Commit 930f2361 authored Sep 15, 2025 by David Kaplan Committed by Borislav Petkov (AMD) Sep 16, 2025

x86/bugs: Report correct retbleed mitigation status



On Intel CPUs, the default retbleed mitigation is IBRS/eIBRS but this
requires that a similar spectre_v2 mitigation is applied.  If the user
selects a different spectre_v2 mitigation (like spectre_v2=retpoline) a
warning is printed but sysfs will still report 'Mitigation: IBRS' or
'Mitigation: Enhanced IBRS'.  This is incorrect because retbleed is not
mitigated, and IBRS is not actually set.

Fix this by choosing RETBLEED_MITIGATION_NONE in this scenario so the
kernel correctly reports the system as vulnerable to retbleed.

Signed-off-by: David Kaplan <david.kaplan@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Link: https://lore.kernel.org/20250915134706.3201818-1-david.kaplan@amd.com

parent d1cc1bae

Show whitespace changes

Inline Side-by-side

CodeLinaro @codelinaro
mentioned in commit 65dc4615
· Nov 05, 2025

mentioned in commit 65dc4615

mentioned in commit 65dc4615edda871ca5105d055297725702767f43

Toggle commit list
CodeLinaro @codelinaro
mentioned in commit 077823b0
· Nov 05, 2025

mentioned in commit 077823b0

mentioned in commit 077823b06f1cc3643a76dac477f6bacb86646c45

Toggle commit list
CodeLinaro @codelinaro
mentioned in commit 50021894
· Nov 05, 2025

mentioned in commit 50021894

mentioned in commit 50021894336f7d80f28084b922898b076b02dcca

Toggle commit list

Please to comment