On Tue, 20 Nov 2018, Tim Chen wrote: > diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt > index d2255f7..89b193c 100644 > --- a/Documentation/admin-guide/kernel-parameters.txt > +++ b/Documentation/admin-guide/kernel-parameters.txt > @@ -4227,12 +4227,17 @@ > and STIBP mitigations against Spectre V2 attacks. > If the CPU is not vulnerable, "off" is selected. > If the CPU is vulnerable, the default mitigation > - is "prctl". > + is architecture and Kconfig dependent. See below. > prctl - Enable mitigations per thread by restricting > indirect branch speculation via prctl. > Mitigation for a thread is not enabled by default to > avoid mitigation overhead. The state of > of the control is inherited on fork. > + seccomp - Same as "prctl" above, but all seccomp threads > + will disable SSB unless they explicitly opt out. As Dave already pointed out elsewhere -- the "SSB" here is probably a copy/paste error. It should read something along the lines of "... will restrict indirect branch speculation ..." Thanks, -- Jiri Kosina SUSE Labs
