linux-6.4.7

[Bruce Dubbs]

New point version.

[Bruce Dubbs]

Now version 6.4.5.

[Bruce Dubbs]

Now version 6.4.6.

[Bruce Dubbs]

Now version 6.4.7. Three updates in four days.

[ken@…]

For those with a zen2 CPU, my understanding is that 6.4.6 includes the chicken-bit fix for retbleed, and will use that IFF the microcode has not been updated. So far, only EPYC microcode has been released and microcode for non-EPYC CPUs is not expected until later in the year (November or December for some of them).

See my post on blfs-dev re the SA 11.3-065 AMD microcode update.

That post includes links to oss-security, and where to obtain the test to see if affected.

[Bruce Dubbs]

Note for reference, the zen2 architecture is for some AMD CPUs. See ​https://en.wikipedia.org/wiki/Zen_2 for more information.

[ken@…]

The EPYC items are the higher-end Zen server CPUs, for zen2 those are apparently Rome/Castle Peak and Mendocino ​https://www.openwall.com/lists/oss-security/2023/07/25/1

The models without available firmware, according to that post, are Renoir, Lucienne, Matisse and Van Gogh. My expired PRO 4nnnG APU was a Renoir.

List of affected CPUs from Tavis's earlier post includes at least

• AMD Ryzen 3000 Series Processors
• AMD Ryzen PRO 3000 Series Processors
• AMD Ryzen Threadripper 3000 Series Processors
• AMD Ryzen 4000 Series Processors with Radeon Graphics
• AMD Ryzen PRO 4000 Series Processors
• AMD Ryzen 5000 Series Processors with Radeon Graphics
• AMD Ryzen 7020 Series Processors with Radeon Graphics
• AMD EPYC 7002 Series Processors

[ken@…]

Further thoughts for AMD zen2 users - lscpu when run on an updated kernel should report if zenbleed applies, and if so it should report whether the chicken bit or microcode is being used for the mitigation.

[Bruce Dubbs]

Fixed as a part of commit 6de383a26215753a2b0a6d2dba6956ecfd786a90

[Bruce Dubbs]

Milestone renamed