6.16-stable review patch. If anyone has any objections, please let me know.
------------------
From: Pawan Gupta pawan.kumar.gupta@linux.intel.com
[ Upstream commit ab9f2388e0b99cd164ddbd74a6133d3070e2788d ]
After a recent restructuring of the ITS mitigation, RSB stuffing can no longer be enabled in eIBRS+Retpoline mode. Before ITS, retbleed mitigation only allowed stuffing when eIBRS was not enabled. This was perfectly fine since eIBRS mitigates retbleed.
However, RSB stuffing mitigation for ITS is still needed with eIBRS. The restructuring solely relies on retbleed to deploy stuffing, and does not allow it when eIBRS is enabled. This behavior is different from what was before the restructuring. Fix it by allowing stuffing in eIBRS+retpoline mode also.
Fixes: 61ab72c2c6bf ("x86/bugs: Restructure ITS mitigation") Closes: https://lore.kernel.org/lkml/20250519235101.2vm6sc5txyoykb2r@desk/ Signed-off-by: Pawan Gupta pawan.kumar.gupta@linux.intel.com Signed-off-by: Borislav Petkov (AMD) bp@alien8.de Link: https://lore.kernel.org/20250611-eibrs-fix-v4-7-5ff86cac6c61@linux.intel.com Signed-off-by: Sasha Levin sashal@kernel.org --- arch/x86/kernel/cpu/bugs.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index 0426500307f0..f2721801d8d4 100644 --- a/arch/x86/kernel/cpu/bugs.c +++ b/arch/x86/kernel/cpu/bugs.c @@ -1131,7 +1131,8 @@ static inline bool cdt_possible(enum spectre_v2_mitigation mode) !IS_ENABLED(CONFIG_MITIGATION_RETPOLINE)) return false;
- if (mode == SPECTRE_V2_RETPOLINE) + if (mode == SPECTRE_V2_RETPOLINE || + mode == SPECTRE_V2_EIBRS_RETPOLINE) return true;
return false; @@ -1286,7 +1287,7 @@ static void __init retbleed_update_mitigation(void)
if (retbleed_mitigation == RETBLEED_MITIGATION_STUFF && !cdt_possible(spectre_v2_enabled)) { - pr_err("WARNING: retbleed=stuff depends on spectre_v2=retpoline\n"); + pr_err("WARNING: retbleed=stuff depends on retpoline\n"); retbleed_mitigation = RETBLEED_MITIGATION_NONE; }
@@ -1459,6 +1460,7 @@ static void __init its_update_mitigation(void) its_mitigation = ITS_MITIGATION_OFF; break; case SPECTRE_V2_RETPOLINE: + case SPECTRE_V2_EIBRS_RETPOLINE: /* Retpoline+CDT mitigates ITS */ if (retbleed_mitigation == RETBLEED_MITIGATION_STUFF) its_mitigation = ITS_MITIGATION_RETPOLINE_STUFF;