Re: [gentoo-user] AMD microcode updates - where are they?!

public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed

From: Mick <michaelkintzios@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] AMD microcode updates - where are they?!
Date: Sun, 14 Jul 2019 14:26:24 +0100	[thread overview]
Message-ID: <21714265.1ZXtKVbesA@localhost> (raw)
In-Reply-To: <2279315.AUFcum9iNF@localhost>

[-- Attachment #1: Type: text/plain, Size: 2046 bytes --]

On Saturday, 13 July 2019 23:03:11 BST Mick wrote:

> Unlike my old Intel which lights up like a christmas tree with "Vulnerable,
> no microcode found" because Intel has thrown its users to the kerb, both
> AMDs show "Not Vulnerable" and for some of the vulnerabilities it reports:
> 
> (your CPU vendor reported your CPU model as not vulnerable)

This last line made me think a bit more.  Scratching around I see there are 
separate patch files with AMD microcode updates offered for the various CPU 
families.  My simplistic assumption so far has been *all* CPUs of a certain 
family will apply the corresponding patch file microcode update, either via a 
new UEFI/BIOS firmware, or via the OS.

Clearly this is not so.  If I remove 'amd-ucode/microcode_amd_fam15h.bin' from 
my kernel firmware directive completely, or add amd-ucode/ patch files for 
every family, or even try to manually reload the microcode:

echo 1 > /sys/devices/system/cpu/microcode/reload

there is no change in dmesg.  Clearly my CPU does not load any microcode 
update, other than what might be already available in the old UEFI MoBo 
firmware and this is loaded before the OS starts booting.

Then I came across this old message regarding Piledriver CPUs:

https://lists.debian.org/debian-security/2016/03/msg00084.html

The post refers to model 2 of cpu family 21.  Not all models in the same 
family, only model 2.  So I am thinking although patch files are named per CPU 
family, whether they are applicable and applied as an update to the CPU is 
probably determined by the particular CPU *model*.  Logically, errata in 
previous CPU revisions may have been fixed in later models of the same family 
and therefore such microcode updates would not be needed.  When offered by the 
OS the CPU won't select to have them applied.

This explains why my AMD models, which are later revisions of the same 15h 
family do not apply any microcode updates - they don't need them.

Please share if you know differently and thank you all for your responses.
-- 
Regards,

Mick

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

next prev parent reply	other threads:[~2019-07-14 13:26 UTC|newest]

Thread overview: 30+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-07-12 12:18 [gentoo-user] AMD microcode updates - where are they?! Mick
2019-07-12 16:07 ` [gentoo-user] " Ian Zimmerman
2019-07-13  0:56   ` Adam Carter
2019-07-13  1:13     ` Adam Carter
2019-07-13 10:04       ` Mick
2019-07-13 10:01     ` Mick
2019-07-13 16:21 ` [gentoo-user] " Jack
2019-07-13 17:18   ` Mick
2019-07-13 17:23     ` Mick
2019-07-13 17:42     ` Jack
2019-07-13 18:06       ` Mick
2019-07-13 18:16         ` Corbin
2019-07-13 19:23           ` Mick
2019-07-13 20:16             ` Wols Lists
2019-07-13 21:01               ` Rich Freeman
2019-07-13 22:03                 ` Mick
2019-07-14 13:26                   ` Mick [this message]
2019-07-15  0:42                     ` Adam Carter
2019-07-17  3:21                     ` Corbin
2019-07-17 10:58                       ` Mick
2019-07-17 12:46                         ` Corbin
2019-07-17 20:51                           ` [gentoo-user] " Ian Zimmerman
2019-07-18 12:33                             ` Corbin
2019-07-18 18:23                               ` Mick
2019-07-17 23:38                         ` [gentoo-user] " Adam Carter
2019-07-15  4:30         ` [gentoo-user] " Ian Zimmerman
2019-07-15 21:18           ` Ian Zimmerman
2019-07-16  9:47             ` Mick
2019-07-15  5:15         ` [gentoo-user] " Adam Carter
2019-07-16  8:10     ` Neil Bothwick

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=21714265.1ZXtKVbesA@localhost \
    --to=michaelkintzios@gmail.com \
    --cc=gentoo-user@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox