1 |
> Then I came across this old message regarding Piledriver CPUs: |
2 |
> |
3 |
> https://lists.debian.org/debian-security/2016/03/msg00084.html |
4 |
> |
5 |
> The post refers to model 2 of cpu family 21. Not all models in the same |
6 |
> family, only model 2. So I am thinking although patch files are named per |
7 |
> CPU |
8 |
> family, whether they are applicable and applied as an update to the CPU is |
9 |
> probably determined by the particular CPU *model*. Logically, errata in |
10 |
> previous CPU revisions may have been fixed in later models of the same |
11 |
> family |
12 |
> and therefore such microcode updates would not be needed. When offered by |
13 |
> the |
14 |
> OS the CPU won't select to have them applied. |
15 |
> |
16 |
> This explains why my AMD models, which are later revisions of the same 15h |
17 |
> family do not apply any microcode updates - they don't need them. |
18 |
> |
19 |
> Please share if you know differently and thank you all for your responses. |
20 |
|
21 |
|
22 |
Sounds reasonable, but the 15h code was updated mid 2018, so unless the cpu |
23 |
or BIOS update is from after then, i would be concerned. |
24 |
|
25 |
If your APUs return similar to this then then there's nothing to worry about |
26 |
|
27 |
# grep . /sys/devices/system/cpu/vulnerabilities/* |
28 |
/sys/devices/system/cpu/vulnerabilities/l1tf:Not affected |
29 |
/sys/devices/system/cpu/vulnerabilities/mds:Not affected |
30 |
/sys/devices/system/cpu/vulnerabilities/meltdown:Not affected |
31 |
/sys/devices/system/cpu/vulnerabilities/spec_store_bypass:Mitigation: |
32 |
Speculative Store Bypass disabled via prctl and seccomp |
33 |
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user |
34 |
pointer sanitization |
35 |
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full AMD |
36 |
retpoline, IBPB: conditional, STIBP: disabled, RSB filling |