The retbleed=stuff mitigation is only applicable for Intel CPUs affected
by retbleed.  If this option is selected for another vendor, print a
warning and fall back to the AUTO option.

Signed-off-by: David Kaplan <david.kaplan@amd.com>
---
 arch/x86/kernel/cpu/bugs.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 72e04938fdcb..84d3f6b3d1eb 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -1187,6 +1187,10 @@ static void __init retbleed_select_mitigation(void)
 	case RETBLEED_CMD_STUFF:
 		if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) &&
 		    spectre_v2_enabled == SPECTRE_V2_RETPOLINE) {
+			if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL) {
+				pr_err("WARNING: retbleed=stuff only supported for Intel CPUs.\n");
+				goto do_cmd_auto;
+			}
 			retbleed_mitigation = RETBLEED_MITIGATION_STUFF;
 
 		} else {
-- 
2.34.1

On Fri, Apr 18, 2025 at 11:17:14AM -0500, David Kaplan wrote:
> The retbleed=stuff mitigation is only applicable for Intel CPUs affected
> by retbleed.  If this option is selected for another vendor, print a
> warning and fall back to the AUTO option.
> 
> Signed-off-by: David Kaplan <david.kaplan@amd.com>
> ---
>  arch/x86/kernel/cpu/bugs.c | 4 ++++
>  1 file changed, 4 insertions(+)
> 
> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
> index 72e04938fdcb..84d3f6b3d1eb 100644
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -1187,6 +1187,10 @@ static void __init retbleed_select_mitigation(void)
>  	case RETBLEED_CMD_STUFF:
>  		if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) &&
>  		    spectre_v2_enabled == SPECTRE_V2_RETPOLINE) {
> +			if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL) {
> +				pr_err("WARNING: retbleed=stuff only supported for Intel CPUs.\n");
> +				goto do_cmd_auto;
> +			}

Right, the reason it is possible to select this mitigation on other
vendors is purely to be able to experiment with the different mitigation
techniques.

But I've never considered that ability to be particularly useful - and
even if, if you wanna do that, you might as well hack the kernel too.

So yeah, I guess it is better to not allow non-sensical mitigations.

Thx.

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

The following commit has been merged into the x86/bugs branch of tip:

Commit-ID:     83d4b19331f3a5d5829d338a0a64b69c9c28b36e
Gitweb:        https://git.kernel.org/tip/83d4b19331f3a5d5829d338a0a64b69c9c28b36e
Author:        David Kaplan <david.kaplan@amd.com>
AuthorDate:    Fri, 18 Apr 2025 11:17:14 -05:00
Committer:     Borislav Petkov (AMD) <bp@alien8.de>
CommitterDate: Mon, 28 Apr 2025 19:55:50 +02:00

x86/bugs: Allow retbleed=stuff only on Intel

The retbleed=stuff mitigation is only applicable for Intel CPUs affected
by retbleed.  If this option is selected for another vendor, print a
warning and fall back to the AUTO option.

Signed-off-by: David Kaplan <david.kaplan@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Josh Poimboeuf <jpoimboe@kernel.org>
Link: https://lore.kernel.org/20250418161721.1855190-10-david.kaplan@amd.com
---
 arch/x86/kernel/cpu/bugs.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 1a42abb..7edf429 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -1191,6 +1191,10 @@ static void __init retbleed_select_mitigation(void)
 	case RETBLEED_CMD_STUFF:
 		if (IS_ENABLED(CONFIG_MITIGATION_CALL_DEPTH_TRACKING) &&
 		    spectre_v2_enabled == SPECTRE_V2_RETPOLINE) {
+			if (boot_cpu_data.x86_vendor != X86_VENDOR_INTEL) {
+				pr_err("WARNING: retbleed=stuff only supported for Intel CPUs.\n");
+				goto do_cmd_auto;
+			}
 			retbleed_mitigation = RETBLEED_MITIGATION_STUFF;
 
 		} else {