search

speed47 / spectre-meltdown-checker

Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD
3.87k stars 476 forks source link

ucode is 0x0 on FreeBSD and AMD Carrizo #496

Open vedranmiletic opened 4 months ago

vedranmiletic commented 4 months ago

Pardon my copy-paste destroying all indentation:

# fetch https://meltdown.ovh -o spectre-meltdown-checker.sh
# doas ./spectre-meltdown-checker.sh
Spectre and Meltdown mitigation detection tool v0.46+

cpucontrol: ioctl(/dev/cpuctl0, CPUCTL_WRMSR (0x8b)): Bad address
Checking for vulnerabilities on current system
Kernel is FreeBSD 14.1-RELEASE FreeBSD 14.1-RELEASE releng/14.1-n267679-10e31f0946d8 GENERIC amd64
CPU is AMD PRO A8-8600B R6, 10 Compute Cores 4C+6G

Hardware check
* Hardware support (CPU microcode) for mitigation techniques
* Indirect Branch Restricted Speculation (IBRS)
* SPEC_CTRL MSR is available:  NO
* CPU indicates IBRS capability:  NO
* CPU indicates preferring IBRS always-on:  NO
* CPU indicates preferring IBRS over retpoline:  NO
* Indirect Branch Prediction Barrier (IBPB)
* CPU indicates IBPB capability:  YES  (IBPB_SUPPORT feature bit)
* Single Thread Indirect Branch Predictors (STIBP)                                                                                                    * SPEC_CTRL MSR is available:  NO
* CPU indicates STIBP capability:  NO
* CPU indicates preferring STIBP always-on:  NO
* Speculative Store Bypass Disable (SSBD)
* CPU indicates SSBD capability:  YES  (AMD non-architectural MSR)
* L1 data cache invalidation
* CPU indicates L1D flush capability:  NO
* Selective Branch Predictor Barrier (SBPB)
* PRED_CMD MSR supports SBPB bit write:  UNKNOWN  (not allowed to write msr)
* CPU supports Transactional Synchronization Extensions (TSX):  NO
* CPU supports Software Guard Extensions (SGX):  NO
* CPU supports Special Register Buffer Data Sampling (SRBDS):  NO
* CPU microcode is known to fix Zenbleed:  NO  (required version: 0x0860010b)
* CPU microcode is known to cause stability problems:  NO  (family 0x15 model 0x60 stepping 0x1 ucode 0x0 cpuid 0x660f01 pfid 0x8)
* CPU microcode is the latest known available version:  NO  (latest version is 0x600611a dated 2018/01/26 according to builtin firmwares DB v296+i2024
0514+988c

Of course, without the correct information about the firmware version, the version is never going to be the latest. Is this fixable?