Re: [PATCH] x86/bugs: Default retbleed to =stuff when retpoline is auto enabled
From: Josh Poimboeuf
Date: Fri Feb 09 2024 - 19:40:31 EST
On Fri, Feb 09, 2024 at 12:33:46PM -0800, Pawan Gupta wrote:
> On Fri, Feb 09, 2024 at 10:56:25AM -0800, Josh Poimboeuf wrote:
> > On Thu, Feb 08, 2024 at 05:12:15PM -0800, Pawan Gupta wrote:
> > > + spectre_v2_enabled == SPECTRE_V2_RETPOLINE) {
> > > + if (IS_ENABLED(CONFIG_CALL_DEPTH_TRACKING))
> > > + retbleed_mitigation = RETBLEED_MITIGATION_STUFF;
> > > + else
> > > + pr_err("WARNING: Retpoline enabled, but kernel not compiled with CALL_DEPTH_TRACKING.\n");
> >
> > If retbleed is vulnerable then the sysfs file should show that.
>
> It does shows vulnerable, retbleed_mitigation is not set to
> RETBLEED_MITIGATION_STUFF for CONFIG_CALL_DEPTH_TRACKING=n.
Ah right, in that case retbleed_mitigation still has its initialized
value of RETBLEED_MITIGATION_NONE.
> > Also, I think this pr_err() is redundant with RETBLEED_INTEL_MSG and can
> > be removed.
>
> IMO, they both serve a different purpose, RETBLEED_INTEL_MSG is a
> generic warning, and the message with !CONFIG_CALL_DEPTH_TRACKING hints
> a corrective action.
>
> If you look at "case RETBLEED_CMD_STUFF" it also prints a separate warning for
> !CONFIG_CALL_DEPTH_TRACKING:
Yep, makes sense.
--
Josh