[coreboot] Looking for a volunteer to add Fam15h spectre MSR to coreboot
Mike Banon
mikebdp2 at gmail.com
Wed Apr 11 14:17:06 CEST 2018
Line 869 - "const int amd_erratum_319[] =" --- is this code really
against the Spectre, or its more like against the erratas in general?
Also, What if someone would like to use either a Linux distro which
hasnt been upgraded to the latest kernels, or maybe some alternative
OS like FreeDOS or Kolibri? I think Taiidan has a good point: the
availability of protection from this vulnerability should not depend
on your OS and the version of your Linux kernel.
Are there any existing MSR writes inside the coreboot code, so that
they could be copied and modified into the MSR of Taiidan's interest?
(MSR C001_1029[1]=1) Maybe that MSR write would even be a C code
1-liner?
Best regards,
Mike Banon
On Tue, Apr 10, 2018 at 3:32 AM, Arthur Heymans <arthur at aheymans.xyz> wrote:
> Hi
>
> Linux already does that for you: (v4.16) arch/x86/kernel/cpu/amd.c line 869.
>
>
> Kind regards
>
>
> On 5 April 2018 00:51:30 GMT+02:00, "Taiidan at gmx.com" <Taiidan at gmx.com>
> wrote:
>>
>> As I am not a programmer I do not know how to do this (thanks for the
>> heads-up rmarek) nor am I permitted to add to the repos.
>>
>> MITIGATION G-2
>> Description: Set an MSR in the processor so that LFENCE is a dispatch
>> serializing instruction and then
>> use LFENCE in code streams to serialize dispatch (LFENCE is faster than
>> RDTSCP which is also dispatch
>> serializing).
>>
>> This mode of LFENCE may be enabled by setting MSR C001_1029[1]=1.
>>
>> This is important and covers a variety of boards such as the KGPE-D16,
>> KCMA-D8 and G505s (all the last and best owner controlled x86_64 systems)
>>
>
> --
> Arthur Heymans
>
> --
> coreboot mailing list: coreboot at coreboot.org
> https://mail.coreboot.org/mailman/listinfo/coreboot
More information about the coreboot
mailing list