On Fri, Jan 12, 2018 at 2:58 PM, Corbin Bird <corbinb...@charter.net> wrote: > > The Fam16h and Fam17h microcode updates were new to Gentoo? > I don't recall ever seeing them before. >
They're new in general - they first appeared last week and they're being treated as if they're related to Spectre. I've yet to see any kind of official release of them, but that seems to be par for the course for AMD the more I hunt around for documentation. It seems like Suse first released it, and claimed that it disabled branch prediction, whatever that means (certainly it can't completely disable it without tanking performance). I'm not sure if it has been merged upstream yet. The 17h loader updates were merged into linux 4.4.13 (Gentoo backported it as well), but I'm not sure about the microcode itself. Separately there are some lkml patches proposed by AMD to use an MSR setting to make LFENCE block speculative execution. It looks like the strategy is to enable that on amd64, and verify that the setting took (a guest VM wouldn't be able to set the MSR). If the setting isn't effective then it would fall back to Retpolines (which is the Intel fix for Spectre), which have more overhead (this is in addition to the much larger overhead for the meltdown fix on Intel). If somebody actually sees anything official from AMD clearly giving a checklist for Spectre remediation I'm all ears. To its credit, Intel at least published one of those (even if it amounts to "pound sand" for older CPUs). -- Rich
