search

speed47 / spectre-meltdown-checker

Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD
3.87k stars 476 forks source link

support for AMD Zen1 DIV0 bug CVE-2023-20588 #473

Open taggart opened 1 year ago

taggart commented 1 year ago

New hardware bug affecting AMD Zen1: "on some AMD processors a division-by-zero can potentially return speculative data"

https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7007.html

According to that it affects:

Datacenter AMD EPYC™ 7001 Processors

Desktop AMD Athlon™ 3000 Series Processors with Radeon™ Graphics AMD Ryzen™ 3000 Series Processors with Radeon™ Graphics

Mobile AMD Athlon™ PRO 3000 Series Processors with Radeon™ Vega Graphics AMD Ryzen™ PRO 3000 Series Processors with Radeon™ Vega Graphics

Here is the linux kernel mitigation https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77245f1c3c6495521f6a3af082696ee2f8ce3921

I do not know if there will be microcode mitigation for this.

Please consider adding support for detecting this. I have access to an affected CPU and can help test. Thanks

speed47 commented 1 year ago

That should be easy, as I see from the kernel commit.

If you have an affected CPU, could you run the script with -v -v -v, and paste here the line near the end where it says "To mock this CPU, set those vars"? It'll help testing by mocking your CPU on my side.

carnil commented 1 year ago

There is the followup to the orginal fix as per https://git.kernel.org/linus/f58d6fbcb7c848b7f2469be339bc571f2e9d245b

taggart commented 1 year ago

Here's the output for my AMD Ryzen 5 3400G with Radeon Vega Graphics smc-mock.txt