Then I came across this old message regarding Piledriver CPUs:
https://lists.debian.org/debian-security/2016/03/msg00084.html
The post refers to model 2 of cpu family 21. Not all models in the same
family, only model 2. So I am thinking although patch files are named per CPU
family, whether they are applicable and applied as an update to the CPU is
probably determined by the particular CPU *model*. Logically, errata in
previous CPU revisions may have been fixed in later models of the same family
and therefore such microcode updates would not be needed. When offered by the
OS the CPU won't select to have them applied.
This explains why my AMD models, which are later revisions of the same 15h
family do not apply any microcode updates - they don't need them.
Please share if you know differently and thank you all for your responses.
Sounds reasonable, but the 15h code was updated mid 2018, so unless the cpu or BIOS update is from after then, i would be concerned.
If your APUs return similar to this then then there's nothing to worry about
# grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
/sys/devices/system/cpu/vulnerabilities/mds:Not affected
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: Speculative Store Bypass disabled via prctl and seccomp
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline, IBPB: conditional, STIBP: disabled, RSB filling