On Thu, 2025-05-15 at 10:38 -0700, Pawan Gupta wrote:
CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you can confirm the sender and know the content is safe.
On Thu, May 15, 2025 at 07:23:55PM +0200, Borislav Petkov wrote:
On Thu, May 15, 2025 at 10:06:33AM -0700, Pawan Gupta wrote:
As I said above, a mitigation unintentionally make another mitigation ineffective.
I actually didn't need an analysis - my point is: if you're going to warn about it, then make it big so that it gets caught.
Yes, maybe a WARN_ON() conditional to sanity checks for retbleed/SRSO.
Yes, that.
At least.
The next step would be if this whole "let's set a thunk without overwriting a previously set one" can be fixed differently.
For now, though, the *least* what should be done here is catch the critical cases where a mitigation is rendered ineffective. And warning Joe Normal User about it doesn't bring anything. We do decide for the user what is safe or not, practically. At least this has been the strategy until now.
So the goal here should be to make Joe catch this and tell us to fix it.
Makes sense?
Absolutely makes sense.
Suraj, do want to revise this patch? Or else I can do it too.
Happy to revise it.
To be clear, based on my understanding the request is to make the warning more obvious with a WARN()?