The Attack Vector Controls work is now in Linux 6.17 for those new tuning knobs worked on by AMD engineer David Kaplan to make it more straight-forward for Linux server administrators and power users to more easily select the CPU security mitigations relevant to their system(s) and intended workloads
Title makes more sense in context of the first couple paragraphs.
Title make little sense to me.
A lot of the security fixes since spectre have focused on exploiting speculative execution (a key CPU performance feature) to cross security boundaries. Defeating speculative execution when switching from user to kernel space (for example) adds a lot of overhead.
The new kernel add controls so that machines that don’t need to worry about these exploits to disable the performance killing fixes.
