On 09/05/2025 9:14 am, Roger Pau Monné wrote: > On Thu, May 08, 2025 at 05:03:36PM +0100, Andrew Cooper wrote: >> The text for CONFIG_INDIRECT_THUNK isn't really correct, and was already >> stale >> by the time speculative vulnerabilities hit the headlines in 2018. It is >> specifically an out-of-line-ing mechansim, and repoline is one of several >> safety sequences used. >> >> Some of this boilerplate has been copied into all other options, and isn't >> interesting for the target audience given that they're all in a "Speculative >> Hardning" menu. >> >> Reword it to be more concise. >> >> No functional change. >> >> Signed-off-by: Andrew Cooper <andrew.coop...@citrix.com> > Acked-by: Roger Pau Monné <roger....@citrix.com> > > You are the expert on those things :). > >> --- >> CC: Anthony PERARD <anthony.per...@vates.tech> >> CC: Michal Orzel <michal.or...@amd.com> >> CC: Jan Beulich <jbeul...@suse.com> >> CC: Julien Grall <jul...@xen.org> >> CC: Roger Pau Monné <roger....@citrix.com> >> CC: Stefano Stabellini <sstabell...@kernel.org> >> >> CONFIG_SPECULATIVE_HARDEN_BRANCH really ought to be named >> CONFIG_SPECULATIVE_HARDEN_CONDITIONAL, but this would be a (minor) functional >> change. > I don't have a strong opinion either way TBH. Would you maybe like to > rename the menu visible text to "Speculative Conditional Branch Hardening"?
Hmm yeah, that's better than nothing. > >> --- >> xen/common/Kconfig | 51 +++++++++------------------------------------- >> 1 file changed, 10 insertions(+), 41 deletions(-) >> >> diff --git a/xen/common/Kconfig b/xen/common/Kconfig >> index 4bec78c6f267..03ef6d87abc0 100644 >> --- a/xen/common/Kconfig >> +++ b/xen/common/Kconfig >> @@ -162,29 +162,21 @@ config STATIC_MEMORY >> menu "Speculative hardening" >> >> config INDIRECT_THUNK >> - bool "Speculative Branch Target Injection Protection" >> + bool "Out-of-line Indirect Call/Jumps" >> depends on CC_HAS_INDIRECT_THUNK >> default y >> help >> - Contemporary processors may use speculative execution as a >> - performance optimisation, but this can potentially be abused by an >> - attacker to leak data via speculative sidechannels. > It would be nice if this boilerplate text could be made the "help" of > the top level menu entry, but that's not possible with Kconfig. When speculation was entirely new, something needed to introduce it (not that I think this was great to start with), but nowadays any all developers/sysadmins/distro-packagers will be aware of it. Or, if they're not aware, a paragraph like this isn't going to help them. ~Andrew
