| Message ID | a305206cd08cde28c46a1ef19f5668a3fff9b013.1743617897.git.jpoimboe@kernel.org (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | x86/bugs: RSB mitigation fixes and documentation | expand |
On 2.04.25 г. 21:19 ч., Josh Poimboeuf wrote: > eIBRS protects against guest->host RSB underflow/poisoning attacks. > Adding retpoline to the mix doesn't change that. Retpoline has a > balanced CALL/RET anyway. > > So the current full RSB filling on VMEXIT with eIBRS+retpoline is > overkill. Disable it or do the VMEXIT_LITE mitigation if needed. > > Suggested-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> > Reviewed-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com> > Reviewed-by: Amit Shah <amit.shah@amd.com> > Signed-off-by: Josh Poimboeuf <jpoimboe@kernel.org> Reviewed-by: Nikolay Borisov <nik.borisov@suse.com>
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 9f9637cff7a3..354411fd4800 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1617,20 +1617,20 @@ static void __init spectre_v2_determine_rsb_fill_type_at_vmexit(enum spectre_v2_ case SPECTRE_V2_NONE: return; - case SPECTRE_V2_EIBRS_LFENCE: case SPECTRE_V2_EIBRS: + case SPECTRE_V2_EIBRS_LFENCE: + case SPECTRE_V2_EIBRS_RETPOLINE: if (boot_cpu_has_bug(X86_BUG_EIBRS_PBRSB)) { - setup_force_cpu_cap(X86_FEATURE_RSB_VMEXIT_LITE); pr_info("Spectre v2 / PBRSB-eIBRS: Retire a single CALL on VMEXIT\n"); + setup_force_cpu_cap(X86_FEATURE_RSB_VMEXIT_LITE); } return; - case SPECTRE_V2_EIBRS_RETPOLINE: case SPECTRE_V2_RETPOLINE: case SPECTRE_V2_LFENCE: case SPECTRE_V2_IBRS: - setup_force_cpu_cap(X86_FEATURE_RSB_VMEXIT); pr_info("Spectre v2 / SpectreRSB : Filling RSB on VMEXIT\n"); + setup_force_cpu_cap(X86_FEATURE_RSB_VMEXIT); return; }