Techly NewsGet the app

Get the latest tech news

Linux 6.12 Adds Build Options For Greater Control Over CPU Security Mitigations


Not to be confused with the proposal a few days ago by an AMD engineer for Attack Vector Controls for broader control over CPU security mitigation handling, the in-development Linux 6.12 kernel is adding new Kconfig options to allow for more build-time control over what CPU security mitigation code is compiled for the kernel.

The "x86/bugs" pull request was sent out for the Linux 6.12 merge window and its primary add is introducing separate Kconfig options for every possible hardware CPU mitigation. While you can run your kernel right now with "mitigations=off" or specifying other parameters to disable various CPU security mitigations at run-time, this is about allowing greater control of disabling different CPU security mitigations at kernel build time. His intention with the more fine-grained CPU security mitigation controls is for allowing users to only pick and compile the mitigations that are important to their workloads, making it easier to disable mitigations that might mangle the Assembly code generation and in turn making it harder to read/debug, and lastly:"3) Separate Kconfigs for just source code readability, so that we see *which* butt-ugly piece of crap code is for what reason..."

Get the Android app

Or read this on Phoronix

Read more on:

Photo of Linux

Linux

Photo of greater control

greater control

Photo of build options

build options

Related news:

News photo

Many Intel & AMD Power Management Improvements For Linux 6.12

News photo

How Raw sockets behave differently in macOS and Linux

News photo

Linux 6.12 Landing Integrity Policy Enforcement "IPE" Module

« Apple Intelligence will come to more languages over the next year
How to Keep Uber and Lyft Rides Affordable and Make Drivers Happy »