this post was submitted on 09 Aug 2023
24 points (100.0% liked)

Arch Linux

7720 readers
7 users here now

The beloved lightweight distro

founded 4 years ago
MODERATORS
[email protected]
24
Loading amd-ucode.img useless on consumer CPUs? (kbin.social)
submitted 1 year ago by [email protected] to c/[email protected]
6 comments fedilink hide all child comments
 

I read that AMD microcode from the AGESA always has a higher patch version number than the microcode supplied by the kernel. The lastest microcode version from the linux-firmware repo the latest version for family 0x19 are:

Microcode patches in microcode_amd_fam19h.bin:
Family=0x19 Model=0x01 Stepping=0x01: Patch=0x0a0011d1 Length=5568 bytes
Family=0x19 Model=0x01 Stepping=0x00: Patch=0x0a001079 Length=5568 bytes
Family=0x19 Model=0x01 Stepping=0x02: Patch=0x0a001234 Length=5568 bytes

My CPU (Ryzen 5900x) reports [ 0.579161] microcode: CPU0: patch_level=0x0a20120a, though? My BIOS is from January, the amd-ucode was update in July.

Others have come to the same observation and speculate that the linux-firmware microcode is only for Epyc. AMD in their statement about inception only talks about updating microcode via AGESA.

https://www.phoronix.com/forums/forum/phoronix/latest-phoronix-articles/1402527-amd-inception-cpu-vulnerability-disclosed?p=1402567#post1402567
https://www.phoronix.com/forums/forum/hardware/processors-memory/1349645-amd-publishes-new-family-19h-cpu-microcode?p=1349760#post1349760
https://www.reddit.com/r/archlinux/comments/hdrron/amd_microcode_not_loading/

Anyone having more information on this?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 year ago

Thx a lot for checking this, you gave me the missing part in the puzzle.

It was hard to find the actual patch increase, but the latest commit lists the current patch level:

+      - New microcodes:
+      + Family=0x17 Model=0x31 Stepping=0x00: Patch=0x0830107a Length=3200 bytes   <--- Your processor, higher patch version
+      + Family=0x17 Model=0xa0 Stepping=0x00: Patch=0x08a00008 Length=3200 bytes
+    - Updated microcodes:
+      + Family=0x17 Model=0x08 Stepping=0x02: Patch=0x0800820d Length=3200 bytes
+      + Family=0x17 Model=0x01 Stepping=0x02: Patch=0x0800126e Length=3200 bytes
+    - CVE-2023-20593

I guess that pretty much confirms the theory, AMD only rolls microcode for Epyc and there is no magic sauce why the patch version are all over the place on their consumer chips. For me, the worst thing is their lack of transparency. Guess they're justification is ridiculous and incomprehensible from a customer standpoint, otherwise they would have communicated it.

Also funny that Ubuntu 22.04 doesn't ship microcode for Zen3 and higher, why don't they backport such things?