[coreboot] When does AMD release the fam15 spectre microcode updates?
Rudolf Marek
r.marek at assembler.cz
Wed May 23 21:52:32 CEST 2018
Hi all,
Dne 22.5.2018 v 07:03 Taiidan at gmx.com napsal(a):
> AMD has at long last coughed up the stuff to the linux-firmware people
>
> https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/diff/amd-ucode/microcode_amd_fam15h.bin?id=77101513943ef198e2050667c87abf19e6cbb1d8
>
> The fam15h microcode update adds IBPB
>
> * Indirect Branch Prediction Barrier (IBPB)
> * PRED_CMD MSR is available: YES
> * CPU indicates IBPB capability: YES (IBPB_SUPPORT feature bit)
For some reason this firmware update deletes microcode for Trinity CPUs, I tried to contact the person who commit this
without any luck. As I have previously written the github page has even newer microcode.
> The question is what about the other stuff? IBRS, STIBP? This is
> confusing due to zero documentation on these updates from amd...Why
Not true, check:
https://developer.amd.com/resources/speculative-execution/
You only need IBPB + retpoline in kernel + RSB clear on CPL switch.
> don't they have those in this update? Would it be possible to easily add
> the support flags without microcode for those who use libreboot?
So libreboot guys don't want any fixes for a CPU?
> Would it still be a good idea to add the lfence msr as rmarek mentioned?
You could, but OS will do that for you (at least Linux). Moreover the Variant 4, can
be mitigated on fam15h by switch off some chicken bits in the CFG_LS see above.
I think I have seen some commit in Linux to do that.
Thanks
Rudolf
More information about the coreboot
mailing list