Yes! -THE- reason I don't post at [H]ardOCP anymore....

Then we have to decide when "once" will happen. When you install a kernel with such support for the first time would of course be the natural answer, but then how will the system know when that is the case, perhaps you jumped over one kernel version or compile you own kernels and so on.

So next who ever asks this question must now have root access to /etc/default/grub/ (distribution specific path) and set some flag that indicates that it already asked the question (it cannot just scan the boot flags since the non-existence of the flag could be both that you answered "yes enable" or that you haven't answered it yet).

So now what to do if the performance penalty goes away, shouldn't this software somehow handle it and reenable it to increase the security. And so on.

Yes a lot of stupid ramblings, but the original premise was "how hard can it be" and I would say that it would actually be quite hard and complex if you don't want to be trapped in some odd behaviour. So much simpler to just tell the end user to add "spectre_v2=off nopti" to GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub.

But "whah, whah I don't want to have to use that hard to use terminal" well then perhaps you also might be precise the kind of user that really needs to have this feature enabled by default.

Well technically we can build a 6502/6510 without the JAM/KIL/HLT opcode. Myself I would rather go up to MC680x0 so we would have access to a real set of registers and also 32-bit data width. Huge benefit there would be to have access to a proper and beautiful set of opcodes instead of the insanity that is x86. I have a 33Mhz 68030 in the basement that ran like a beast back in the day so I can live with that no problem.

I think you are really over-complicating this. Are you telling me you've never been prompted for a question when updating or installing software, regardless of platform?
Uh... you also need root access to do the vast majority of work during an update or install process and it's pretty common practice for various distributions to make tweaks to your grub.cfg, so I'm not sure what you're getting at here.
I agree.

Oh I have, never once though but every single time I performed an update of said software. I've also developed tons of software that does this and thus have experience on all the various things that can go wrong with something that on the surface looks very simple but in reality isn't quite so uncomplicated if you want to handle every corner case and make every user as happy as possible.

I do hope the full mitigation kernel flags for Spectre v2, v4, and L1TF are all combined into one flag called yolo2018.

Some package managers will do this, others are painless. I prefer pacman, which just appends '.pacnew' to the new file's name (along with a note to stdout). It really annoys me when I come back to an aptitude machine and instead of being finished it's only just started and then stopped at a silly prompt.

Ya did the right thing, I'd rather have an opt-in approach and have my system running faster than a huge performance hit.

The instructions have been there from the factory, but with microcode updates the issues can and have been mitigated.

May have lost the boys, but haven't lost the men.