[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 4/5] x86/ucode: Refine the boundary checks for Entrysign

  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
  • Date: Tue, 28 Oct 2025 10:34:17 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Prx8kLN4zWglObsnj9lz6bK/pgryNEMwHIOFL99GAYU=; b=Hd/wyw6k+aW8VJlSWGq3AG0vL2zgVkItA7+Ff2vau2UjWit6N2dMG/8e1O6vxSI48ZjIE8ut4eYv7ziwOB84DmLNg8ycunaik86kn4KeBpbVxWEKrjieoOaB7Q6WuFC5U4PVUV63cygFTrsYGU/G/QiZz4I6pD/IaJoih2E1qrIoOeDh7BSXj/i8OtyEPiVzQacxYB+uRqXSJhC/CAl9ROSrcLCd/hcePJf6vu+tUylXSr9zQyG4Zu7avkm5y65AAtQnaXe9cE1SfDqU8u5bf0G+ldlrLoTV0temzdXcCk/ghDXWq2IvHUa/hS1+EAQQ64+ZGK2lvwCDrRZHaf0Miw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=VDwurNxWmTo+GS0xMEYX7E3hNlsJbL6CJKyRQXxzEYegttPX6SIL/+8dVRgDm4E4OWgyyjbXjFK3EmI6cvRlw3UJw/QoWRwnf2eBWRFXLRakPOjAp2TuVMmL92MxAPiwWbEF8yM4OeJW8bOTKSt7oV9pumqQB0+cl4GmZ/l8LIIB8MM2HP9DGnBgqp0Uz9l1kN9cZE1/gCS20gFEnMOu2Vgi+IlXQjgKTSqw3lCykJjhNIjt+FI25KufXH1l4CsJlB8W+T3/7bomL45+csD6DTBmYPuJza3P8ev1LwB+XHlMN0QtffOegr+/QT5CYrRespJ3oqcBJxt2OY2E+XZhSg==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
  • Cc: Roger Pau Monné <roger.pau@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Tue, 28 Oct 2025 10:34:49 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 28/10/2025 9:32 am, Jan Beulich wrote:
> On 27.10.2025 23:17, Andrew Cooper wrote:
>> After initial publication, the SB-7033 / CVE-2024-36347 bulletin was updated
>> to list Zen5 CPUs as vulnerable.  Use Fam1ah as an upper bound, and adjust 
>> the
>> command line documentation.
>>
>> When the Zen6 (also Fam1ah processors) model numbers are known, they'll want
>> excluding from the family ranges.
> I.e. we're firmly promised the problem won't be there anymore going forward?

This is what I hear from AMD, yes.

>
>> Fixes: 630e8875ab36 ("x86/ucode: Perform extra SHA2 checks on AMD Fam17h/19h 
>> microcode")
>> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> Acked-by: Jan Beulich <jbeulich@xxxxxxxx>
>

Thanks.

~Andrew

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.