2019. április 6., szombat 12:34:31 UTC időpontban awokd a következőt írta: > dm1.libe...@gmail.com wrote on 4/6/19 7:14 AM: > > > This issue is due to a xen patch ("Fix resume, when using microcode > > upgrade"), that has been included when releases changed from xen-4.8.3-4 to > > xen-4.8.3-5. This patch checks the availability of previous CPU features > > (..Spectre) during resume, and results in a xen panic on G505s - IMHO due > > to the static nature how the most recent (0x600111f) AMD microcodes need to > > be compiled in Corebooted systems. > > It is no use to revert the whole patch, because it'll break the other xen > > patches introduced since. But you can: > > > > diff -ur a/xen/arch/x86/acpi/power.c b/xen/arch/x86/acpi/power.c > > --- a/xen/arch/x86/acpi/power.c 2019-03-31 > > +++ b/xen/arch/x86/acpi/power.c 2019-03-31 > > @@ -256,9 +256,9 @@ > > > > microcode_resume_cpu(0); > > > > - if ( !recheck_cpu_features(0) ) > > +/* if ( !recheck_cpu_features(0) ) > > panic("Missing previously available feature(s)."); > > - > > +*/ > > /* Re-enabled default NMI/#MC use of MSR_SPEC_CTRL. */ > > ci->spec_ctrl_flags |= (default_spec_ctrl_flags & SCF_ist_wrmsr); > > spec_ctrl_exit_idle(ci); > > > > have this workaround, which solves the issue until someone provides a > > working solution on CB'd systems with AMD Fam15h. (..and also assesses the > > possible security impacts...) > > Of course you'll need to recompile git:qubes-vmm-xen, but that is > > straightforward. > > There could be some strange kernel messages in dom0 after resume, and you > > might have issues in sys-net devices waking up, but this mostly works fine > > (with kernel 4.14.103 --> kernels 4.19-xx still have issues with the radeon > > module) > > > > Thank you, I will definitely try it out and report back here! Any idea > if someone has submitted upstream to Xen? Seems like it would be an > issue with any Corebooted AMD AGESA system since they all handle > microcode the same way.
I haven't seen this, and also could be wrong about the root cause... What I found is that kernels without Xen are not affected (resume OK), however stock kernels with xen (Fedora, Ubuntu...) even up-to the latest stable Xen-4.11.x have this issue. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to firstname.lastname@example.org. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5cef8a3f-42ec-48fc-9e89-fade0e3ed250%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.