CONFIG_DISABLE_SSBD

Disable Speculative Store Bypass

Type: bool

Help

This option will disable Speculative Store Bypass in order to mitigate against certain kinds of side channel attacks. Quoting the “Speculative Execution Side Channels” document, version 2.0:

When SSBD is set, loads will not execute speculatively until the addresses of all older stores are known. This ensure s that a load does not speculatively consume stale data values due to bypassing an older store on the same logical processor.

If enabled, this applies to all threads in the system.

Even if enabled, will have no effect on CPUs that do not require this feature.

Direct dependencies

USERSPACE && X86

(Includes any dependencies from if’s and menus.)

Defaults

Kconfig definition

At arch/x86/core/Kconfig:66

Included via Kconfig:10Kconfig.zephyr:29arch/Kconfig:15arch/x86/Kconfig:14

Menu path: (top menu) → X86 Architecture Options

config DISABLE_SSBD
    bool
    prompt "Disable Speculative Store Bypass" if USERSPACE && X86
    default "y" if !X86_NO_SPECTRE_V4 && USERSPACE && X86
    depends on USERSPACE && X86
    help
      This option will disable Speculative Store Bypass in order to
      mitigate against certain kinds of side channel attacks.  Quoting
      the "Speculative Execution Side Channels" document, version 2.0:

          When SSBD is set, loads will not execute speculatively
          until the addresses of all older stores are known.  This
          ensure s that a load does not speculatively consume stale
          data values due to bypassing an older store on the same
          logical processor.

      If enabled, this applies to all threads in the system.

      Even if enabled, will have no effect on CPUs that do not
      require this feature.

(Definitions include propagated dependencies, including from if’s and menus.)