** Description changed: [Impact] AMD has recently updated the microcode in the linux-firmware tree for family 17h processors to address Spectre variant 2. The Trusty 3.13 kernel cannot load the microcode because it is missing a backport of upstream patch f4e9b7af0cd58dd039a0fb2cd67d57cea4889abf which leaves AMD machines vulnerable. [Test Case] Test must be done on a 17h family processor: 1) Take note of the microcode version before applying updated microcode: - $ sudo cat /sys/devices/system/cpu/cpu0/microcode/version - 0x8001227 + $ sudo cat /sys/devices/system/cpu/cpu0/microcode/version + 0x8001227 2) Get updated amd64-microcode package from the Ubuntu Security Team. Install it and reboot machine. 3) Verify that the microcode version has changed. + + Alternate test case (useful in the situation that the test system is + already running the latest microcode revision due to a BIOS update): + + 1) Fetch the latest 17h family microcode revision from here (you may + want to verify the signature): + + https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux- + firmware.git/tree/amd-ucode/microcode_amd_fam17h.bin + + 2) Move it into /lib/firmware/amd-ucode/ + + 3) Force a microcode reload: + + $ echo 1 | sudo tee /sys/devices/system/cpu/microcode/reload + + 4) Verify that the following error message is *not* in your syslog: + + May 30 04:22:55 lodygin kernel: [ 388.290105] microcode: patch size mismatch + May 30 04:22:55 lodygin kernel: [ 388.290149] microcode: Patch-ID 0x08001227: size mismatch. [Regression Potential] The regression potential to the kernel revolves around the fact that the IBRS/IBPB implementation in the 3.13 kernel may not have been put through its paces yet due to a lack of available microcode updates. There could be a latent bug present that is uncovered.
** Description changed: [Impact] AMD has recently updated the microcode in the linux-firmware tree for family 17h processors to address Spectre variant 2. The Trusty 3.13 kernel cannot load the microcode because it is missing a backport of upstream patch f4e9b7af0cd58dd039a0fb2cd67d57cea4889abf which leaves AMD machines vulnerable. - [Test Case] + [Test Case (option 1)] Test must be done on a 17h family processor: 1) Take note of the microcode version before applying updated microcode: $ sudo cat /sys/devices/system/cpu/cpu0/microcode/version 0x8001227 2) Get updated amd64-microcode package from the Ubuntu Security Team. Install it and reboot machine. 3) Verify that the microcode version has changed. + [Test Case (option 2)] + Alternate test case (useful in the situation that the test system is already running the latest microcode revision due to a BIOS update): 1) Fetch the latest 17h family microcode revision from here (you may want to verify the signature): - https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux- + https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux- firmware.git/tree/amd-ucode/microcode_amd_fam17h.bin 2) Move it into /lib/firmware/amd-ucode/ 3) Force a microcode reload: - $ echo 1 | sudo tee /sys/devices/system/cpu/microcode/reload + $ echo 1 | sudo tee /sys/devices/system/cpu/microcode/reload 4) Verify that the following error message is *not* in your syslog: May 30 04:22:55 lodygin kernel: [ 388.290105] microcode: patch size mismatch May 30 04:22:55 lodygin kernel: [ 388.290149] microcode: Patch-ID 0x08001227: size mismatch. [Regression Potential] The regression potential to the kernel revolves around the fact that the IBRS/IBPB implementation in the 3.13 kernel may not have been put through its paces yet due to a lack of available microcode updates. There could be a latent bug present that is uncovered. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1774082 Title: Trusty cannot load microcode for family 17h AMD processors Status in linux package in Ubuntu: Invalid Status in linux source package in Trusty: In Progress Bug description: [Impact] AMD has recently updated the microcode in the linux-firmware tree for family 17h processors to address Spectre variant 2. The Trusty 3.13 kernel cannot load the microcode because it is missing a backport of upstream patch f4e9b7af0cd58dd039a0fb2cd67d57cea4889abf which leaves AMD machines vulnerable. [Test Case (option 1)] Test must be done on a 17h family processor: 1) Take note of the microcode version before applying updated microcode: $ sudo cat /sys/devices/system/cpu/cpu0/microcode/version 0x8001227 2) Get updated amd64-microcode package from the Ubuntu Security Team. Install it and reboot machine. 3) Verify that the microcode version has changed. [Test Case (option 2)] Alternate test case (useful in the situation that the test system is already running the latest microcode revision due to a BIOS update): 1) Fetch the latest 17h family microcode revision from here (you may want to verify the signature): https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux- firmware.git/tree/amd-ucode/microcode_amd_fam17h.bin 2) Move it into /lib/firmware/amd-ucode/ 3) Force a microcode reload: $ echo 1 | sudo tee /sys/devices/system/cpu/microcode/reload 4) Verify that the following error message is *not* in your syslog: May 30 04:22:55 lodygin kernel: [ 388.290105] microcode: patch size mismatch May 30 04:22:55 lodygin kernel: [ 388.290149] microcode: Patch-ID 0x08001227: size mismatch. [Regression Potential] The regression potential to the kernel revolves around the fact that the IBRS/IBPB implementation in the 3.13 kernel may not have been put through its paces yet due to a lack of available microcode updates. There could be a latent bug present that is uncovered. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1774082/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
