> > > + for (i = 0; i < ARRAY_SIZE(spectre_bad_microcodes); i++) {
> > > + if (c->x86_model == spectre_bad_microcodes[i].model &&
> > > + c->x86_mask == spectre_bad_microcodes[i].stepping)
> > > + return (c->microcode <=
> > > spectre_bad_microcodes[i].microcode);
> > > + }
> > > + return 0;
> > > +}
> > The above is Intel only, you should check vendor too I think.
>
> It's in intel.c, called from early_init_intel(). Isn't that sufficient?
Duh, so much for reading skillz on my end ;-)
> > > + pr_warn("Intel Spectre v2 broken microcode detected; disabling
> > > SPEC_CTRL\n");
> > > + clear_cpu_cap(c, X86_FEATURE_SPEC_CTRL);
> > > + clear_cpu_cap(c, X86_FEATURE_STIBP);
> > > + clear_cpu_cap(c, X86_FEATURE_AMD_SPEC_CTRL);
> > > + clear_cpu_cap(c, X86_FEATURE_AMD_PRED_CMD);
> > > + clear_cpu_cap(c, X86_FEATURE_AMD_STIBP);
> > > + }
> > And since its Intel only, what are those AMD features doing there?
>
> Hypervisors which only want to expose PRED_CMD may do so using the AMD
> feature bit. SPEC_CTRL requires save/restore and live migration
> support, and isn't needed with retpoline anyway (since guests won't be
> calling directly into firmware).
Egads, I suppose that makes some sense, but it does make a horrible
muddle of things.
