On Tue, 13 Aug 2019 23:21:15 +0200 Borislav Petkov wrote: > You have to consider that some of those are addressed by a single mitigation like MDS
That could be clarified like: vulnerability1 - mitigation MDS vulnerability2 - mitigation MDS vulnerability3 - mitigation 3 (another mitigation) ... > the mitigation for others like lazy FPU restore is not even present > in /sys/devices/system/cpu/vulnerabilities/. Then it could be a file with content saying "No mitigation". > Also, depending on the CPU, some are not even affected. That could say "Not affected" (which AFAIK is the case for some cases). > So maintaining this in the kernel is unnecessary to say the least. Knowing that there is no mitigation or that a CPU is not affected is quite different from not knowing anything. So I don't see why you conclude that knowledge is unnecessary.
