Re: [PATCH v3 12/35] x86/bugs: Restructure retbleed mitigation
From: Borislav Petkov
Date: Mon Feb 24 2025 - 10:54:08 EST
On Wed, Jan 08, 2025 at 02:24:52PM -0600, David Kaplan wrote:
> +static void __init retbleed_update_mitigation(void)
> +{
> + if (!boot_cpu_has_bug(X86_BUG_RETBLEED) || cpu_mitigations_off())
> + return;
>
> - break;
> + if (retbleed_mitigation == RETBLEED_MITIGATION_NONE)
> + goto out;
> + /*
> + * Let IBRS trump all on Intel without affecting the effects of the
> + * retbleed= cmdline option except for call depth based stuffing
> + */
> + if (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL) {
> + switch (spectre_v2_enabled) {
> + case SPECTRE_V2_IBRS:
> + retbleed_mitigation = RETBLEED_MITIGATION_IBRS;
> + break;
> + case SPECTRE_V2_EIBRS:
> + case SPECTRE_V2_EIBRS_RETPOLINE:
> + case SPECTRE_V2_EIBRS_LFENCE:
> + retbleed_mitigation = RETBLEED_MITIGATION_EIBRS;
> + break;
> + default:
> + if (retbleed_mitigation != RETBLEED_MITIGATION_STUFF)
> + pr_err(RETBLEED_INTEL_MSG);
> + }
> }
>
> + if (retbleed_mitigation == RETBLEED_MITIGATION_STUFF) {
> + if (spectre_v2_enabled != SPECTRE_V2_RETPOLINE) {
> + pr_err("WARNING: retbleed=stuff depends on spectre_v2=retpoline\n");
> + retbleed_mitigation = RETBLEED_MITIGATION_AUTO;
> + /* Try again */
> + retbleed_select_mitigation();
Err, why?
spectre_v2 and spectre_v2_enabled cannot change anymore - the select function
has set them. Why try again here?
This kinda defeats the whole purpose of having the select -> update -> apply
rounds...
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette