x86/bugs: Clarify that syscall hardening isn't a BHI mitigation

[linux-stable] / Documentation / admin-guide / hw-vuln / spectre.rst

diff --git a/Documentation/admin-guide/hw-vuln/spectre.rst b/Documentation/admin-guide/hw-vuln/spectre.rst
index d4f2606340741b56061ed8fd9575eb293c87de77..081f289008987370c57cf5ceafe385915d68c1e0 100644 (file)
--- a/Documentation/admin-guide/hw-vuln/spectre.rst
+++ b/Documentation/admin-guide/hw-vuln/spectre.rst
@@ -441,10 +441,10 @@ The possible values in this file are:
    - System is protected by BHI_DIS_S
  * - BHI: SW loop, KVM SW loop
    - System is protected by software clearing sequence
- * - BHI: Syscall hardening
-   - Syscalls are hardened against BHI
- * - BHI: Syscall hardening, KVM: SW loop
-   - System is protected from userspace attacks by syscall hardening; KVM is protected by software clearing sequence
+ * - BHI: Vulnerable
+   - System is vulnerable to BHI
+ * - BHI: Vulnerable, KVM: SW loop
+   - System is vulnerable; KVM is protected by software clearing sequence
 
 Full mitigation might require a microcode update from the CPU
 vendor. When the necessary microcode is not available, the kernel will
@@ -661,8 +661,7 @@ kernel command line.
        spectre_bhi=
 
                [X86] Control mitigation of Branch History Injection
-               (BHI) vulnerability. Syscalls are hardened against BHI
-               regardless of this setting. This setting affects the deployment
+               (BHI) vulnerability.  This setting affects the deployment
                of the HW BHI control and the SW BHB clearing sequence.
 
                on