Re: [PATCH] x86/bugs: Fix handling when srso mitigation is disabled

From: Josh Poimboeuf
Date: Wed Sep 04 2024 - 13:02:35 EST


On Wed, Sep 04, 2024 at 10:07:11AM -0500, David Kaplan wrote:
> When the srso mitigation is disabled, either via mitigations=off or
> spec_rstack_overflow=off, SBPB should be used instead of IBPB if
> possible. Additionally, move the check earlier in the function so no
> warning is printed about the lack of IBPB-enhancing microcode since the
> user has turned off the mitigation.
>
> Signed-off-by: David Kaplan <david.kaplan@xxxxxxx>
> ---
> arch/x86/kernel/cpu/bugs.c | 14 +++++---------
> 1 file changed, 5 insertions(+), 9 deletions(-)
>
> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> index 189840db2f8d..10d0775e7aa5 100644
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -2557,10 +2557,9 @@ static void __init srso_select_mitigation(void)
> {
> bool has_microcode = boot_cpu_has(X86_FEATURE_IBPB_BRTYPE);
>
> - if (cpu_mitigations_off())
> - return;
> -
> - if (!boot_cpu_has_bug(X86_BUG_SRSO)) {
> + if (!boot_cpu_has_bug(X86_BUG_SRSO) ||
> + cpu_mitigations_off() ||
> + srso_cmd == SRSO_CMD_OFF) {

These last two lines should be properly indented by shifting left one
space:

if (!boot_cpu_has_bug(X86_BUG_SRSO) ||
cpu_mitigations_off() ||
srso_cmd == SRSO_CMD_OFF) {

Otherwise,

Acked-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>

--
Josh