Lines Matching full:mitigation

6 This is a mitigation for the speculative return stack overflow (SRSO)
39 The sysfs file showing SRSO mitigation status is:
60    The "Safe RET" mitigation (see below) has been applied to protect the
70    Note that User->User mitigation is controlled by how the IBPB aspect in
71    the Spectre v2 mitigation is selected:
85  * 'Mitigation: Safe RET':
87    Combined microcode/software mitigation. It complements the
93  * 'Mitigation: IBPB':
100  * 'Mitigation: IBPB on VMEXIT':
102    Mitigation addressing the cloud provider scenario - the Guest->Host
122 Considering the performance implications of each mitigation type, the
123 default one is 'Mitigation: safe RET' which should take care of most
132 As one can surmise, 'Mitigation: safe RET' does come at the cost of some
135 disable the mitigation with spec_rstack_overflow=off.
137 Similarly, 'Mitigation: IBPB' is another full mitigation type employing
139 microcode patch for one's system. This mitigation comes also at
142 Mitigation: Safe RET
145 The mitigation works by ensuring all RET instructions speculate to
151 To ensure the safety of this mitigation, the kernel must ensure that the
162 Checking the safe RET mitigation actually works
165 In case one wants to validate whether the SRSO safe RET mitigation works
208 vs the case when the mitigation is disabled (spec_rstack_overflow=off)