Date: Thu, 11 Jan 2018 21:11:59 -0800 From: Mark Millard <markmi@dsl-only.net> To: freebsd-amd64@freebsd.org Cc: FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: Intel CPU design flaw - FreeBSD affected? [AMD family Zen/17h status] Message-ID: <BE782FBF-E154-4FE6-91E0-6B45534A75F5@dsl-only.net> In-Reply-To: <B5F69AB5-C027-457B-B780-40459456F61E@dsl-only.net> References: <05382876-0605-424D-9BDD-CE1BF6C744CF@dsl-only.net> <B5F69AB5-C027-457B-B780-40459456F61E@dsl-only.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2018-Jan-6, at 2:02 PM, Mark Millard <markmi at dsl-only.net> wrote: > On 2018-Jan-4, at 7:32 PM, Mark Millard <markmi at dsl-only.net> = wrote: >=20 >> Darren Reed darrenr at freebsd.org wrote on >> Thu Jan 4 11:56:29 UTC 2018 : >>=20 >>> Most people are only talking about meltdown which doesn't hit AMD. >>> spectre impacts *both* Intel and AMD. >>>=20 >>> SuSE are making available a microcode patch for AMD 17h processors = that >>> disables branch prediction: >>>=20 >>>=20 >>> = https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.htm= l >>=20 >> https://www.amd.com/en/corporate/speculative-execution >>=20 >> reports. . . >>=20 >> For the Bounds Check Bypass Spectre variant (#1): >>=20 >> Resolved by software / OS updates to be made available >> by system vendors and manufacturers. Negligible performance >> impact expected. >>=20 >> For the Branch Target Injection Spectre variant (#2): >>=20 >> Differences in AMD architecture mean there is a near zero >> risk of exploitation of this variant. Vulnerability to >> Variant 2 has not been demonstrated on AMD processors to >> date. >>=20 >> For the Rogue Data Cache Load Meltdown variant (#3): >>=20 >> Zero AMD vulnerability due to AMD architecture differences. >>=20 >>=20 >>=20 >> How long #2 will have a "has not been demonstrated" status >> is yet to be seen. >=20 > = https://www.phoronix.com/scan.php?page=3Dnews_item&px=3DAMD-Branch-Predict= ion-Still >=20 > reports that SUSE's microcode update for AMD's Zen/17h does > not disable branch prediction, despite SUSE's existing > description: >=20 > QUOTE > I reached out to AMD and on Friday heard back. They wrote in an email > to Phoronix that this Zen/17h microcode update does not disable branch > prediction. They'll be working with SUSE to re-clarify this microcode > update description... But as far as what this microcode update does in > the wake of SPECTRE they have yet to clarify or why this microcode > binary has yet to make it to other Linux distributions. If/when I hear > anything more, I'll certainly post about it but doesn't appear to be > anything as dramatic as disabling branch prediction, which could have > slaughtered their CPU performance. > END QUOTE https://www.amd.com/en/corporate/speculative-execution has been updated and amd no longer claims that #2 has not been demonstrated. They state there will be microcode updates for it: QUOTE AMD will make optional microcode updates available to our customers and = partners for Ryzen and EPYC processors starting this week. We expect to make = updates available for our previous generation products over the coming weeks. END QUOTE =3D=3D=3D Mark Millard markmi at dsl-only.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BE782FBF-E154-4FE6-91E0-6B45534A75F5>