From owner-svn-src-head@freebsd.org Fri Dec 6 14:58:57 2019 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 55ADC1CE01C; Fri, 6 Dec 2019 14:58:57 +0000 (UTC) (envelope-from eric@vangyzen.net) Received: from smtp.vangyzen.net (hotblack.vangyzen.net [IPv6:2607:fc50:1000:7400:216:3eff:fe72:314f]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47Twhd1PPZz4VlS; Fri, 6 Dec 2019 14:58:56 +0000 (UTC) (envelope-from eric@vangyzen.net) Received: from cerise.vangyzen.net (unknown [70.97.188.230]) by smtp.vangyzen.net (Postfix) with ESMTPSA id 341D65648D; Fri, 6 Dec 2019 08:58:50 -0600 (CST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3601.0.10\)) Subject: Re: svn commit: r355436 - in head/sys: amd64/amd64 x86/x86 From: Eric van Gyzen In-Reply-To: Date: Fri, 6 Dec 2019 08:58:48 -0600 Cc: Scott Long , src-committers , svn-src-all , svn-src-head Content-Transfer-Encoding: quoted-printable Message-Id: References: <201912060243.xB62h5So053092@repo.freebsd.org> To: Ed Maste X-Mailer: Apple Mail (2.3601.0.10) X-Rspamd-Queue-Id: 47Twhd1PPZz4VlS X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-6.00 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-0.998,0]; NEURAL_HAM_LONG(-1.00)[-0.999,0]; REPLY(-4.00)[] X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Dec 2019 14:58:57 -0000 > On Dec 6, 2019, at 4:36 AM, Ed Maste wrote: >=20 > On Thu, 5 Dec 2019 at 21:43, Scott Long wrote: >>=20 >> Author: scottl >> Date: Fri Dec 6 02:43:05 2019 >> New Revision: 355436 >> URL: https://svnweb.freebsd.org/changeset/base/355436 >>=20 >> Log: >> Move the mds, irbs, and ssb mitigation knobs into = machdep.mitigations. >=20 > If we're moving them and adding backwards-compatibility scaffolding we > really should correct the sense of the sysctls at the same time. I was just going to suggest that. For some, 0 is secure; for others, 1 = is secure. Since they=E2=80=99re under =E2=80=9Cmitigations,=E2=80=9D I = think 1 should consistently mean =E2=80=9Cmitigated.=E2=80=9D Eric=