[pve-devel] [PATCH kernel 1/1] cherry-pick improved erratum 1386 workaround
Folke Gleumes
f.gleumes at proxmox.com
Mon Apr 15 14:56:49 CEST 2024
The original fix disabled the xsaves feature for zen1/2. The issue has
since been fixed in the cpus microcode and this patch keeps the feature enabled
if the microcode version is recent enough to contain the fix.
Signed-off-by: Folke Gleumes <f.gleumes at proxmox.com>
---
Tested this on an AMD Epyc 7302P v2.
...-improve-the-erratum-1386-workaround.patch | 82 +++++++++++++++++++
1 file changed, 82 insertions(+)
create mode 100644 patches/kernel/0013-improve-the-erratum-1386-workaround.patch
diff --git a/patches/kernel/0013-improve-the-erratum-1386-workaround.patch b/patches/kernel/0013-improve-the-erratum-1386-workaround.patch
new file mode 100644
index 0000000..969c10c
--- /dev/null
+++ b/patches/kernel/0013-improve-the-erratum-1386-workaround.patch
@@ -0,0 +1,82 @@
+From 29ba89f1895285f06c333546882e0c5ae9a6df23 Mon Sep 17 00:00:00 2001
+From: "Borislav Petkov (AMD)" <bp at alien8.de>
+Date: Sun, 24 Mar 2024 20:51:35 +0100
+Subject: x86/CPU/AMD: Improve the erratum 1386 workaround
+
+Disable XSAVES only on machines which haven't loaded the microcode
+revision containing the erratum fix.
+
+This will come in handy when running archaic OSes as guests. OSes whose
+brilliant programmers thought that CPUID is overrated and one should not
+query it but use features directly, ala shoot first, ask questions
+later... but only if you're alive after the shooting.
+
+Signed-off-by: Borislav Petkov (AMD) <bp at alien8.de>
+Tested-by: "Maciej S. Szmigiero" <maciej.szmigiero at oracle.com>
+Cc: Boris Ostrovsky <boris.ostrovsky at oracle.com>
+Link: https://lore.kernel.org/r/20240324200525.GBZgCHhYFsBj12PrKv@fat_crate.local
+---
+ arch/x86/include/asm/cpu_device_id.h | 8 ++++++++
+ arch/x86/kernel/cpu/amd.c | 12 ++++++++++++
+ 2 files changed, 20 insertions(+)
+
+diff --git a/arch/x86/include/asm/cpu_device_id.h b/arch/x86/include/asm/cpu_device_id.h
+index eb8fcede9e3bf4..bf4e065cf1e2fc 100644
+--- a/arch/x86/include/asm/cpu_device_id.h
++++ b/arch/x86/include/asm/cpu_device_id.h
+@@ -190,6 +190,14 @@ struct x86_cpu_desc {
+ .x86_microcode_rev = (revision), \
+ }
+
++#define AMD_CPU_DESC(fam, model, stepping, revision) { \
++ .x86_family = (fam), \
++ .x86_vendor = X86_VENDOR_AMD, \
++ .x86_model = (model), \
++ .x86_stepping = (stepping), \
++ .x86_microcode_rev = (revision), \
++}
++
+ extern const struct x86_cpu_id *x86_match_cpu(const struct x86_cpu_id *match);
+ extern bool x86_cpu_has_min_microcode_rev(const struct x86_cpu_desc *table);
+
+diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
+index 6d8677e80ddbb1..873f0fdc2ef8a4 100644
+--- a/arch/x86/kernel/cpu/amd.c
++++ b/arch/x86/kernel/cpu/amd.c
+@@ -13,6 +13,7 @@
+ #include <asm/apic.h>
+ #include <asm/cacheinfo.h>
+ #include <asm/cpu.h>
++#include <asm/cpu_device_id.h>
+ #include <asm/spec-ctrl.h>
+ #include <asm/smp.h>
+ #include <asm/numa.h>
+@@ -802,6 +803,11 @@ static void init_amd_bd(struct cpuinfo_x86 *c)
+ clear_rdrand_cpuid_bit(c);
+ }
+
++static const struct x86_cpu_desc erratum_1386_microcode[] = {
++ AMD_CPU_DESC(0x17, 0x1, 0x2, 0x0800126e),
++ AMD_CPU_DESC(0x17, 0x31, 0x0, 0x08301052),
++};
++
+ static void fix_erratum_1386(struct cpuinfo_x86 *c)
+ {
+ /*
+@@ -811,7 +817,13 @@ static void fix_erratum_1386(struct cpuinfo_x86 *c)
+ *
+ * Affected parts all have no supervisor XSAVE states, meaning that
+ * the XSAVEC instruction (which works fine) is equivalent.
++ *
++ * Clear the feature flag only on microcode revisions which
++ * don't have the fix.
+ */
++ if (x86_cpu_has_min_microcode_rev(erratum_1386_microcode))
++ return;
++
+ clear_cpu_cap(c, X86_FEATURE_XSAVES);
+ }
+
+--
+cgit 1.2.3-korg
+
--
2.39.2
More information about the pve-devel
mailing list