Quoting Abodunrin, Akeem G (2021-01-11 20:58:42) > > > > -----Original Message----- > > From: Intel-gfx <intel-gfx-boun...@lists.freedesktop.org> On Behalf Of Chris > > Wilson > > Sent: Sunday, January 10, 2021 7:04 AM > > To: intel-gfx@lists.freedesktop.org > > Cc: sta...@vger.kernel.org; Chris Wilson <ch...@chris-wilson.co.uk> > > Subject: [Intel-gfx] [PATCH 03/11] drm/i915: Allow the sysadmin to override > > security mitigations > > > > The clear-residuals mitigation is a relatively heavy hammer and under some > > circumstances the user may wish to forgo the context isolation in order to > > meet some performance requirement. Introduce a generic module parameter > > to allow selectively enabling/disabling different mitigations.
> Although this seems like ideal solution - giving users option to choose > *potential* performance over security or vice-versa - However, I would have > expected that this patch adds a DRM warning to inform users of the > consequences of their action, whenever module parameter is used to disable > any kind of mitigations. Well, that is my own perspective, not as a legal > expert. It's marked as unsafe; setting this parameter will issue a notice and taint the kernel. That should be enough to warn of the consequences of their actions, without going into the gruesome details. I very briefly considered a few pr_warn_once() for each disabled mitigation, but I am not sure what we should say to the user. -Chris _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx
