On Sat, Jul 13, 2019 at 4:16 PM Wols Lists <antli...@youngman.org.uk> wrote: > > On 13/07/19 20:23, Mick wrote: > > Thanks Corbin, I wonder if despite articles about microcode patch releases > > to > > deal with spectre and what not, there are just no patches made available for > > my aging AMD CPUs. > > Or Spectre and what not are Intel specific ... > > I know a lot of the reports said many of the exploits don't work on AMD. > It's something to do with the way Intel has implemented speculative > execution, and AMD doesn't use that technique.
Some spectre-related vulnerabilities apply to AMD, and some do not. Most of the REALLY bad ones do not, but I believe that some of the AMD ones still require microcode updates to be mitigated in the most efficient way. Take a look in /sys/devices/system/cpu/vulnerabilities on your system for the kernel's assessment of what vulnerabilities apply, and how they are being mitigated. What you want to see is every single one either saying "Not affected" or they start with "Mitigation:" If you see one starting with something like Partial Mitigation or Vulnerable you should Google if there is something you can do to improve this. Note that this assumes you have a current kernel. The kernel can only report the vulnerabilities it knows about, so if you're running some kernel from 9 months ago it won't know about everything. For reference, on my Ryzen 5 1600 I get: for x in * ; do echo -n "$x: " ; cat $x ; done l1tf: Not affected mds: Not affected meltdown: Not affected spec_store_bypass: Mitigation: Speculative Store Bypass disabled via prctl and seccomp spectre_v1: Mitigation: __user pointer sanitization spectre_v2: Mitigation: Full AMD retpoline, STIBP: disabled, RSB filling -- Rich
