Quoting Abodunrin, Akeem G (2021-01-11 20:58:42) > > > > -----Original Message----- > > From: Intel-gfx <intel-gfx-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of Chris > > Wilson > > Sent: Sunday, January 10, 2021 7:04 AM > > To: intel-gfx@xxxxxxxxxxxxxxxxxxxxx > > Cc: stable@xxxxxxxxxxxxxxx; Chris Wilson <chris@xxxxxxxxxxxxxxxxxx> > > Subject: [PATCH 03/11] drm/i915: Allow the sysadmin to override > > security mitigations > > > > The clear-residuals mitigation is a relatively heavy hammer and under some > > circumstances the user may wish to forgo the context isolation in order to > > meet some performance requirement. Introduce a generic module parameter > > to allow selectively enabling/disabling different mitigations. > Although this seems like ideal solution - giving users option to choose *potential* performance over security or vice-versa - However, I would have expected that this patch adds a DRM warning to inform users of the consequences of their action, whenever module parameter is used to disable any kind of mitigations. Well, that is my own perspective, not as a legal expert. It's marked as unsafe; setting this parameter will issue a notice and taint the kernel. That should be enough to warn of the consequences of their actions, without going into the gruesome details. I very briefly considered a few pr_warn_once() for each disabled mitigation, but I am not sure what we should say to the user. -Chris _______________________________________________ Intel-gfx mailing list Intel-gfx@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/intel-gfx
