#18525 closed bug (fixed)

Patch Haiku for AMD "Zenbleed" vulnerability

Reported by: waddlesplash Owned by: nobody
Priority: normal Milestone: R1/beta5
Component: System/Kernel Version: R1/beta4
Keywords: Cc:
Blocked By: Blocking:
Platform: All

Description

https://lock.cmpxchg8b.com/zenbleed.html

For once, this looks like a CPU vulnerability we can tackle in a reasonable amount of time without much work:

  1. Add chicken bits to the "errata patcher". Here's how Linux does it: https://github.com/torvalds/linux/commit/522b1d69219d8f083173819fde04f994aa051a98
  1. Add loading of microcode from packages. (We currently try to load it from non-packaged in the bootloader, instead of the intel or amd microcode packages from HaikuPorts.)
  1. Update the microcode package at HaikuPorts.

Change History (6)

comment:1 by waddlesplash, 17 months ago

Loading a package other than the main "Haiku" one in the bootloader can be done through this function: https://xref.landonf.org/source/xref/haiku/src/system/boot/loader/file_systems/packagefs/packagefs.cpp#841

comment:2 by waddlesplash, 17 months ago

And microcode loading was added/modified here: https://review.haiku-os.org/c/haiku/+/5858

comment:3 by korli, 17 months ago

Easy path: The microcode package could copy the microcode in non-packaged on post-install.

comment:4 by waddlesplash, 17 months ago

Yes, but it'd be better to just load the microcode package directly from the bootloader.

comment:6 by korli, 17 months ago

Milestone: UnscheduledR1/beta5
Resolution: fixed
Status: newclosed

Merged in hrev57187

Note: See TracTickets for help on using tickets.