[LEDE-DEV] [OpenWrt-Devel] [PATCH 0/5] x86: add support for microcode update
Arjen de Korte
arjen+lede at de-korte.org
Sun Jan 21 04:04:03 PST 2018
Citeren Nick Lowe <nick.lowe at gmail.com>:
> Yes, compiler updates will ultimately be necessary to properly close this.
>
> We can see for now with 4.9.77:
>
> root at LEDE:/sys/devices/system/cpu/vulnerabilities# cat spectre_v2
> Vulnerable: Minimal AMD ASM retpoline
>
> AMD processors are also incorrectly being marked as being vulnerable
> to Meltdown. On my APU2C4 I see:
>
> root at LEDE:/sys/devices/system/cpu/vulnerabilities# cat meltdown
> Vulnerable
>
> From /proc/cpuinfo
>
> flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov
> pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt
> pdpe1gb rdtscp lm constant_tsc rep_good acc_power nopl nonstop_tsc
> extd_apicid aperfmperf eagerfpu pni pclmulqdq monitor ssse3 cx16
> sse4_1 sse4_2 movbe popcnt aes xsave avx f16c lahf_lm cmp_legacy svm
> extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit
> wdt topoext perfctr_nb bpext ptsc perfctr_l2 cpb hw_pstate retpoline
> retpoline_amd vmmcall bmi1 xsaveopt arat npt lbrv svm_lock nrip_save
> tsc_scale flushbyasid decodeassists pausefilter pfthreshold
> overflow_recov
>
> bugs : fxsave_leak sysret_ss_attrs null_seg cpu_meltdown spectre_v1
> spectre_v2
>
> This following patch seen in 4.14.14 is missing from 4.9.77:
>
> x86/cpu, x86/pti: Do not enable PTI on AMD processor
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.14.14&id=151d7039757b71ebd9d170af0944562f51149372
>
> We can see that in this commit which renamed X86_BUG_CPU_INSECURE to
> X86_BUG_CPU_MELTDOWN
>
> https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=v4.9.77&id=43fe95308d276bdfd133f5951cc25565e39982ec
>
> Can we backport this?
No, it's not missing, it's just in a different location:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/arch/x86/mm/kaiser.c?h=v4.9.75&id=8018307a45a90ab2eecfd03d48b7efb31707df37
I already wrote this in a reply on Jan 8th...
> Cheers,
>
> Nick
>
> On Thu, Jan 18, 2018 at 9:15 PM, Hauke Mehrtens <hauke at hauke-m.de> wrote:
>> On 01/18/2018 01:51 PM, Nick Lowe wrote:
>>> Does an update to the Kernel, 4.9.77 and 4.14.14 need to be made to
>>> properly address this? There are fixes to mitigate Spectre.
>>
>> We even need a patch for GCC which will be in GCC 8 and 7.3.
>> For master we should backport it to GCC 5.5, but what do we want to do
>> with 17.01 and 15.05 ?
>>
>> The AMD microcoded updater needs at least kernel 4.15, 4.14.13, 4.9.76,
>> 4.4.111 which we already have.
>>
>> Hauke
>
> _______________________________________________
> Lede-dev mailing list
> Lede-dev at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/lede-dev
More information about the Lede-dev
mailing list