Re: [PATCH 1/3] cpu/bugs: Fix selecting Automatic IBRS using spectre_v2=eibrs

[Borislav Petkov]

On February 24, 2026 6:22:36 PM UTC, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
>On 2/24/26 10:01, Kim Phillips wrote:
>> @@ -2136,7 +2136,8 @@ static void __init spectre_v2_select_mitigation(void)
>>  	if ((spectre_v2_cmd == SPECTRE_V2_CMD_EIBRS ||
>>  	     spectre_v2_cmd == SPECTRE_V2_CMD_EIBRS_LFENCE ||
>>  	     spectre_v2_cmd == SPECTRE_V2_CMD_EIBRS_RETPOLINE) &&
>> -	    !boot_cpu_has(X86_FEATURE_IBRS_ENHANCED)) {
>> +	    !(boot_cpu_has(X86_FEATURE_IBRS_ENHANCED) ||
>> +	      boot_cpu_has(X86_FEATURE_AUTOIBRS))) {
>>  		pr_err("EIBRS selected but CPU doesn't have Enhanced or Automatic IBRS. Switching to AUTO select\n");
>>  		spectre_v2_cmd = SPECTRE_V2_CMD_AUTO;
>>  	}
>
>Didn't we agree to just use the "Intel feature" name? See this existing
>code:
>
>>         /*
>>          * AMD's AutoIBRS is equivalent to Intel's eIBRS - use the Intel feature
>>          * flag and protect from vendor-specific bugs via the whitelist.
>>          *
>>          * Don't use AutoIBRS when SNP is enabled because it degrades host
>>          * userspace indirect branch performance.
>>          */
>>         if ((x86_arch_cap_msr & ARCH_CAP_IBRS_ALL) ||
>>             (cpu_has(c, X86_FEATURE_AUTOIBRS) &&
>>              !cpu_feature_enabled(X86_FEATURE_SEV_SNP))) {
>>                 setup_force_cpu_cap(X86_FEATURE_IBRS_ENHANCED);
>>                 if (!cpu_matches(cpu_vuln_whitelist, NO_EIBRS_PBRSB) &&
>>                     !(x86_arch_cap_msr & ARCH_CAP_PBRSB_NO))
>>                         setup_force_cpu_bug(X86_BUG_EIBRS_PBRSB);
>>         }
>
>You're probably not seeing X86_FEATURE_IBRS_ENHANCED because it doesn't
>get forced under SNP.

Set the Intel flag somewhere in the SNP init path...?
-- 
Small device. Typos and formatting crap