Lines Matching full:mitigation
6 This is a mitigation for the speculative return stack overflow (SRSO)
39 The sysfs file showing SRSO mitigation status is:
60 The "Safe RET" mitigation (see below) has been applied to protect the
70 Note that User->User mitigation is controlled by how the IBPB aspect in
71 the Spectre v2 mitigation is selected:
85 * 'Mitigation: Safe RET':
87 Combined microcode/software mitigation. It complements the
93 * 'Mitigation: IBPB':
100 * 'Mitigation: IBPB on VMEXIT':
102 Mitigation addressing the cloud provider scenario - the Guest->Host
122 Considering the performance implications of each mitigation type, the
123 default one is 'Mitigation: safe RET' which should take care of most
132 As one can surmise, 'Mitigation: safe RET' does come at the cost of some
135 disable the mitigation with spec_rstack_overflow=off.
137 Similarly, 'Mitigation: IBPB' is another full mitigation type employing
139 microcode patch for one's system. This mitigation comes also at
142 Mitigation: Safe RET
145 The mitigation works by ensuring all RET instructions speculate to
151 To ensure the safety of this mitigation, the kernel must ensure that the