Re: [PATCH] x86/srso: Correct the mitigation status when SMT is disabled

From: Josh Poimboeuf
Date: Wed Aug 16 2023 - 14:30:20 EST


On Wed, Aug 16, 2023 at 07:35:31PM +0200, Borislav Petkov wrote:
> On Wed, Aug 16, 2023 at 09:07:57AM -0700, Josh Poimboeuf wrote:
> > In this case srso_show_state() is never called, so the following code
> > can't run:
> >
> > + if (boot_cpu_has(X86_FEATURE_SRSO_NO)) {
> > + if (sched_smt_active())
> > + return sysfs_emit(buf, "Not affected\n");
>
> Ofc it can. If something has set X86_FEATURE_SRSO_NO early, before the
> bug bits detection happens, then you get:
>
> $ cat /sys/devices/system/cpu/vulnerabilities/spec_rstack_overflow
> Not affected

No, if the bug bit isn't set then that comes from cpu_show_common():

static ssize_t cpu_show_common(struct device *dev, struct device_attribute *attr,
char *buf, unsigned int bug)
{
if (!boot_cpu_has_bug(bug))
return sysfs_emit(buf, "Not affected\n");

--
Josh