[PATCH] x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled
@ 2025-05-13 11:04 Borislav Petkov
  2025-05-13 19:40 ` Kaplan, David
  2025-05-13 21:05 ` [tip: x86/core] " tip-bot2 for Borislav Petkov (AMD)
  0 siblings, 2 replies; 3+ messages in thread
From: Borislav Petkov @ 2025-05-13 11:04 UTC (permalink / raw)
  To: David Kaplan; +Cc: X86 ML, LKML, Borislav Petkov (AMD)

From: "Borislav Petkov (AMD)" <bp@alien8.de>

1f4bb068b498 ("x86/bugs: Restructure SRSO mitigation") does this:

  if (boot_cpu_data.x86 < 0x19 && !cpu_smt_possible()) {
          setup_force_cpu_cap(X86_FEATURE_SRSO_NO);
          srso_mitigation = SRSO_MITIGATION_NONE;
          return;
  }

and, in particular, sets srso_mitigation to NONE. This leads to
reporting

  Speculative Return Stack Overflow: Vulnerable

on Zen2 machines.

There's a far bigger confusion with what SRSO_NO means and how it is
used in the code but this will be a matter of future fixes and
restructuring to how the SRSO mitigation gets determined.

Fix the reporting issue for now.

Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Cc: David Kaplan <david.kaplan@amd.com>
---
 arch/x86/kernel/cpu/bugs.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 47c74c4ae206..dd8b50b4ceaa 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -2942,7 +2942,9 @@ static void __init srso_update_mitigation(void)
 	    boot_cpu_has(X86_FEATURE_IBPB_BRTYPE))
 		srso_mitigation = SRSO_MITIGATION_IBPB;
 
-	if (boot_cpu_has_bug(X86_BUG_SRSO) && !cpu_mitigations_off())
+	if (boot_cpu_has_bug(X86_BUG_SRSO) &&
+	    !cpu_mitigations_off() &&
+	    !boot_cpu_has(X86_FEATURE_SRSO_NO))
 		pr_info("%s\n", srso_strings[srso_mitigation]);
 }
 
-- 
2.43.0


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* RE: [PATCH] x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled
  2025-05-13 11:04 [PATCH] x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled Borislav Petkov
@ 2025-05-13 19:40 ` Kaplan, David
  2025-05-13 21:05 ` [tip: x86/core] " tip-bot2 for Borislav Petkov (AMD)
  1 sibling, 0 replies; 3+ messages in thread
From: Kaplan, David @ 2025-05-13 19:40 UTC (permalink / raw)
  To: Borislav Petkov; +Cc: X86 ML, LKML, Borislav Petkov (AMD)

[AMD Official Use Only - AMD Internal Distribution Only]

> -----Original Message-----
> From: Borislav Petkov <bp@kernel.org>
> Sent: Tuesday, May 13, 2025 6:04 AM
> To: Kaplan, David <David.Kaplan@amd.com>
> Cc: X86 ML <x86@kernel.org>; LKML <linux-kernel@vger.kernel.org>; Borislav
> Petkov (AMD) <bp@alien8.de>
> Subject: [PATCH] x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled
>
> Caution: This message originated from an External Source. Use proper caution
> when opening attachments, clicking links, or responding.
>
>
> From: "Borislav Petkov (AMD)" <bp@alien8.de>
>
> 1f4bb068b498 ("x86/bugs: Restructure SRSO mitigation") does this:
>
>   if (boot_cpu_data.x86 < 0x19 && !cpu_smt_possible()) {
>           setup_force_cpu_cap(X86_FEATURE_SRSO_NO);
>           srso_mitigation = SRSO_MITIGATION_NONE;
>           return;
>   }
>
> and, in particular, sets srso_mitigation to NONE. This leads to reporting
>
>   Speculative Return Stack Overflow: Vulnerable
>
> on Zen2 machines.
>
> There's a far bigger confusion with what SRSO_NO means and how it is used in the
> code but this will be a matter of future fixes and restructuring to how the SRSO
> mitigation gets determined.
>
> Fix the reporting issue for now.
>
> Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
> Cc: David Kaplan <david.kaplan@amd.com>
> ---
>  arch/x86/kernel/cpu/bugs.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c index
> 47c74c4ae206..dd8b50b4ceaa 100644
> --- a/arch/x86/kernel/cpu/bugs.c
> +++ b/arch/x86/kernel/cpu/bugs.c
> @@ -2942,7 +2942,9 @@ static void __init srso_update_mitigation(void)
>             boot_cpu_has(X86_FEATURE_IBPB_BRTYPE))
>                 srso_mitigation = SRSO_MITIGATION_IBPB;
>
> -       if (boot_cpu_has_bug(X86_BUG_SRSO) && !cpu_mitigations_off())
> +       if (boot_cpu_has_bug(X86_BUG_SRSO) &&
> +           !cpu_mitigations_off() &&
> +           !boot_cpu_has(X86_FEATURE_SRSO_NO))
>                 pr_info("%s\n", srso_strings[srso_mitigation]);  }
>
> --
> 2.43.0

LGTM.

Reviewed-by: David Kaplan <david.kaplan@amd.com>

--David Kaplan

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [tip: x86/core] x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled
  2025-05-13 11:04 [PATCH] x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled Borislav Petkov
  2025-05-13 19:40 ` Kaplan, David
@ 2025-05-13 21:05 ` tip-bot2 for Borislav Petkov (AMD)
  1 sibling, 0 replies; 3+ messages in thread
From: tip-bot2 for Borislav Petkov (AMD) @ 2025-05-13 21:05 UTC (permalink / raw)
  To: linux-tip-commits; +Cc: Borislav Petkov (AMD), David Kaplan, x86, linux-kernel

The following commit has been merged into the x86/core branch of tip:

Commit-ID:     891d3b8be32a69ae94d32e3f1e1ee01359020d49
Gitweb:        https://git.kernel.org/tip/891d3b8be32a69ae94d32e3f1e1ee01359020d49
Author:        Borislav Petkov (AMD) <bp@alien8.de>
AuthorDate:    Tue, 13 May 2025 13:04:05 +02:00
Committer:     Borislav Petkov (AMD) <bp@alien8.de>
CommitterDate: Tue, 13 May 2025 22:31:08 +02:00

x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled

1f4bb068b498 ("x86/bugs: Restructure SRSO mitigation") does this:

  if (boot_cpu_data.x86 < 0x19 && !cpu_smt_possible()) {
          setup_force_cpu_cap(X86_FEATURE_SRSO_NO);
          srso_mitigation = SRSO_MITIGATION_NONE;
          return;
  }

and, in particular, sets srso_mitigation to NONE. This leads to
reporting

  Speculative Return Stack Overflow: Vulnerable

on Zen2 machines.

There's a far bigger confusion with what SRSO_NO means and how it is
used in the code but this will be a matter of future fixes and
restructuring to how the SRSO mitigation gets determined.

Fix the reporting issue for now.

Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: David Kaplan <david.kaplan@amd.com>
Link: https://lore.kernel.org/20250513110405.15872-1-bp@kernel.org
---
 arch/x86/kernel/cpu/bugs.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index 47c74c4..dd8b50b 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -2942,7 +2942,9 @@ static void __init srso_update_mitigation(void)
 	    boot_cpu_has(X86_FEATURE_IBPB_BRTYPE))
 		srso_mitigation = SRSO_MITIGATION_IBPB;
 
-	if (boot_cpu_has_bug(X86_BUG_SRSO) && !cpu_mitigations_off())
+	if (boot_cpu_has_bug(X86_BUG_SRSO) &&
+	    !cpu_mitigations_off() &&
+	    !boot_cpu_has(X86_FEATURE_SRSO_NO))
 		pr_info("%s\n", srso_strings[srso_mitigation]);
 }
 

^ permalink raw reply related	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2025-05-13 21:06 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-05-13 11:04 [PATCH] x86/bugs: Fix SRSO reporting on Zen1/2 with SMT disabled Borislav Petkov
2025-05-13 19:40 ` Kaplan, David
2025-05-13 21:05 ` [tip: x86/core] " tip-bot2 for Borislav Petkov (AMD)

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.