Simplify the nested checks, remove redundant print and comment.

Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
---
 arch/x86/kernel/cpu/bugs.c | 24 ++++++++----------------
 1 file changed, 8 insertions(+), 16 deletions(-)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 19ff705b3128eacad5659990ed345d7a19bcb0f4..20d7d14b08298d4f610f2ebc7f13a490ee3d957a 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -1258,24 +1258,16 @@ static void __init retbleed_update_mitigation(void)
 	if (retbleed_mitigation == RETBLEED_MITIGATION_NONE)
 		goto out;
 
-	/*
-	 * retbleed=stuff is only allowed on Intel.  If stuffing can't be used
-	 * then a different mitigation will be selected below.
-	 *
-	 * its=stuff will also attempt to enable stuffing.
-	 */
-	if (retbleed_mitigation == RETBLEED_MITIGATION_STUFF ||
-	    its_mitigation == ITS_MITIGATION_RETPOLINE_STUFF) {
-		if (spectre_v2_enabled != SPECTRE_V2_RETPOLINE) {
-			pr_err("WARNING: retbleed=stuff depends on spectre_v2=retpoline\n");
-			retbleed_mitigation = RETBLEED_MITIGATION_AUTO;
-		} else {
-			if (retbleed_mitigation != RETBLEED_MITIGATION_STUFF)
-				pr_info("Retbleed mitigation updated to stuffing\n");
+	 /* ITS can also enable stuffing */
+	if (its_mitigation == ITS_MITIGATION_RETPOLINE_STUFF)
+		retbleed_mitigation = RETBLEED_MITIGATION_STUFF;
 
-			retbleed_mitigation = RETBLEED_MITIGATION_STUFF;
-		}
+	if (retbleed_mitigation == RETBLEED_MITIGATION_STUFF &&
+	    spectre_v2_enabled != SPECTRE_V2_RETPOLINE) {
+		pr_err("WARNING: retbleed=stuff depends on spectre_v2=retpoline\n");
+		retbleed_mitigation = RETBLEED_MITIGATION_AUTO;
 	}
+
 	/*
 	 * Let IBRS trump all on Intel without affecting the effects of the
 	 * retbleed= cmdline option except for call depth based stuffing

-- 
2.34.1

On Wed, May 21, 2025 at 07:44:37PM -0700, Pawan Gupta wrote:
> +	if (retbleed_mitigation == RETBLEED_MITIGATION_STUFF &&
> +	    spectre_v2_enabled != SPECTRE_V2_RETPOLINE) {
> +		pr_err("WARNING: retbleed=stuff depends on spectre_v2=retpoline\n");
> +		retbleed_mitigation = RETBLEED_MITIGATION_AUTO;

What would be the next-best thing fallback for this, short of disabling the
mitigation?

UNRET, IBPB?

I would prefer if we look at STUFFing only when SPECTRE_V2_RETPOLINE - i.e.,
is it even possible.

If not, we fallback to another mitigation which is probably more expensive but
it is better than NONE...

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

On Thu, May 22, 2025 at 01:42:58PM +0200, Borislav Petkov wrote:
> On Wed, May 21, 2025 at 07:44:37PM -0700, Pawan Gupta wrote:
> > +	if (retbleed_mitigation == RETBLEED_MITIGATION_STUFF &&
> > +	    spectre_v2_enabled != SPECTRE_V2_RETPOLINE) {
> > +		pr_err("WARNING: retbleed=stuff depends on spectre_v2=retpoline\n");
> > +		retbleed_mitigation = RETBLEED_MITIGATION_AUTO;
> 
> What would be the next-best thing fallback for this, short of disabling the
> mitigation?
> 
> UNRET, IBPB?

Next best is IBRS/eIBRS, which also depends on spectre-v2 mitigation. So
NONE is fine here because the next code block will take care of selecting
the right mitigation.

> I would prefer if we look at STUFFing only when SPECTRE_V2_RETPOLINE - i.e.,
> is it even possible.

retbleed_update_mitigation() is the earliest we know that stuffing is
possible (when spectre-v2 has selected the mitigation).

> If not, we fallback to another mitigation which is probably more expensive but
> it is better than NONE...

Covered above.

On 5/22/25 05:44, Pawan Gupta wrote:
> Simplify the nested checks, remove redundant print and comment.
> 
> Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>

Reviewed-by: Nikolay Borisov <nik.borisov@suse.com>