From owner-freebsd-current@freebsd.org Fri Jan 12 06:12:08 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2DEFDE74EF7 for ; Fri, 12 Jan 2018 06:12:08 +0000 (UTC) (envelope-from markmi@dsl-only.net) Received: from asp.reflexion.net (outbound-mail-210-137.reflexion.net [208.70.210.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D3DC67920E for ; Fri, 12 Jan 2018 06:12:06 +0000 (UTC) (envelope-from markmi@dsl-only.net) Received: (qmail 5441 invoked from network); 12 Jan 2018 05:12:00 -0000 Received: from unknown (HELO rtc-sm-01.app.dca.reflexion.local) (10.81.150.1) by 0 (rfx-qmail) with SMTP; 12 Jan 2018 05:12:00 -0000 Received: by rtc-sm-01.app.dca.reflexion.local (Reflexion email security v8.40.4) with SMTP; Fri, 12 Jan 2018 00:12:00 -0500 (EST) Received: (qmail 28968 invoked from network); 12 Jan 2018 05:12:00 -0000 Received: from unknown (HELO iron2.pdx.net) (69.64.224.71) by 0 (rfx-qmail) with (AES256-SHA encrypted) SMTP; 12 Jan 2018 05:12:00 -0000 Received: from [192.168.1.25] (c-76-115-7-162.hsd1.or.comcast.net [76.115.7.162]) by iron2.pdx.net (Postfix) with ESMTPSA id D615DEC9459; Thu, 11 Jan 2018 21:11:59 -0800 (PST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Subject: Re: Intel CPU design flaw - FreeBSD affected? [AMD family Zen/17h status] From: Mark Millard In-Reply-To: Date: Thu, 11 Jan 2018 21:11:59 -0800 Cc: FreeBSD Current Content-Transfer-Encoding: quoted-printable Message-Id: References: <05382876-0605-424D-9BDD-CE1BF6C744CF@dsl-only.net> To: freebsd-amd64@freebsd.org X-Mailer: Apple Mail (2.3273) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Jan 2018 06:12:08 -0000 On 2018-Jan-6, at 2:02 PM, Mark Millard wrote: > On 2018-Jan-4, at 7:32 PM, Mark Millard = wrote: >=20 >> Darren Reed darrenr at freebsd.org wrote on >> Thu Jan 4 11:56:29 UTC 2018 : >>=20 >>> Most people are only talking about meltdown which doesn't hit AMD. >>> spectre impacts *both* Intel and AMD. >>>=20 >>> SuSE are making available a microcode patch for AMD 17h processors = that >>> disables branch prediction: >>>=20 >>>=20 >>> = https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.htm= l >>=20 >> https://www.amd.com/en/corporate/speculative-execution >>=20 >> reports. . . >>=20 >> For the Bounds Check Bypass Spectre variant (#1): >>=20 >> Resolved by software / OS updates to be made available >> by system vendors and manufacturers. Negligible performance >> impact expected. >>=20 >> For the Branch Target Injection Spectre variant (#2): >>=20 >> Differences in AMD architecture mean there is a near zero >> risk of exploitation of this variant. Vulnerability to >> Variant 2 has not been demonstrated on AMD processors to >> date. >>=20 >> For the Rogue Data Cache Load Meltdown variant (#3): >>=20 >> Zero AMD vulnerability due to AMD architecture differences. >>=20 >>=20 >>=20 >> How long #2 will have a "has not been demonstrated" status >> is yet to be seen. >=20 > = https://www.phoronix.com/scan.php?page=3Dnews_item&px=3DAMD-Branch-Predict= ion-Still >=20 > reports that SUSE's microcode update for AMD's Zen/17h does > not disable branch prediction, despite SUSE's existing > description: >=20 > QUOTE > I reached out to AMD and on Friday heard back. They wrote in an email > to Phoronix that this Zen/17h microcode update does not disable branch > prediction. They'll be working with SUSE to re-clarify this microcode > update description... But as far as what this microcode update does in > the wake of SPECTRE they have yet to clarify or why this microcode > binary has yet to make it to other Linux distributions. If/when I hear > anything more, I'll certainly post about it but doesn't appear to be > anything as dramatic as disabling branch prediction, which could have > slaughtered their CPU performance. > END QUOTE https://www.amd.com/en/corporate/speculative-execution has been updated and amd no longer claims that #2 has not been demonstrated. They state there will be microcode updates for it: QUOTE AMD will make optional microcode updates available to our customers and = partners for Ryzen and EPYC processors starting this week. We expect to make = updates available for our previous generation products over the coming weeks. END QUOTE =3D=3D=3D Mark Millard markmi at dsl-only.net