From nobody Tue Apr 7 05:42:49 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6D011ECAAA1 for ; Wed, 31 Aug 2022 00:10:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230502AbiHaAKL (ORCPT ); Tue, 30 Aug 2022 20:10:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46370 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229740AbiHaAKJ (ORCPT ); Tue, 30 Aug 2022 20:10:09 -0400 Received: from mga06.intel.com (mga06b.intel.com [134.134.136.31]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 62FE31FCC0; Tue, 30 Aug 2022 17:10:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1661904608; x=1693440608; h=date:from:to:cc:subject:message-id:mime-version; bh=ycqr6beUoX/Dkc6cppmDzo9xRaG5F1v6sGpb+uApczQ=; b=gefjYgJBGkPdtNEw+b4lSuvdrtOSsLwtXY6uT/u18887roZw6Rp5Gd4V JPqXRn8iMueEYjS6+0cP2QMyKQcfUhgD8pO53PfQm/bNPLJjchbOTdC0I Tmsp57+DHQa/RQqeZnuyf1TzhvbPHCjoqQnnfaszKsqXDKtZYzzuoVJ4O Q/PGyLrzLU0la5dhswhhWdFjViiaZLeFYx7sZMGTitJcwgwsPsQSJBZJP pjFVg/w3tLHalGH4qTHbVc1NIsu6fjfGX2yfn305Uysmmj4znP7ljmEq/ 8A1gMqStjb/yBtPxeznHJvmjKlL0NcDUY7MtSDicVPoyTTIYQsLwqchTf Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10455"; a="357052788" X-IronPort-AV: E=Sophos;i="5.93,276,1654585200"; d="scan'208";a="357052788" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga104.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Aug 2022 17:10:08 -0700 X-IronPort-AV: E=Sophos;i="5.93,276,1654585200"; d="scan'208";a="641625500" Received: from skanpuri-mobl1.amr.corp.intel.com (HELO desk) ([10.212.18.137]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Aug 2022 17:10:07 -0700 Date: Tue, 30 Aug 2022 17:10:06 -0700 From: Pawan Gupta To: Jonathan Corbet , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , x86@kernel.org, "H. Peter Anvin" Cc: linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, antonio.gomez.iglesias@linux.intel.com, Daniel Sneddon Subject: [PATCH] x86/bugs: Fix retbleed reporting "Vulnerable" when spectre_v2=ibrs Message-ID: MIME-Version: 1.0 Content-Disposition: inline Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" With cmdline "spectre_v2=3Dibrs retbleed=3Doff" sysfs reports vulnerable to retbleed: $ cat /sys/devices/system/cpu/vulnerabilities/retbleed Vulnerable On Intel CPUs when IBRS or Enhanced IBRS is enabled, system is not vulnerable to retbleed. Even if a user has passed retbleed=3Doff, mitigation for retbleed could be deployed as part of spectre_v2 mitigation. Fix retbleed reporting for such a case. Fixes: 6ad0ad2bf8a6 ("x86/bugs: Report Intel retbleed vulnerability") Reported-by: Antonio Gomez Iglesias Signed-off-by: Pawan Gupta Cc: stable@vger.kernel.org --- .../admin-guide/kernel-parameters.txt | 4 +++- arch/x86/kernel/cpu/bugs.c | 19 +++++++++++-------- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentatio= n/admin-guide/kernel-parameters.txt index 426fa892d311..70447979111c 100644 --- a/Documentation/admin-guide/kernel-parameters.txt +++ b/Documentation/admin-guide/kernel-parameters.txt @@ -5280,7 +5280,9 @@ cessors that support it, and mitigate SMT on processors that don't. =20 - off - no mitigation + off - no mitigation. Overridden when + spectre_v2 mitigation already mitigates + retbleed. auto - automatically select a migitation auto,nosmt - automatically select a mitigation, disabling SMT if necessary for diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index da7c361f47e0..02f4e0a2f725 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -778,6 +778,14 @@ early_param("nospectre_v1", nospectre_v1_cmdline); static enum spectre_v2_mitigation spectre_v2_enabled __ro_after_init =3D SPECTRE_V2_NONE; =20 +static inline bool spectre_v2_in_ibrs_mode(enum spectre_v2_mitigation mode) +{ + return mode =3D=3D SPECTRE_V2_IBRS || + mode =3D=3D SPECTRE_V2_EIBRS || + mode =3D=3D SPECTRE_V2_EIBRS_RETPOLINE || + mode =3D=3D SPECTRE_V2_EIBRS_LFENCE; +} + #undef pr_fmt #define pr_fmt(fmt) "RETBleed: " fmt =20 @@ -856,6 +864,9 @@ static void __init retbleed_select_mitigation(void) =20 switch (retbleed_cmd) { case RETBLEED_CMD_OFF: + if (spectre_v2_in_ibrs_mode(spectre_v2_enabled) && + boot_cpu_data.x86_vendor =3D=3D X86_VENDOR_INTEL) + goto do_cmd_auto; return; =20 case RETBLEED_CMD_UNRET: @@ -1095,14 +1106,6 @@ spectre_v2_parse_user_cmdline(void) return SPECTRE_V2_USER_CMD_AUTO; } =20 -static inline bool spectre_v2_in_ibrs_mode(enum spectre_v2_mitigation mode) -{ - return mode =3D=3D SPECTRE_V2_IBRS || - mode =3D=3D SPECTRE_V2_EIBRS || - mode =3D=3D SPECTRE_V2_EIBRS_RETPOLINE || - mode =3D=3D SPECTRE_V2_EIBRS_LFENCE; -} - static void __init spectre_v2_user_select_mitigation(void) { base-commit: b90cb1053190353cc30f0fef0ef1f378ccc063c5 --=20 2.37.2