Hi Julien, > On 26 Jan 2021, at 13:51, Julien Grall <jul...@xen.org> wrote: > > Hi Stefano, > > On 25/01/2021 21:27, Stefano Stabellini wrote: >> config ARM_SSBD >> - bool "Speculative Store Bypass Disable" if EXPERT >> + bool "Speculative Store Bypass Disable (UNSUPPORTED)" if UNSUPPORTED >> depends on HAS_ALTERNATIVE >> default y >> help >> @@ -87,7 +87,7 @@ config ARM_SSBD >> If unsure, say Y. >> config HARDEN_BRANCH_PREDICTOR >> - bool "Harden the branch predictor against aliasing attacks" if EXPERT >> + bool "Harden the branch predictor against aliasing attacks >> (UNSUPPORTED)" if UNSUPPORTED >> default y >> help >> Speculation attacks against some high-performance processors rely on > > I read through the back and forth between Bertrand and Jan about > "UNSUPPORTED". However, I still don't understand why those two options are > moved to UNSUPPORTED.
Discussion was more on what to do for options which have a default y and can only be turned off with UNSUPPORTED or EXPERT selected. > > Both options will only build the code to enable the mitigation. The decision > is still based on the processor you are running on. > > In addition to that, ARM_SSBD can also be forced enabled/disabled on the > command line. > > A user may want to compile out the code if the target processor is not the > affected by the two issues. This wouldn't be much different to Xen deciding > to not enabling the mitigation. > > I would view the two options as supported but not security supported. So this > seems to fit exactly in the definition of EXPERT rather than UNSUPPORTED. I think you are right here, not security supported should be only available to EXPERT. Cheers Bertrand > > Cheers, > > -- > Julien Grall >
