The original fix disabled the xsaves feature for zen1/2. The issue has since been fixed in the cpus microcode and this patch keeps the feature enabled if the microcode version is recent enough to contain the fix.
Signed-off-by: Folke Gleumes <f.gleu...@proxmox.com> --- Tested this on an AMD Epyc 7302P v2. ...-improve-the-erratum-1386-workaround.patch | 82 +++++++++++++++++++ 1 file changed, 82 insertions(+) create mode 100644 patches/kernel/0013-improve-the-erratum-1386-workaround.patch diff --git a/patches/kernel/0013-improve-the-erratum-1386-workaround.patch b/patches/kernel/0013-improve-the-erratum-1386-workaround.patch new file mode 100644 index 0000000..969c10c --- /dev/null +++ b/patches/kernel/0013-improve-the-erratum-1386-workaround.patch @@ -0,0 +1,82 @@ +From 29ba89f1895285f06c333546882e0c5ae9a6df23 Mon Sep 17 00:00:00 2001 +From: "Borislav Petkov (AMD)" <b...@alien8.de> +Date: Sun, 24 Mar 2024 20:51:35 +0100 +Subject: x86/CPU/AMD: Improve the erratum 1386 workaround + +Disable XSAVES only on machines which haven't loaded the microcode +revision containing the erratum fix. + +This will come in handy when running archaic OSes as guests. OSes whose +brilliant programmers thought that CPUID is overrated and one should not +query it but use features directly, ala shoot first, ask questions +later... but only if you're alive after the shooting. + +Signed-off-by: Borislav Petkov (AMD) <b...@alien8.de> +Tested-by: "Maciej S. Szmigiero" <maciej.szmigi...@oracle.com> +Cc: Boris Ostrovsky <boris.ostrov...@oracle.com> +Link: https://lore.kernel.org/r/20240324200525.GBZgCHhYFsBj12PrKv@fat_crate.local +--- + arch/x86/include/asm/cpu_device_id.h | 8 ++++++++ + arch/x86/kernel/cpu/amd.c | 12 ++++++++++++ + 2 files changed, 20 insertions(+) + +diff --git a/arch/x86/include/asm/cpu_device_id.h b/arch/x86/include/asm/cpu_device_id.h +index eb8fcede9e3bf4..bf4e065cf1e2fc 100644 +--- a/arch/x86/include/asm/cpu_device_id.h ++++ b/arch/x86/include/asm/cpu_device_id.h +@@ -190,6 +190,14 @@ struct x86_cpu_desc { + .x86_microcode_rev = (revision), \ + } + ++#define AMD_CPU_DESC(fam, model, stepping, revision) { \ ++ .x86_family = (fam), \ ++ .x86_vendor = X86_VENDOR_AMD, \ ++ .x86_model = (model), \ ++ .x86_stepping = (stepping), \ ++ .x86_microcode_rev = (revision), \ ++} ++ + extern const struct x86_cpu_id *x86_match_cpu(const struct x86_cpu_id *match); + extern bool x86_cpu_has_min_microcode_rev(const struct x86_cpu_desc *table); + +diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c +index 6d8677e80ddbb1..873f0fdc2ef8a4 100644 +--- a/arch/x86/kernel/cpu/amd.c ++++ b/arch/x86/kernel/cpu/amd.c +@@ -13,6 +13,7 @@ + #include <asm/apic.h> + #include <asm/cacheinfo.h> + #include <asm/cpu.h> ++#include <asm/cpu_device_id.h> + #include <asm/spec-ctrl.h> + #include <asm/smp.h> + #include <asm/numa.h> +@@ -802,6 +803,11 @@ static void init_amd_bd(struct cpuinfo_x86 *c) + clear_rdrand_cpuid_bit(c); + } + ++static const struct x86_cpu_desc erratum_1386_microcode[] = { ++ AMD_CPU_DESC(0x17, 0x1, 0x2, 0x0800126e), ++ AMD_CPU_DESC(0x17, 0x31, 0x0, 0x08301052), ++}; ++ + static void fix_erratum_1386(struct cpuinfo_x86 *c) + { + /* +@@ -811,7 +817,13 @@ static void fix_erratum_1386(struct cpuinfo_x86 *c) + * + * Affected parts all have no supervisor XSAVE states, meaning that + * the XSAVEC instruction (which works fine) is equivalent. ++ * ++ * Clear the feature flag only on microcode revisions which ++ * don't have the fix. + */ ++ if (x86_cpu_has_min_microcode_rev(erratum_1386_microcode)) ++ return; ++ + clear_cpu_cap(c, X86_FEATURE_XSAVES); + } + +-- +cgit 1.2.3-korg + -- 2.39.2 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
