> If you want an answer to something, please formulate it as an > exact question. - Why are L1TF and Meltdown not mitigated in kernel-default but only in kernel-pae? - Is it possible to mitigate MDS and 'Spec store bypass' through kernel or only through microcode? - Can L1TF, MDS or 'Spec store bypass' be exploited through web JavaScript, like shown in the video/papers? > AFAIU, you're asking whether you can do something additional as a user > in case Spectre and Meltdown are not mitigated on your CPU. But they > *are* mitigated, on *your* machine: The 2-part general question asked on LKML is about any system with a vulnerable CPU hradware. It arises from the following: A. Mitigations for some systems may not exist B. Mitigations may exist but they are not complete fixes, as papers say C. Browser-level mitigations are like B. Therefore: D. Web JavaScript (and WebAssemby) can be dangerous and one cannot possibly verify manually each and every script while browsing the web E. Unfortunately there are websites which don't work with JS disabled Based on that I have formulated the 2 questions on LKML: https://lkml.org/lkml/2019/12/8/205