Comment 0 for bug 1774082

[Impact]

AMD has recently updated the microcode in the linux-firmware tree for family 17h processors to address Spectre variant 2. The Trusty 3.13 kernel cannot load the microcode because it is missing a backport of upstream patch f4e9b7af0cd58dd039a0fb2cd67d57cea4889abf which leaves AMD machines vulnerable.

[Test Case]

Test must be done on a 17h family processor:

1) Take note of the microcode version before applying updated microcode:

 $ sudo cat /sys/devices/system/cpu/cpu0/microcode/version
 0x8001227

2) Get updated amd64-microcode package from the Ubuntu Security Team. Install it and reboot machine.

3) Verify that the microcode version has changed.

[Regression Potential]

The regression potential to the kernel revolves around the fact that the IBRS/IBPB implementation in the 3.13 kernel may not have been put through its paces yet due to a lack of available microcode updates. There could be a latent bug present that is uncovered.