[tip: x86/urgent] x86/CPU/AMD: Add RDSEED fix for Zen5 - Linux-stable-mirror

28 Oct 2025

The following commit has been merged into the x86/urgent branch of tip:
Commit-ID:     607b9fb2ce248cc5b633c5949e0153838992c152
Gitweb:        https://git.kernel.org/tip/607b9fb2ce248cc5b633c5949e0153838992c152
Author:        Gregory Price gourry@gourry.net
AuthorDate:    Mon, 20 Oct 2025 11:13:55 +02:00
Committer:     Borislav Petkov (AMD) bp@alien8.de
CommitterDate: Tue, 28 Oct 2025 12:37:49 +01:00
x86/CPU/AMD: Add RDSEED fix for Zen5
There's an issue with RDSEED's 16-bit and 32-bit register output
variants on Zen5 which return a random value of 0 "at a rate inconsistent
with randomness while incorrectly signaling success (CF=1)". Search the
web for AMD-SB-7055 for more detail.
Add a fix glue which checks microcode revisions.
[ bp: Add microcode revisions checking, rewrite. ]
Cc: stable@vger.kernel.org
Signed-off-by: Gregory Price gourry@gourry.net
Signed-off-by: Borislav Petkov (AMD) bp@alien8.de
Link: https://lore.kernel.org/r/20251018024010.4112396-1-gourry@gourry.net
---
 arch/x86/kernel/cpu/amd.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/arch/x86/kernel/cpu/amd.c b/arch/x86/kernel/cpu/amd.c
index ccaa51c..bc29be6 100644
--- a/arch/x86/kernel/cpu/amd.c
+++ b/arch/x86/kernel/cpu/amd.c
@@ -1035,8 +1035,18 @@ static void init_amd_zen4(struct cpuinfo_x86 *c)
    }
 }
+static const struct x86_cpu_id zen5_rdseed_microcode[] = {
+	ZEN_MODEL_STEP_UCODE(0x1a, 0x02, 0x1, 0x0b00215a),
+	ZEN_MODEL_STEP_UCODE(0x1a, 0x11, 0x0, 0x0b101054),
+};
+
 static void init_amd_zen5(struct cpuinfo_x86 *c)
 {
+	if (!x86_match_min_microcode_rev(zen5_rdseed_microcode)) {
+		clear_cpu_cap(c, X86_FEATURE_RDSEED);
+		msr_clear_bit(MSR_AMD64_CPUID_FN_7, 18);
+		pr_emerg_once("RDSEED32 is broken. Disabling the corresponding CPUID bit.\n");
+	}
 }
static void init_amd(struct cpuinfo_x86 *c)

    