[LEDE-DEV] [OpenWrt-Devel] [PATCH 0/5] x86: add support for microcode update

Nick Lowe nick.lowe at gmail.com
Sun Jan 21 03:45:26 PST 2018


Yes, compiler updates will ultimately be necessary to properly close this.

We can see for now with 4.9.77:

root at LEDE:/sys/devices/system/cpu/vulnerabilities# cat spectre_v2
Vulnerable: Minimal AMD ASM retpoline

AMD processors are also incorrectly being marked as being vulnerable
to Meltdown. On my APU2C4 I see:

root at LEDE:/sys/devices/system/cpu/vulnerabilities# cat meltdown
Vulnerable

>From /proc/cpuinfo

flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt
pdpe1gb rdtscp lm constant_tsc rep_good acc_power nopl nonstop_tsc
extd_apicid aperfmperf eagerfpu pni pclmulqdq monitor ssse3 cx16
sse4_1 sse4_2 movbe popcnt aes xsave avx f16c lahf_lm cmp_legacy svm
extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit
wdt topoext perfctr_nb bpext ptsc perfctr_l2 cpb hw_pstate retpoline
retpoline_amd vmmcall bmi1 xsaveopt arat npt lbrv svm_lock nrip_save
tsc_scale flushbyasid decodeassists pausefilter pfthreshold
overflow_recov

bugs : fxsave_leak sysret_ss_attrs null_seg cpu_meltdown spectre_v1 spectre_v2

This following patch seen in 4.14.14 is missing from 4.9.77:

x86/cpu, x86/pti: Do not enable PTI on AMD processor
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.14.14&id=151d7039757b71ebd9d170af0944562f51149372

We can see that in this commit which renamed X86_BUG_CPU_INSECURE to
X86_BUG_CPU_MELTDOWN

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.9.77&id=43fe95308d276bdfd133f5951cc25565e39982ec

Can we backport this?

Cheers,

Nick

On Thu, Jan 18, 2018 at 9:15 PM, Hauke Mehrtens <hauke at hauke-m.de> wrote:
> On 01/18/2018 01:51 PM, Nick Lowe wrote:
>> Does an update to the Kernel, 4.9.77 and 4.14.14 need to be made to
>> properly address this? There are fixes to mitigate Spectre.
>
> We even need a patch for GCC which will be in GCC 8 and 7.3.
> For master we should backport it to GCC 5.5, but what do we want to do
> with 17.01 and 15.05 ?
>
> The AMD microcoded updater needs at least kernel 4.15, 4.14.13, 4.9.76,
> 4.4.111  which we already have.
>
> Hauke



More information about the Lede-dev mailing list