On Thu, Oct 28, 2021 at 12:36:58PM -0700, Pawan Gupta wrote: > Isn't ARM already using CPU_SPECTRE for selecting things: > > config HARDEN_BRANCH_PREDICTOR > bool "Harden the branch predictor against aliasing attacks" if EXPERT > depends on CPU_SPECTRE > > This was the whole motivation for doing the same for x86. > > Adding a condition for all architectures is also okay, but its going to > a little messier: > > config BPF_UNPRIV_DEFAULT_OFF > default y if X86 || ARM || ... It doesn't have to be (but sadly we end up repeating "DEFAULT"): config BPF_UNPRIV_DEFAULT_OFF_DEFAULT bool config BPF_UNPRIV_DEFAULT_OFF bool "Disable unprivileged BPF by default" default BPF_UNPRIV_DEFAULT_OFF_DEFAULT Then architectures can select BPF_UNPRIV_DEFAULT_OFF_DEFAULT if they wish this to be defaulted to "yes". However, please note that this has limited use given that the BPF_UNPRIV_DEFAULT_OFF option has been around for a while now. Any existing configuration that mentions this symbol will override any default specified in the Kconfig files if the option is user-visible. So, IMHO, defaults need to be set correctly from the point in time that the option is introduced. -- RMK's Patch system: https://www.armlinux.org.uk/developer/patches/ FTTP is here! 40Mbps down 10Mbps up. Decent connectivity at last!
