From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-187615-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 05A72138334
	for <garchives@archives.gentoo.org>; Mon, 15 Jul 2019 00:42:35 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 3F128E08D1;
	Mon, 15 Jul 2019 00:42:28 +0000 (UTC)
Received: from mail-ot1-x330.google.com (mail-ot1-x330.google.com [IPv6:2607:f8b0:4864:20::330])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id AFF6FE0872
	for <gentoo-user@lists.gentoo.org>; Mon, 15 Jul 2019 00:42:27 +0000 (UTC)
Received: by mail-ot1-x330.google.com with SMTP id n94so1575590ota.7
        for <gentoo-user@lists.gentoo.org>; Sun, 14 Jul 2019 17:42:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to;
        bh=TdnxwJAeTjMOaqd/hVbnAQx3U3AhUFmHf8XlLJir2Fk=;
        b=ju8kk6qluRYBNY0e8KKf8lXaisL3GuyI78LGv5VYDY8ZZWGQA02BCq28UBg519PULA
         uHhgDwglJbQyjmZqXDx7KeVUv078IUGs4yuftwslESbQAzeaTvLhqpEbHPxLr1FWWZ+n
         OFimrR+5+q3pYbJCllPIko0avk29OyBWBDFOCeXNr5QlboqrAhAfRlj99tkQ3+Cxj57V
         pBIXqpctIG4sRY9p/cV55I5ozUIiKqiubMBpd8ApTI4nIzPjGNvBi/JcEZFH8aFkehHg
         7WggLdyUIKk8Tr3ERw4lafGZj+lFdK9AAsbmGntmtaaF5YcmmkMQY0JDxYBMN4vG4SpC
         5n/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to;
        bh=TdnxwJAeTjMOaqd/hVbnAQx3U3AhUFmHf8XlLJir2Fk=;
        b=l+NQzK3rmVhzlo2YdyclL/7kuv9GRK/LY3zEZ3EFeWP+2IcAaei26ikD45H5KV5qad
         7voj2elLyE2OyO3kHdyZjTLjGMsJNKOemxA9IcO7CBCNi+A2yPMAqgVsclFkMDPI15jy
         lbHMnp3UKlrvsKYGRc6RppY6d/bHsvf3isQORuzOCC1sSswE/HxDuSdXZjOCIXY3dj4i
         rhpagFrbtBUbZ/Xn+1ru8zASvCu3ONBhYXwQdPre87uHNMonddfvdSNmnqeSNLN9rfbI
         LH9t9s0CiBip59aDGO1LeVkuFLH04ODSlfRfPiAfzWKBnAGdkeSy0UvJ4WUNQN0W/dQi
         HlNg==
X-Gm-Message-State: APjAAAVVKNUljlECBb1zesYNdKzfcNNmvjk0cTGTDJ8hZRQojZ4kLVD1
	1ySl9pqHaM9rkY5GFOYCPT/xreUjRrGtlTqh1DxGunH1
X-Google-Smtp-Source: APXvYqwr8bYqvgkh1BLVRTe9Tl4wVq5qh+0criKPZzu/rU/+XM4qNgExzHITovyhtmjbIfY1PqfTmFS49HK8BLg3elA=
X-Received: by 2002:a9d:7241:: with SMTP id a1mr1982998otk.219.1563151346638;
 Sun, 14 Jul 2019 17:42:26 -0700 (PDT)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
MIME-Version: 1.0
References: <ZK3SOP73.6YO66WMV.YNJMSMQX@WSQODLVE.QGFFK3PZ.DREWN4SR>
 <CAGfcS_k=OOZ-X4ZHUh0T1p1=YV9r6_YJnNXi2-NatQPGWVxqNA@mail.gmail.com>
 <2279315.AUFcum9iNF@localhost> <21714265.1ZXtKVbesA@localhost>
In-Reply-To: <21714265.1ZXtKVbesA@localhost>
From: Adam Carter <adamcarter3@gmail.com>
Date: Mon, 15 Jul 2019 10:42:15 +1000
Message-ID: <CAC=wYCGNj=B9tSqiep3=i9H5Xi0ekX7uQXi+rd+Y+BoN=p-1FA@mail.gmail.com>
Subject: Re: [gentoo-user] AMD microcode updates - where are they?!
To: gentoo-user@lists.gentoo.org
Content-Type: multipart/alternative; boundary="000000000000bf21c9058dad88ba"
X-Archives-Salt: 27f5acec-c7b6-4e65-909b-9d075885594e
X-Archives-Hash: 53020b03200298753c1faf3b1f45b6af

--000000000000bf21c9058dad88ba
Content-Type: text/plain; charset="UTF-8"

> Then I came across this old message regarding Piledriver CPUs:
>
> https://lists.debian.org/debian-security/2016/03/msg00084.html
>
> The post refers to model 2 of cpu family 21.  Not all models in the same
> family, only model 2.  So I am thinking although patch files are named per
> CPU
> family, whether they are applicable and applied as an update to the CPU is
> probably determined by the particular CPU *model*.  Logically, errata in
> previous CPU revisions may have been fixed in later models of the same
> family
> and therefore such microcode updates would not be needed.  When offered by
> the
> OS the CPU won't select to have them applied.
>
> This explains why my AMD models, which are later revisions of the same 15h
> family do not apply any microcode updates - they don't need them.
>
> Please share if you know differently and thank you all for your responses.


Sounds reasonable, but the 15h code was updated mid 2018, so unless the cpu
or BIOS update is from after then, i would be concerned.

If your APUs return similar to this then then there's nothing to worry about

# grep . /sys/devices/system/cpu/vulnerabilities/*
/sys/devices/system/cpu/vulnerabilities/l1tf:Not affected
/sys/devices/system/cpu/vulnerabilities/mds:Not affected
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation:
Speculative Store Bypass disabled via prctl and seccomp
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user
pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD
retpoline, IBPB: conditional, STIBP: disabled, RSB filling

--000000000000bf21c9058dad88ba
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><br><div class=3D"gmail_quote"><blockquote class=3D"gmail_=
quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,=
204);padding-left:1ex">
Then I came across this old message regarding Piledriver CPUs:<br>
<br>
<a href=3D"https://lists.debian.org/debian-security/2016/03/msg00084.html" =
rel=3D"noreferrer" target=3D"_blank">https://lists.debian.org/debian-securi=
ty/2016/03/msg00084.html</a><br>
<br>
The post refers to model 2 of cpu family 21.=C2=A0 Not all models in the sa=
me <br>
family, only model 2.=C2=A0 So I am thinking although patch files are named=
 per CPU <br>
family, whether they are applicable and applied as an update to the CPU is =
<br>
probably determined by the particular CPU *model*.=C2=A0 Logically, errata =
in <br>
previous CPU revisions may have been fixed in later models of the same fami=
ly <br>
and therefore such microcode updates would not be needed.=C2=A0 When offere=
d by the <br>
OS the CPU won&#39;t select to have them applied.<br>
<br>
This explains why my AMD models, which are later revisions of the same 15h =
<br>
family do not apply any microcode updates - they don&#39;t need them.<br>
<br>
Please share if you know differently and thank you all for your responses.<=
/blockquote><div><br></div><div>Sounds reasonable, but the 15h code was upd=
ated mid 2018, so unless the cpu or BIOS update is from after then, i would=
 be concerned. <br></div><div><br></div><div>If your APUs return similar to=
 this then then there&#39;s nothing to worry about</div><div><br></div><div=
># grep . /sys/devices/system/cpu/vulnerabilities/*<br>/sys/devices/system/=
cpu/vulnerabilities/l1tf:Not affected<br>/sys/devices/system/cpu/vulnerabil=
ities/mds:Not affected<br>/sys/devices/system/cpu/vulnerabilities/meltdown:=
Not affected<br>/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:M=
itigation: Speculative Store Bypass disabled via prctl and seccomp<br>/sys/=
devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sa=
nitization<br>/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation=
: Full AMD retpoline, IBPB: conditional, STIBP: disabled, RSB filling<br></=
div><div><br></div><div><br></div><div><br></div></div></div>

--000000000000bf21c9058dad88ba--