If I understood information here correctly, you can currently play with following mitigations. More will surely show up over time.
|1||Intel||CVE-2017-5715||Disables Spectre Variant 2 mitigation|
|2||Intel||CVE-2017-5754||Disables Meltdown mitigation|
|8||Intel||CVE-2018-3639||Enables Speculative Store Bypass mitigation|
|64||AMD||CVE-2017-5715||Enable Spectre Variant 2 mitigation on AMD|
Combinational values that are seen
- 0 – enable Spectre/Meltdown on Intel
- 3 = 2 +1 – disable Spectre/Meltdown on Intel
By adding bits together, you could create your custom mitigations. For example:
- 72 = 64+8 enable all mitigations on all platforms.
- 11 = 8+2+1 enable CVE-2018-3639 but disable CVE-2017-5715 and CVE-2017-5754
I’m not sure if these values would make any sense or work at all but my guess is that they will not crash anything. By observation, i think each mitigation is optional and can be enabled atomatically if hardware/microcode supports it. I don’t have an AMD at hand but someone could try out these homebrew combinations.