From fb7bfa31b8e8569f154f2fe0ea6c2f03c0f087aa Mon Sep 17 00:00:00 2001 From: Andrew Cooper Date: Wed, 26 Nov 2025 13:03:52 +0000 Subject: [PATCH 1/5] x86/cpu/amd: Correct the microcode table for Zenbleed The good revisions are tied to exact steppings, meaning it's not valid to match on model number alone, let alone a range. This is probably only a latent issue. From public microcode archives, the following CPUs exist 17-30-00, 17-60-00, 17-70-00 and would be captured by the model ranges. They're likely pre-production steppings, and likely didn't get Zenbleed microcode, but it's still incorrect to compare them to a different steppings revision. Either way, convert the logic to use x86_match_min_microcode_rev(), which is the preferred mechanism. Fixes: 522b1d69219d ("x86/cpu/amd: Add a Zenbleed fix") Signed-off-by: Andrew Cooper Signed-off-by: Ingo Molnar Cc: Borislav Petkov Cc: Mario Limonciello Cc: x86@kernel.org Link: https://patch.msgid.link/20251126130352.880424-1-andrew.cooper3@citrix.com --- arch/x86/kernel/cpu/amd.c | 30 +++++++++--------------------- 1 file changed, 9 insertions(+), 21 deletions(-) diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index bc94ff1e250a..86059f2c0fcd 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -951,26 +951,14 @@ static void init_amd_zen1(struct cpuinfo_x86 *c) } } -static bool cpu_has_zenbleed_microcode(void) -{ - u32 good_rev = 0; - - switch (boot_cpu_data.x86_model) { - case 0x30 ... 0x3f: good_rev = 0x0830107b; break; - case 0x60 ... 0x67: good_rev = 0x0860010c; break; - case 0x68 ... 0x6f: good_rev = 0x08608107; break; - case 0x70 ... 0x7f: good_rev = 0x08701033; break; - case 0xa0 ... 0xaf: good_rev = 0x08a00009; break; - - default: - return false; - } - - if (boot_cpu_data.microcode < good_rev) - return false; - - return true; -} +static const struct x86_cpu_id amd_zenbleed_microcode[] = { + ZEN_MODEL_STEP_UCODE(0x17, 0x31, 0x0, 0x0830107b), + ZEN_MODEL_STEP_UCODE(0x17, 0x60, 0x1, 0x0860010c), + ZEN_MODEL_STEP_UCODE(0x17, 0x68, 0x1, 0x08608107), + ZEN_MODEL_STEP_UCODE(0x17, 0x71, 0x0, 0x08701033), + ZEN_MODEL_STEP_UCODE(0x17, 0xa0, 0x0, 0x08a00009), + {} +}; static void zen2_zenbleed_check(struct cpuinfo_x86 *c) { @@ -980,7 +968,7 @@ static void zen2_zenbleed_check(struct cpuinfo_x86 *c) if (!cpu_has(c, X86_FEATURE_AVX)) return; - if (!cpu_has_zenbleed_microcode()) { + if (!x86_match_min_microcode_rev(amd_zenbleed_microcode)) { pr_notice_once("Zenbleed: please update your microcode for the most optimal fix\n"); msr_set_bit(MSR_AMD64_DE_CFG, MSR_AMD64_DE_CFG_ZEN2_FP_BACKUP_FIX_BIT); } else { From a2aabcfc6015b6196f161b6bf4df1519ab09c3e1 Mon Sep 17 00:00:00 2001 From: Andrew Cooper Date: Wed, 26 Nov 2025 11:34:42 +0000 Subject: [PATCH 2/5] x86/cpu/amd: Use ZEN_MODEL_STEP_UCODE() for erratum_1386_microcode[] ... to simplify the result. No functional change. Signed-off-by: Andrew Cooper Signed-off-by: Ingo Molnar Cc: Borislav Petkov Cc: Mario Limonciello Link: https://patch.msgid.link/20251126113442.877024-1-andrew.cooper3@citrix.com --- arch/x86/kernel/cpu/amd.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index 86059f2c0fcd..c04f53f43af1 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -873,8 +873,8 @@ static void init_amd_bd(struct cpuinfo_x86 *c) } static const struct x86_cpu_id erratum_1386_microcode[] = { - X86_MATCH_VFM_STEPS(VFM_MAKE(X86_VENDOR_AMD, 0x17, 0x01), 0x2, 0x2, 0x0800126e), - X86_MATCH_VFM_STEPS(VFM_MAKE(X86_VENDOR_AMD, 0x17, 0x31), 0x0, 0x0, 0x08301052), + ZEN_MODEL_STEP_UCODE(0x17, 0x01, 0x2, 0x0800126e), + ZEN_MODEL_STEP_UCODE(0x17, 0x31, 0x0, 0x08301052), {} }; From 0bc03750deefc5fdab77b01c459bb1691c64c3c5 Mon Sep 17 00:00:00 2001 From: Andrew Cooper Date: Wed, 26 Nov 2025 12:51:47 +0000 Subject: [PATCH 3/5] x86/cpu: Drop vestigial PBE logic in AMD/Hygon/Centaur/Cyrix Besides formatting changes, this logic dates back to Linux 2.4.0-test11 in November 2000. Prior to "Massive cleanup of CPU detection and bug handling", c->x86_capability was a single u32 containing cpuid(1).edx, cpuid(0x80000001).edx, or a synthesis thereof. X86_FEATURE_AMD3D was defined as the top bit this single u32. After "Massive cleanup of CPU detection and bug handling", c->x86_capability became an array with AMD's extended feature leaf split away from Intel's basic feature leaf. AMD doc #20734-G states that 3DNow is only enumerated in the extended feature leaf, and that other vendors where using this bit too. i.e. AMD never produced a CPU which set bit 31 in the basic leaf, meaning that there's nothing to clear out in the first place. This logic looks like it was relevant in the pre-"Massive cleanup" world but ought to have been dropped when c->x86_capability was properly split. Signed-off-by: Andrew Cooper Signed-off-by: Ingo Molnar Cc: H. Peter Anvin Cc: Peter Zijlstra (Intel) Cc: Dave Hansen Cc: Pu Wen Link: https://patch.msgid.link/20251126125147.880275-1-andrew.cooper3@citrix.com --- arch/x86/kernel/cpu/amd.c | 6 ------ arch/x86/kernel/cpu/centaur.c | 6 ------ arch/x86/kernel/cpu/cyrix.c | 6 ------ arch/x86/kernel/cpu/hygon.c | 6 ------ 4 files changed, 24 deletions(-) diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c index c04f53f43af1..c792c2afd849 100644 --- a/arch/x86/kernel/cpu/amd.c +++ b/arch/x86/kernel/cpu/amd.c @@ -1051,12 +1051,6 @@ static void init_amd(struct cpuinfo_x86 *c) early_init_amd(c); - /* - * Bit 31 in normal CPUID used for nonstandard 3DNow ID; - * 3DNow is IDd by bit 31 in extended CPUID (1*32+31) anyway - */ - clear_cpu_cap(c, 0*32+31); - if (c->x86 >= 0x10) set_cpu_cap(c, X86_FEATURE_REP_GOOD); diff --git a/arch/x86/kernel/cpu/centaur.c b/arch/x86/kernel/cpu/centaur.c index a3b55db35c96..c8398940b975 100644 --- a/arch/x86/kernel/cpu/centaur.c +++ b/arch/x86/kernel/cpu/centaur.c @@ -119,12 +119,6 @@ static void init_centaur(struct cpuinfo_x86 *c) u32 fcr_clr = 0; u32 lo, hi, newlo; u32 aa, bb, cc, dd; - - /* - * Bit 31 in normal CPUID used for nonstandard 3DNow ID; - * 3DNow is IDd by bit 31 in extended CPUID (1*32+31) anyway - */ - clear_cpu_cap(c, 0*32+31); #endif early_init_centaur(c); init_intel_cacheinfo(c); diff --git a/arch/x86/kernel/cpu/cyrix.c b/arch/x86/kernel/cpu/cyrix.c index dfec2c61e354..8f22085c4dd2 100644 --- a/arch/x86/kernel/cpu/cyrix.c +++ b/arch/x86/kernel/cpu/cyrix.c @@ -195,12 +195,6 @@ static void init_cyrix(struct cpuinfo_x86 *c) char *buf = c->x86_model_id; const char *p = NULL; - /* - * Bit 31 in normal CPUID used for nonstandard 3DNow ID; - * 3DNow is IDd by bit 31 in extended CPUID (1*32+31) anyway - */ - clear_cpu_cap(c, 0*32+31); - /* Cyrix used bit 24 in extended (AMD) CPUID for Cyrix MMX extensions */ if (test_cpu_cap(c, 1*32+24)) { clear_cpu_cap(c, 1*32+24); diff --git a/arch/x86/kernel/cpu/hygon.c b/arch/x86/kernel/cpu/hygon.c index 1fda6c3a2b65..7f95a74e4c65 100644 --- a/arch/x86/kernel/cpu/hygon.c +++ b/arch/x86/kernel/cpu/hygon.c @@ -174,12 +174,6 @@ static void init_hygon(struct cpuinfo_x86 *c) early_init_hygon(c); - /* - * Bit 31 in normal CPUID used for nonstandard 3DNow ID; - * 3DNow is IDd by bit 31 in extended CPUID (1*32+31) anyway - */ - clear_cpu_cap(c, 0*32+31); - set_cpu_cap(c, X86_FEATURE_REP_GOOD); /* From 18fe1f58623f8c1fddd21a3d044d668ba9d8b0a9 Mon Sep 17 00:00:00 2001 From: Randy Dunlap Date: Mon, 5 Jan 2026 17:47:08 -0800 Subject: [PATCH 4/5] x86/cpu: Drop unused Kconfig symbol X86_P6_NOP This symbol was removed in early 2025 but 2 dangling references to it were missed. Delete them now. It should be safe to drop the -mtune=generic32 option since gcc 4.3 and later do not cause the problem (see 28f7e66fc1da ("x86: prevent binutils from being "smart" and generating NOPLs for us")). Also, Arnd confirmed this with gcc-8 and gcc-15 (see Link:). Fixes: f388f60ca904 ("x86/cpu: Drop configuration options for early 64-bit CPUs") Signed-off-by: Randy Dunlap Signed-off-by: Dave Hansen Reviewed-by: Nikolay Borisov Link: https://patch.msgid.link/20260106014708.991447-1-rdunlap@infradead.org Link: https://lore.kernel.org/all/c0f0814a-8333-49e1-8e50-740e4c88d94b@app.fastmail.com/ --- arch/x86/Kconfig.cpufeatures | 2 +- arch/x86/Makefile_32.cpu | 6 ------ 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/arch/x86/Kconfig.cpufeatures b/arch/x86/Kconfig.cpufeatures index 733d5aff2456..b435952249a0 100644 --- a/arch/x86/Kconfig.cpufeatures +++ b/arch/x86/Kconfig.cpufeatures @@ -38,7 +38,7 @@ config X86_REQUIRED_FEATURE_ALWAYS config X86_REQUIRED_FEATURE_NOPL def_bool y - depends on X86_64 || X86_P6_NOP + depends on X86_64 config X86_REQUIRED_FEATURE_CX8 def_bool y diff --git a/arch/x86/Makefile_32.cpu b/arch/x86/Makefile_32.cpu index af7de9a42752..a3dda95e47f4 100644 --- a/arch/x86/Makefile_32.cpu +++ b/arch/x86/Makefile_32.cpu @@ -42,9 +42,3 @@ cflags-$(CONFIG_MGEODE_LX) += $(call cc-option,-march=geode,-march=pentium-mmx) # add at the end to overwrite eventual tuning options from earlier # cpu entries cflags-$(CONFIG_X86_GENERIC) += $(call tune,generic,$(call tune,i686)) - -# Bug fix for binutils: this option is required in order to keep -# binutils from generating NOPL instructions against our will. -ifneq ($(CONFIG_X86_P6_NOP),y) -cflags-y += $(call cc-option,-Wa$(comma)-mtune=generic32,) -endif From f8c7600d468bdb6e44ed3b3247c6e53f5be5d8de Mon Sep 17 00:00:00 2001 From: Nikolay Borisov Date: Wed, 12 Nov 2025 21:05:48 +0200 Subject: [PATCH 5/5] x86/tsx: Set default TSX mode to auto At SUSE we've been releasing our kernels with TSX enabled for the past 6 years and some customers have started to rely on it. Furthermore, the last known vulnerability concerning TSX was TAA (CVE-2019-11135) and a significant amount time has passed since then without anyone reporting any issues. Intel has released numerous processors which do not have the TAA vulnerability (Cooper/Ice Lake, Sapphire/Emerald/Granite Rappids) yet TSX remains being disabled by default. The main aim of this patch is to reduce the divergence between SUSE's configuration and the upstream by switching the default TSX mode to auto. I believe this strikes the right balance between keeping it enabled where appropriate (i.e every machine which doesn't contain the TAA vulnerability) and disabling it preventively. Signed-off-by: Nikolay Borisov Signed-off-by: Dave Hansen Link: https://patch.msgid.link/20251112190548.750746-1-nik.borisov@suse.com --- arch/x86/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig index 80527299f859..f1c98a973fcd 100644 --- a/arch/x86/Kconfig +++ b/arch/x86/Kconfig @@ -1816,7 +1816,7 @@ config ARCH_PKEY_BITS choice prompt "TSX enable mode" depends on CPU_SUP_INTEL - default X86_INTEL_TSX_MODE_OFF + default X86_INTEL_TSX_MODE_AUTO help Intel's TSX (Transactional Synchronization Extensions) feature allows to optimize locking protocols through lock elision which