Re: [PATCHv6 01/16] x86/cpu: Enumerate the LASS feature bits

[Kirill A. Shutemov]

On Fri, Jun 20, 2025 at 08:29:43PM +0200, Borislav Petkov wrote:
> On Fri, Jun 20, 2025 at 08:33:36PM +0300, Kirill A. Shutemov wrote:
> > What is current policy around it ?
> 
> Documentation/arch/x86/cpuinfo.rst
> 
> > I think it is useful to advertise security features in cpuinfo.
> 
> Because who's going to consume them?
> 
> Don't get me wrong - I am trying to see whether the whole use case for this is
> well thought out. Because it becomes an ABI.
> 
> But if no one is going to use it, why bother?
> 
> Arguably, for this thing the argument would be - as it is put in that file
> above:
> 
> "So, the current use of /proc/cpuinfo is to show features which the
> kernel has *enabled* and *supports*."
> 
> as it has been enabled by machinery.
> 
> So that's ok. I'm just making sure we're on the same page and you're not
> aiming at something completely different with this.

What about this:

LASS provides protection against a class of speculative attacks, such as
SLAM[1]. Add the "lass" flag to /proc/cpuinfo to indicate that the feature
is supported by hardware and enabled by the kernel. This allows userspace
to determine if the setup is secure against such attacks.

[1] https://download.vusec.net/papers/slam_sp24.pdf

-- 
  Kiryl Shutsemau / Kirill A. Shutemov