[PATCH 12/13] x86: set SPECTRE_BHI_ON as default
Yuxuan Luo
yuxuan.luo at canonical.com
Fri Apr 12 19:23:50 UTC 2024
From: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
commit 2bb69f5fc72183e1c62547d900f560d0e9334925 upstream.
Part of a merge commit from Linus that adjusted the default setting of
SPECTRE_BHI_ON.
Cc: Linus Torvalds <torvalds at linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
(cherry picked from commit 8d8dc7ee5b98fca7a65c800df93ded071a96fd49)
CVE-2024-2201
Signed-off-by: Yuxuan Luo <yuxuan.luo at canonical.com>
---
arch/x86/Kconfig | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
index b0e7b3c5a351a..c5cc7baf48c66 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -2512,7 +2512,7 @@ config GDS_FORCE_MITIGATION
choice
prompt "Clear branch history"
depends on CPU_SUP_INTEL
- default SPECTRE_BHI_AUTO
+ default SPECTRE_BHI_ON
help
Enable BHI mitigations. BHI attacks are a form of Spectre V2 attacks
where the branch history buffer is poisoned to speculatively steer
--
2.34.1
More information about the kernel-team
mailing list