Fixing AMD Zen 4 Linux Security Bug
Phoronix reports that a fresh new bug fix designed specifically for AMD Zen 4 central processing units (CPUs) has been recently included into version 6.6 of the Linux operating system. A problem that might have caused undefined instruction exceptions on Zen 4 chips in the case that Single Threaded Indirect Branch Predictors (STIBP) were disabled has been fixed by the patch. The problem was caused by the fact that the STIBP option was turned off. In addition, the remedy for the vulnerability, which is referred to as Erratum #1485, will be back-ported to previously stable versions of the Linux kernel.
Because Zen 4’s branch prediction capabilities contain the STIBP feature, sharing of branch prediction is restricted to one physical core in addition to any logical cores that are being exploited in conjunction with the physical core (i.e., SMT/HyperThreading). The Spectre Variant Two protections have been improved with the addition of STIBP, which has been integrated into Zen 4’s default security mitigations. These improvements were made possible by the Zen 4 update.
Because it is critical to the safety systems of the CPU, Zen 4 chips will automatically enable this feature when they are first installed. This is because it is crucial to the CPU’s security mechanisms. Nevertheless, turning on STIBP might have a negative impact on performance, much as turning on other CPU security mitigations that are functionally comparable to STIBP. When there is less of a need for users to be concerned about their security, users have the option to recoup some of their lost speed by deactivating STIBP.
AMD Zen 4 Linux security update
To restate, the bug patch is only necessary to remedy issues that occur when STIBP is deactivated, not when it is enabled. This is because these issues do not arise when STIBP is enabled. As STIBP is enabled by default on Zen 4, it is expected that the vast majority of users will not encounter any problems.
The only people who are negatively impacted by this are the relatively few people who are actively working to deactivate STIBP. When instructions are being processed by a central processing unit (CPU), there is always the chance of indirect instruction exception problems developing. These can bring about issues and corruption in much the same manner as unstable CPU overclocks can bring about difficulties and corruption.
This STIBP patch will also make its way to older stable kernel versions, according to Phononix; however, the publication did not explain when this will take place. There is a chance that this issue will also have an effect on other operating systems; however, up to this point, we have not been made aware of any major issues that have been affecting Windows.
[…] was just a few hours ago that new graphics driver code for Linux was discovered. This code looks to give early support for an AMD RDNA 3 Refresh. According to […]