16 May
2025
16 May
'25
3:40 p.m.
On Fri, May 16, 2025 at 03:18:30PM +0000, Kaplan, David wrote:
Hmm. Since SRSO is kind of a superset of retbleed, it might make sense to create a new mitigation, RETBLEED_MITIGATION_SAFE_RET.
retbleed_update_mitigation() can change its mitigation to this if srso_mitigation is SAFE_RET (or SAFE_RET_UCODE_NEEDED). RETBLEED_MITIGATION_SAFE_RET can do nothing in retbleed_apply_mitigation() because it means that srso is taking care of things. Thoughts?
This also made me realize there's another minor missing interaction here, which is that if spec_rstack_overflow=ibpb, then that should set retbleed_mitigation to IBPB as well.
Ok, this sounds like we should expedite our srso mitigation cleanup intentions. :-)
Lemme find you on chat...
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette