On 9/27/18 8:28 PM, Michal Soltys wrote:
That's not precisely like that - spectre & friends workarounds can be trivially disabled (e.g.: pti, spectre_v2, spec_store_bypass_disable, l1tf) - bringing "old" nominal performance back (whether good/bad idea, that of course depends on what/how you run your linux on for what purpose). Not mentioning cpus that will eventually come not needing those workarounds.
So in this context audit=0 is a very viable thing - if one (and that's probalby crushing majority of users) doesn't need this feature (directly or indirectly).
Even if you disable the mitigations, the fast path we're talking about here was simply deleted from linux.git -- it doesn't exist anymore, zero, zilch, squat, nada. -- Eli Schwartz Bug Wrangler and Trusted User