task and the current task may be > + at risk. > + > + If you are unsure how to answer this question, answer N. Use tab + 2 spaces to indent the line above. > + thanx. -- ~Randy _______________________________________________ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
