• Will Deacon's avatar
    arm64: Treat SSBS as a non-strict system feature · 532d5815
    Will Deacon authored
    If all CPUs discovered during boot have SSBS, then spectre-v4 will be
    considered to be "mitigated". However, we still allow late CPUs without
    SSBS to be onlined, albeit with a "SANITY CHECK" warning. This is
    problematic for userspace because it means that the system can quietly
    transition to "Vulnerable" at runtime.
    
    Avoid this by treating SSBS as a non-strict system feature: if all of
    the CPUs discovered during boot have SSBS, then late arriving secondaries
    better have it as well.
    Signed-off-by: default avatarWill Deacon <will@kernel.org>
    532d5815
cpufeature.c 95 KB