From: Sasha Levin <sashal@kernel.org>
To: patches@lists.linux.dev, stable@vger.kernel.org
Cc: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>,
Borislav Petkov <bp@alien8.de>, Sasha Levin <sashal@kernel.org>,
tglx@linutronix.de, peterz@infradead.org, jpoimboe@kernel.org
Subject: [PATCH AUTOSEL 6.12 50/69] x86/bugs: Avoid warning when overriding return thunk
Date: Sun, 3 Aug 2025 20:31:00 -0400 [thread overview]
Message-ID: <20250804003119.3620476-50-sashal@kernel.org> (raw)
In-Reply-To: <20250804003119.3620476-1-sashal@kernel.org>
From: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
[ Upstream commit 9f85fdb9fc5a1bd308a10a0a7d7e34f2712ba58b ]
The purpose of the warning is to prevent an unexpected change to the return
thunk mitigation. However, there are legitimate cases where the return
thunk is intentionally set more than once. For example, ITS and SRSO both
can set the return thunk after retbleed has set it. In both the cases
retbleed is still mitigated.
Replace the warning with an info about the active return thunk.
Suggested-by: Borislav Petkov <bp@alien8.de>
Signed-off-by: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/20250611-eibrs-fix-v4-3-5ff86cac6c61@linux.intel.com
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
LLM Generated explanations, may be completely bogus:
**YES**
This commit should be backported to stable kernel trees. Here's my
extensive analysis:
## Key Reasons for Backporting:
### 1. **Fixes a Real User-Visible Issue**
The code change shows that the original warning was triggering in
legitimate scenarios:
```c
- if (x86_return_thunk != __x86_return_thunk)
- pr_warn("x86/bugs: return thunk changed\n");
```
This warning would appear in kernel logs whenever multiple CPU
vulnerability mitigations interact, which is a normal and expected
behavior. The false positive warnings could:
- Cause unnecessary alarm for system administrators
- Clutter kernel logs with misleading information
- Potentially mask real issues by creating noise
### 2. **Small, Contained Change**
The commit is minimal and focused:
- Only modifies 3 lines of functional code
- Changes are confined to a single function (`set_return_thunk()`)
- Simply replaces a conditional warning with an unconditional info
message:
```c
+ pr_info("active return thunk: %ps\n", thunk);
```
### 3. **No Risk of Regression**
The change is safe because:
- It doesn't modify any security logic or mitigation behavior
- The function still sets the return thunk exactly as before
- The new info message provides better visibility into which mitigation
is active
- The `%ps` format specifier safely prints the function symbol name
### 4. **Addresses Security Mitigation Interactions**
The commit message explicitly states that "ITS and SRSO both can set the
return thunk after retbleed has set it" and that "retbleed is still
mitigated." This is important for stable kernels because:
- Multiple CVE mitigations (Retbleed, SRSO, ITS) need to coexist
- The warning was incorrectly flagging legitimate mitigation sequences
- Stable kernels need these mitigations to work together without false
alarms
### 5. **Part of Critical Security Infrastructure**
The x86/bugs subsystem handles CPU vulnerability mitigations for:
- CVE-2023-20569 (SRSO)
- CVE-2024-28956 (ITS)
- Retbleed vulnerabilities
These are critical security features that need to function correctly in
stable kernels.
### 6. **Improves Operational Visibility**
The new info message (`pr_info("active return thunk: %ps\n", thunk);`)
actually improves debugging and system monitoring by:
- Showing which specific return thunk is currently active
- Providing better audit trail for security mitigation changes
- Using proper function symbol printing with `%ps`
## Conclusion:
This commit meets all the criteria for stable backporting:
- Fixes a real issue (false positive warnings)
- Minimal risk (3-line change, no logic modifications)
- Improves system behavior without introducing new features
- Addresses interaction between critical security mitigations
- Makes the kernel more reliable and less confusing for operators
The change is particularly important for stable kernels that need to
support multiple CPU vulnerability mitigations simultaneously without
generating misleading warnings.
arch/x86/kernel/cpu/bugs.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/arch/x86/kernel/cpu/bugs.c b/arch/x86/kernel/cpu/bugs.c
index c2c7b76d953f..31b4b73e5405 100644
--- a/arch/x86/kernel/cpu/bugs.c
+++ b/arch/x86/kernel/cpu/bugs.c
@@ -71,10 +71,9 @@ void (*x86_return_thunk)(void) __ro_after_init = __x86_return_thunk;
static void __init set_return_thunk(void *thunk)
{
- if (x86_return_thunk != __x86_return_thunk)
- pr_warn("x86/bugs: return thunk changed\n");
-
x86_return_thunk = thunk;
+
+ pr_info("active return thunk: %ps\n", thunk);
}
/* Update SPEC_CTRL MSR and its cached copy unconditionally */
--
2.39.5
next prev parent reply other threads:[~2025-08-04 0:33 UTC|newest]
Thread overview: 71+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-04 0:30 [PATCH AUTOSEL 6.12 01/69] usb: xhci: print xhci->xhc_state when queue_command failed Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 02/69] platform/x86/amd: pmc: Add Lenovo Yoga 6 13ALC6 to pmc quirk list Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 03/69] cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 04/69] selftests/futex: Define SYS_futex on 32-bit architectures with 64-bit time_t Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 05/69] usb: typec: ucsi: psy: Set current max to 100mA for BC 1.2 and Default Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 06/69] regulator: core: repeat voltage setting request for stepped regulators Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 07/69] usb: xhci: Avoid showing warnings for dying controller Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 08/69] usb: xhci: Set avg_trb_len = 8 for EP0 during Address Device Command Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 09/69] usb: xhci: Avoid showing errors during surprise removal Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 10/69] firmware: qcom: scm: initialize tzmem before marking SCM as available Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 11/69] soc: qcom: rpmh-rsc: Add RSC version 4 support Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 12/69] ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 13/69] remoteproc: imx_rproc: skip clock enable when M-core is managed by the SCU Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 14/69] usb: typec: tcpm/tcpci_maxim: fix irq wake usage Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 15/69] pmdomain: ti: Select PM_GENERIC_DOMAINS Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 16/69] gpio: wcd934x: check the return value of regmap_update_bits() Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 17/69] cpufreq: Exit governor when failed to start old governor Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 18/69] cpufreq: intel_pstate: Add Granite Rapids support in no-HWP mode Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 19/69] ARM: rockchip: fix kernel hang during smp initialization Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 20/69] PM / devfreq: governor: Replace sscanf() with kstrtoul() in set_freq_store() Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 21/69] EDAC/synopsys: Clear the ECC counters on init Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 22/69] ASoC: soc-dapm: set bias_level if snd_soc_dapm_set_bias_level() was successed Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 23/69] thermal/drivers/qcom-spmi-temp-alarm: Enable stage 2 shutdown when required Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 24/69] tools/nolibc: define time_t in terms of __kernel_old_time_t Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 25/69] iio: adc: ad_sigma_delta: don't overallocate scan buffer Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 26/69] gpio: tps65912: check the return value of regmap_update_bits() Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 27/69] mfd: tps6594: Add TI TPS652G1 support Sasha Levin
2025-08-18 6:34 ` Michael Walle
2025-08-19 2:01 ` Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 28/69] ARM: tegra: Use I/O memcpy to write to IRAM Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 29/69] tools/build: Fix s390(x) cross-compilation with clang Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 30/69] selftests: tracing: Use mutex_unlock for testing glob filter Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 31/69] ACPI: PRM: Reduce unnecessary printing to avoid user confusion Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 32/69] firmware: arm_scmi: power_control: Ensure SCMI_SYSPOWER_IDLE is set early during resume Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 33/69] firmware: tegra: Fix IVC dependency problems Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 34/69] pwm: sifive: Fix PWM algorithm and clarify inverted compare behavior Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 35/69] PM: runtime: Clear power.needs_force_resume in pm_runtime_reinit() Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 36/69] thermal: sysfs: Return ENODATA instead of EAGAIN for reads Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 37/69] PM: sleep: console: Fix the black screen issue Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 38/69] ACPI: processor: fix acpi_object initialization Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 39/69] mmc: sdhci-msm: Ensure SD card power isn't ON when card removed Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 40/69] ACPI: APEI: GHES: add TAINT_MACHINE_CHECK on GHES panic path Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 41/69] selftests: vDSO: vdso_test_getrandom: Always print TAP header Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 42/69] pps: clients: gpio: fix interrupt handling order in remove path Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 43/69] reset: brcmstb: Enable reset drivers for ARCH_BCM2835 Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 44/69] char: misc: Fix improper and inaccurate error code returned by misc_init() Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 45/69] mei: bus: Check for still connected devices in mei_cl_bus_dev_release() Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 46/69] mmc: rtsx_usb_sdmmc: Fix error-path in sd_set_power_mode() Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 47/69] platform/chrome: cros_ec_sensorhub: Retries when a sensor is not ready Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 48/69] ALSA: hda: Handle the jack polling always via a work Sasha Levin
2025-08-04 0:30 ` [PATCH AUTOSEL 6.12 49/69] ALSA: hda: Disable jack polling at shutdown Sasha Levin
2025-08-04 0:31 ` Sasha Levin [this message]
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 51/69] ASoC: hdac_hdmi: Rate limit logging on connection and disconnection Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 52/69] ALSA: intel8x0: Fix incorrect codec index usage in mixer for ICH4 Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 53/69] ASoC: SOF: topology: Parse the dapm_widget_tokens in case of DSPless mode Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 54/69] tty: serial: fix print format specifiers Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 55/69] ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime() Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 56/69] usb: typec: intel_pmc_mux: Defer probe if SCU IPC isn't present Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 57/69] usb: core: usb_submit_urb: downgrade type check Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 58/69] usb: typec: fusb302: fix scheduling while atomic when using virtio-gpio Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 59/69] pm: cpupower: Fix the snapshot-order of tsc,mperf, clock in mperf_stop() Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 60/69] imx8m-blk-ctrl: set ISI panic write hurry level Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 61/69] soc: qcom: mdt_loader: Actually use the e_phoff Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 62/69] platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 63/69] platform/chrome: cros_ec_typec: Defer probe on missing EC parent Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 64/69] ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 65/69] ALSA: pcm: Rewrite recalculate_boundary() to avoid costly loop Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 66/69] ALSA: usb-audio: Avoid precedence issues in mixer_quirks macros Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 67/69] iio: adc: ad7768-1: Ensure SYNC_IN pulse minimum timing requirement Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 68/69] ASoC: codecs: rt5640: Retry DEVICE_ID verification Sasha Levin
2025-08-04 0:31 ` [PATCH AUTOSEL 6.12 69/69] ASoC: qcom: use drvdata instead of component to keep id Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250804003119.3620476-50-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=bp@alien8.de \
--cc=jpoimboe@kernel.org \
--cc=patches@lists.linux.dev \
--cc=pawan.kumar.gupta@linux.intel.com \
--cc=peterz@infradead.org \
--cc=stable@vger.kernel.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox