On Sat, 6 Jan 2018, Alexei Starovoitov wrote: > So how about we do array_access() macro similar to above by default > with extra CONFIG_ to convert it to lfence ? > Why default to AND approach instead of lfence ? > Because the kernel should still be usable. If security > sacrifices performance so much such security will be turned off. > Ex: kpti suppose to add 5-30%. If it means 10% on production workload > and the datacenter capacity cannot grow 10% overnight, kpti will be off. That's the decision and responsibility of the person who disables it. Thanks, tglx
