Hi all,
Dne 22.5.2018 v 07:03 Taiidan@gmx.com napsal(a):
AMD has at long last coughed up the stuff to the linux-firmware people
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/...
The fam15h microcode update adds IBPB
* Indirect Branch Prediction Barrier (IBPB) * PRED_CMD MSR is available: YES * CPU indicates IBPB capability: YES (IBPB_SUPPORT feature bit)
For some reason this firmware update deletes microcode for Trinity CPUs, I tried to contact the person who commit this without any luck. As I have previously written the github page has even newer microcode.
The question is what about the other stuff? IBRS, STIBP? This is confusing due to zero documentation on these updates from amd...Why
Not true, check: https://developer.amd.com/resources/speculative-execution/
You only need IBPB + retpoline in kernel + RSB clear on CPL switch.
don't they have those in this update? Would it be possible to easily add the support flags without microcode for those who use libreboot?
So libreboot guys don't want any fixes for a CPU?
Would it still be a good idea to add the lfence msr as rmarek mentioned?
You could, but OS will do that for you (at least Linux). Moreover the Variant 4, can be mitigated on fam15h by switch off some chicken bits in the CFG_LS see above.
I think I have seen some commit in Linux to do that.
Thanks Rudolf