On 2018-Jan-6, at 2:02 PM, Mark Millard <markmi at dsl-only.net> wrote: > On 2018-Jan-4, at 7:32 PM, Mark Millard <markmi at dsl-only.net> wrote: > >> Darren Reed darrenr at freebsd.org wrote on >> Thu Jan 4 11:56:29 UTC 2018 : >> >>> Most people are only talking about meltdown which doesn't hit AMD. >>> spectre impacts *both* Intel and AMD. >>> >>> SuSE are making available a microcode patch for AMD 17h processors that >>> disables branch prediction: >>> >>> >>> https://lists.opensuse.org/opensuse-security-announce/2018-01/msg00004.html >> >> https://www.amd.com/en/corporate/speculative-execution >> >> reports. . . >> >> For the Bounds Check Bypass Spectre variant (#1): >> >> Resolved by software / OS updates to be made available >> by system vendors and manufacturers. Negligible performance >> impact expected. >> >> For the Branch Target Injection Spectre variant (#2): >> >> Differences in AMD architecture mean there is a near zero >> risk of exploitation of this variant. Vulnerability to >> Variant 2 has not been demonstrated on AMD processors to >> date. >> >> For the Rogue Data Cache Load Meltdown variant (#3): >> >> Zero AMD vulnerability due to AMD architecture differences. >> >> >> >> How long #2 will have a "has not been demonstrated" status >> is yet to be seen. > > https://www.phoronix.com/scan.php?page=news_item&px=AMD-Branch-Prediction-Still > > reports that SUSE's microcode update for AMD's Zen/17h does > not disable branch prediction, despite SUSE's existing > description: > > QUOTE > I reached out to AMD and on Friday heard back. They wrote in an email > to Phoronix that this Zen/17h microcode update does not disable branch > prediction. They'll be working with SUSE to re-clarify this microcode > update description... But as far as what this microcode update does in > the wake of SPECTRE they have yet to clarify or why this microcode > binary has yet to make it to other Linux distributions. If/when I hear > anything more, I'll certainly post about it but doesn't appear to be > anything as dramatic as disabling branch prediction, which could have > slaughtered their CPU performance. > END QUOTE https://www.amd.com/en/corporate/speculative-execution has been updated and amd no longer claims that #2 has not been demonstrated. They state there will be microcode updates for it: QUOTE AMD will make optional microcode updates available to our customers and partners for Ryzen and EPYC processors starting this week. We expect to make updates available for our previous generation products over the coming weeks. END QUOTE === Mark Millard markmi at dsl-only.netReceived on Fri Jan 12 2018 - 05:12:08 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:14 UTC