> Then I came across this old message regarding Piledriver CPUs: > > https://lists.debian.org/debian-security/2016/03/msg00084.html > > The post refers to model 2 of cpu family 21. Not all models in the same > family, only model 2. So I am thinking although patch files are named per > CPU > family, whether they are applicable and applied as an update to the CPU is > probably determined by the particular CPU *model*. Logically, errata in > previous CPU revisions may have been fixed in later models of the same > family > and therefore such microcode updates would not be needed. When offered by > the > OS the CPU won't select to have them applied. > > This explains why my AMD models, which are later revisions of the same 15h > family do not apply any microcode updates - they don't need them. > > Please share if you know differently and thank you all for your responses.
Sounds reasonable, but the 15h code was updated mid 2018, so unless the cpu or BIOS update is from after then, i would be concerned. If your APUs return similar to this then then there's nothing to worry about # grep . /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/l1tf:Not affected /sys/devices/system/cpu/vulnerabilities/mds:Not affected /sys/devices/system/cpu/vulnerabilities/meltdown:Not affected /sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: Speculative Store Bypass disabled via prctl and seccomp /sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization /sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD retpoline, IBPB: conditional, STIBP: disabled, RSB filling
