diff options
author | pmikus <pmikus@cisco.com> | 2020-09-23 10:48:29 +0000 |
---|---|---|
committer | Peter Mikus <pmikus@cisco.com> | 2020-10-14 11:36:42 +0000 |
commit | aad45d97721bb9b054681914c92f125123fba05a (patch) | |
tree | be3093eab1731a82f1de3e9e28aecf3b51d1bf2e /docs | |
parent | ef9bab0a1b87871a8365e766a19971f0ec0b7ed8 (diff) |
Spec: EPYC zn2
Signed-off-by: pmikus <pmikus@cisco.com>
Change-Id: I2dd5602c129f3145ee6aa577929afdd5c2815fcd
Diffstat (limited to 'docs')
-rw-r--r-- | docs/lab/testbeds_sm_zn2_hw_bios_cfg.md | 634 | ||||
-rw-r--r-- | docs/report/introduction/test_environment_sut_calib_zn2.rst | 118 | ||||
-rw-r--r-- | docs/report/introduction/test_environment_sut_meltspec_zn2.rst | 331 |
3 files changed, 1083 insertions, 0 deletions
diff --git a/docs/lab/testbeds_sm_zn2_hw_bios_cfg.md b/docs/lab/testbeds_sm_zn2_hw_bios_cfg.md new file mode 100644 index 0000000000..6e274da971 --- /dev/null +++ b/docs/lab/testbeds_sm_zn2_hw_bios_cfg.md @@ -0,0 +1,634 @@ +# SuperMicro Cascadelake Servers - HW and BIOS Configuration + +1. [Linux lscpu](#linux-lscpu) +1. [Linux dmidecode](#dmidecode) +1. [Linux dmidecode pci](#linux-dmidecode-pci) +1. [Linux dmidecode memory](#linux-dmidecode-memory) +1. [EPYC zn2 Server BIOS Configuration](#epyc-zn2-server-bios-configuration) + 1. [Boot Feature](#boot-feature) + 1. [CPU Configuration](#cpu-configuration) + 1. [Advanced Power Management Configuration](#advanced-power-management-configuration) + 1. [CPU P State Control](#cpu-p-state-control) + 1. [Hardware PM State Control](#hardware-pm-state-control) + 1. [CPU C State Control](#cpu-c-state-control) + 1. [Package C State Control](#package-c-state-control) + 1. [CPU T State Control](#cpu-t-state-control) + 1. [Chipset Configuration](#chipset-configuration) + 1. [North Bridge](#north-bridge) + 1. [UPI Configuration](#upi-configuration) + 1. [Memory Configuration](#memory-configuration) + 1. [IIO Configuration](#iio-configuration) + 1. [CPU1 Configuration](#cpu1-configuration) + 1. [CPU2 Configuration](#cpu2-configuration) + 1. [South Bridge](#south-bridge) + 1. [PCIe/PCI/PnP Configuration](#pciepcipnp-configuration) + 1. [ACPI Settings](#acpi-settings) +1. [EPYC zn2 Server Firmware Inventory](#epyc-zn2-server-firmware-inventory) + +## Linux lscpu + +``` +$ lscpu +Architecture: x86_64 +CPU op-mode(s): 32-bit, 64-bit +Byte Order: Little Endian +CPU(s): 64 +On-line CPU(s) list: 0-63 +Thread(s) per core: 2 +Core(s) per socket: 32 +Socket(s): 1 +NUMA node(s): 2 +Vendor ID: AuthenticAMD +CPU family: 23 +Model: 49 +Model name: AMD EPYC 7532 32-Core Processor +Stepping: 0 +CPU MHz: 1981.470 +CPU max MHz: 2400.0000 +CPU min MHz: 1500.0000 +BogoMIPS: 4800.05 +Virtualization: AMD-V +L1d cache: 32K +L1i cache: 32K +L2 cache: 512K +L3 cache: 16384K +NUMA node0 CPU(s): 0-15,32-47 +NUMA node1 CPU(s): 16-31,48-63 +Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid extd_apicid aperfmperf pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate sme ssbd ibrs ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif umip rdpid overflow_recov succor smca +``` + +``` +$ lscpu +Architecture: x86_64 +CPU op-mode(s): 32-bit, 64-bit +Byte Order: Little Endian +CPU(s): 64 +On-line CPU(s) list: 0-63 +Thread(s) per core: 2 +Core(s) per socket: 32 +Socket(s): 1 +NUMA node(s): 2 +Vendor ID: AuthenticAMD +CPU family: 23 +Model: 49 +Model name: AMD EPYC 7532 32-Core Processor +Stepping: 0 +CPU MHz: 1981.470 +CPU max MHz: 2400.0000 +CPU min MHz: 1500.0000 +BogoMIPS: 4800.05 +Virtualization: AMD-V +L1d cache: 32K +L1i cache: 32K +L2 cache: 512K +L3 cache: 16384K +NUMA node0 CPU(s): 0-15,32-47 +NUMA node1 CPU(s): 16-31,48-63 +Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid extd_apicid aperfmperf pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 x2apic movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb cat_l3 cdp_l3 hw_pstate sme ssbd ibrs ibpb stibp vmmcall fsgsbase bmi1 avx2 smep bmi2 cqm rdt_a rdseed adx smap clflushopt clwb sha_ni xsaveopt xsavec xgetbv1 xsaves cqm_llc cqm_occup_llc cqm_mbm_total cqm_mbm_local clzero irperf xsaveerptr arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif umip rdpid overflow_recov succor smca +``` + +## Linux dmidecode + +``` + $ dmidecode -t slot + Handle 0x0026, DMI type 7, 27 bytes + Cache Information + Socket Designation: L1 Cache + Configuration: Enabled, Not Socketed, Level 1 + Operational Mode: Write Back + Location: Internal + Installed Size: 2048 kB + Maximum Size: 2048 kB + Supported SRAM Types: + Pipeline Burst + Installed SRAM Type: Pipeline Burst + Speed: 1 ns + Error Correction Type: Multi-bit ECC + System Type: Unified + Associativity: 8-way Set-associative + + Handle 0x0027, DMI type 7, 27 bytes + Cache Information + Socket Designation: L2 Cache + Configuration: Enabled, Not Socketed, Level 2 + Operational Mode: Write Back + Location: Internal + Installed Size: 16384 kB + Maximum Size: 16384 kB + Supported SRAM Types: + Pipeline Burst + Installed SRAM Type: Pipeline Burst + Speed: 1 ns + Error Correction Type: Multi-bit ECC + System Type: Unified + Associativity: 8-way Set-associative + + Handle 0x0028, DMI type 7, 27 bytes + Cache Information + Socket Designation: L3 Cache + Configuration: Enabled, Not Socketed, Level 3 + Operational Mode: Write Back + Location: Internal + Installed Size: 262144 kB + Maximum Size: 262144 kB + Supported SRAM Types: + Pipeline Burst + Installed SRAM Type: Pipeline Burst + Speed: 1 ns + Error Correction Type: Multi-bit ECC + System Type: Unified + Associativity: 16-way Set-associative + + Handle 0x0029, DMI type 4, 48 bytes + Processor Information + Socket Designation: CPU + Type: Central Processor + Family: Zen + Manufacturer: Advanced Micro Devices, Inc. + ID: 10 0F 83 00 FF FB 8B 17 + Signature: Family 23, Model 49, Stepping 0 + Flags: + FPU (Floating-point unit on-chip) + VME (Virtual mode extension) + DE (Debugging extension) + PSE (Page size extension) + TSC (Time stamp counter) + MSR (Model specific registers) + PAE (Physical address extension) + MCE (Machine check exception) + CX8 (CMPXCHG8 instruction supported) + APIC (On-chip APIC hardware supported) + SEP (Fast system call) + MTRR (Memory type range registers) + PGE (Page global enable) + MCA (Machine check architecture) + CMOV (Conditional move instruction supported) + PAT (Page attribute table) + PSE-36 (36-bit page size extension) + CLFSH (CLFLUSH instruction supported) + MMX (MMX technology supported) + FXSR (FXSAVE and FXSTOR instructions supported) + SSE (Streaming SIMD extensions) + SSE2 (Streaming SIMD extensions 2) + HTT (Multi-threading) + Version: AMD EPYC 7532 32-Core Processor + Voltage: 1.1 V + External Clock: 100 MHz + Max Speed: 3300 MHz + Current Speed: 2400 MHz + Status: Populated, Enabled + Upgrade: Socket SP3 + L1 Cache Handle: 0x0026 + L2 Cache Handle: 0x0027 + L3 Cache Handle: 0x0028 + Serial Number: Unknown + Asset Tag: Unknown + Part Number: Unknown + Core Count: 32 + Core Enabled: 32 + Thread Count: 64 + Characteristics: + 64-bit capable + Multi-Core + Hardware Thread + Execute Protection + Enhanced Virtualization + Power/Performance Control +``` + +## Linux dmidecode pci + +``` + $ dmidecode -t slot + Getting SMBIOS data from sysfs. + SMBIOS 3.2.0 present. + # SMBIOS implementations newer than version 3.1.1 are not + # fully supported by this version of dmidecode. + + Handle 0x000A, DMI type 9, 17 bytes + System Slot Information + Designation: M.2-HC1 CPU PCI-E 4.0 X4/X2 + Type: x4 PCI Express 3 x4 + Current Usage: Available + Length: Short + ID: 1 + Characteristics: + 3.3 V is provided + Opening is shared + PME signal is supported + Bus Address: 0000:ff:00.0 + + Handle 0x000B, DMI type 9, 17 bytes + System Slot Information + Designation: M.2-HC2 CPU PCI-E 4.0 X2 + Type: x2 PCI Express 3 x2 + Current Usage: Available + Length: Short + ID: 2 + Characteristics: + 3.3 V is provided + Opening is shared + PME signal is supported + Bus Address: 0000:ff:00.0 + + Handle 0x0042, DMI type 9, 17 bytes + System Slot Information + Designation: RSC-W-66G4 SLOT1 PCI-E 4.0 X16 + Type: x16 PCI Express 3 x16 + Current Usage: In Use + Length: Long + ID: 1 + Characteristics: + 3.3 V is provided + PME signal is supported + Bus Address: 0000:41:00.0 + + Handle 0x0043, DMI type 9, 17 bytes + System Slot Information + Designation: RSC-W-66G4 SLOT2 PCI-E 4.0 X16 + Type: x16 PCI Express 3 x16 + Current Usage: In Use + Length: Long + ID: 2 + Characteristics: + 3.3 V is provided + PME signal is supported + Bus Address: 0000:81:00.0 + + Handle 0x0045, DMI type 9, 17 bytes + System Slot Information + Designation: RSC-WR-6 SLOT1 PCI-E 4.0 X16 + Type: x16 PCI Express 3 x16 + Current Usage: In Use + Length: Long + ID: 1 + Characteristics: + 3.3 V is provided + PME signal is supported + Bus Address: 0000:01:00.0 + +``` + +## Linux dmidecode memory + +``` + $ dmidecode -t memory + # dmidecode 3.1 + Getting SMBIOS data from sysfs. + SMBIOS 3.2.0 present. + # SMBIOS implementations newer than version 3.1.1 are not + # fully supported by this version of dmidecode. + + Handle 0x0023, DMI type 16, 23 bytes + Physical Memory Array + Location: System Board Or Motherboard + Use: System Memory + Error Correction Type: Multi-bit ECC + Maximum Capacity: 2 TB + Error Information Handle: 0x0022 + Number Of Devices: 8 + + Handle 0x002B, DMI type 17, 84 bytes + Memory Device + Array Handle: 0x0023 + Error Information Handle: 0x002A + Total Width: 72 bits + Data Width: 64 bits + Size: 32 GB + Form Factor: DIMM + Set: None + Locator: DIMMA1 + Bank Locator: P0_Node0_Channel0_Dimm0 + Type: DDR4 + Type Detail: Synchronous Registered (Buffered) + Speed: 3200 MT/s + Manufacturer: SK Hynix + Serial Number: 431E9216 + Asset Tag: P1-DIMMA1_AssetTag (date:19/00) + Part Number: HMA84GR7CJR4N-XN + Rank: 2 + Configured Clock Speed: 3200 MT/s + Minimum Voltage: 1.2 V + Maximum Voltage: 1.2 V + Configured Voltage: 1.2 V + + Handle 0x002E, DMI type 17, 84 bytes + Memory Device + Array Handle: 0x0023 + Error Information Handle: 0x002D + Total Width: 72 bits + Data Width: 64 bits + Size: 32 GB + Form Factor: DIMM + Set: None + Locator: DIMMB1 + Bank Locator: P0_Node0_Channel1_Dimm0 + Type: DDR4 + Type Detail: Synchronous Registered (Buffered) + Speed: 3200 MT/s + Manufacturer: SK Hynix + Serial Number: 431E91D2 + Asset Tag: P1-DIMMB1_AssetTag (date:19/00) + Part Number: HMA84GR7CJR4N-XN + Rank: 2 + Configured Clock Speed: 3200 MT/s + Minimum Voltage: 1.2 V + Maximum Voltage: 1.2 V + Configured Voltage: 1.2 V + + Handle 0x0031, DMI type 17, 84 bytes + Memory Device + Array Handle: 0x0023 + Error Information Handle: 0x0030 + Total Width: 72 bits + Data Width: 64 bits + Size: 32 GB + Form Factor: DIMM + Set: None + Locator: DIMMC1 + Bank Locator: P0_Node0_Channel2_Dimm0 + Type: DDR4 + Type Detail: Synchronous Registered (Buffered) + Speed: 3200 MT/s + Manufacturer: SK Hynix + Serial Number: 431E918A + Asset Tag: P1-DIMMC1_AssetTag (date:19/00) + Part Number: HMA84GR7CJR4N-XN + Rank: 2 + Configured Clock Speed: 3200 MT/s + Minimum Voltage: 1.2 V + Maximum Voltage: 1.2 V + Configured Voltage: 1.2 V + + Handle 0x0034, DMI type 17, 84 bytes + Memory Device + Array Handle: 0x0023 + Error Information Handle: 0x0033 + Total Width: 72 bits + Data Width: 64 bits + Size: 32 GB + Form Factor: DIMM + Set: None + Locator: DIMMD1 + Bank Locator: P0_Node0_Channel3_Dimm0 + Type: DDR4 + Type Detail: Synchronous Registered (Buffered) + Speed: 3200 MT/s + Manufacturer: SK Hynix + Serial Number: 431E9187 + Asset Tag: P1-DIMMD1_AssetTag (date:19/00) + Part Number: HMA84GR7CJR4N-XN + Rank: 2 + Configured Clock Speed: 3200 MT/s + Minimum Voltage: 1.2 V + Maximum Voltage: 1.2 V + Configured Voltage: 1.2 V + + Handle 0x0037, DMI type 17, 84 bytes + Memory Device + Array Handle: 0x0023 + Error Information Handle: 0x0036 + Total Width: 72 bits + Data Width: 64 bits + Size: 32 GB + Form Factor: DIMM + Set: None + Locator: DIMME1 + Bank Locator: P0_Node0_Channel4_Dimm0 + Type: DDR4 + Type Detail: Synchronous Registered (Buffered) + Speed: 3200 MT/s + Manufacturer: SK Hynix + Serial Number: 431E9178 + Asset Tag: P1-DIMME1_AssetTag (date:19/00) + Part Number: HMA84GR7CJR4N-XN + Rank: 2 + Configured Clock Speed: 3200 MT/s + Minimum Voltage: 1.2 V + Maximum Voltage: 1.2 V + Configured Voltage: 1.2 V + + Handle 0x003A, DMI type 17, 84 bytes + Memory Device + Array Handle: 0x0023 + Error Information Handle: 0x0039 + Total Width: 72 bits + Data Width: 64 bits + Size: 32 GB + Form Factor: DIMM + Set: None + Locator: DIMMF1 + Bank Locator: P0_Node0_Channel5_Dimm0 + Type: DDR4 + Type Detail: Synchronous Registered (Buffered) + Speed: 3200 MT/s + Manufacturer: SK Hynix + Serial Number: 431E9206 + Asset Tag: P1-DIMMF1_AssetTag (date:19/00) + Part Number: HMA84GR7CJR4N-XN + Rank: 2 + Configured Clock Speed: 3200 MT/s + Minimum Voltage: 1.2 V + Maximum Voltage: 1.2 V + Configured Voltage: 1.2 V + + Handle 0x003D, DMI type 17, 84 bytes + Memory Device + Array Handle: 0x0023 + Error Information Handle: 0x003C + Total Width: 72 bits + Data Width: 64 bits + Size: 32 GB + Form Factor: DIMM + Set: None + Locator: DIMMG1 + Bank Locator: P0_Node0_Channel6_Dimm0 + Type: DDR4 + Type Detail: Synchronous Registered (Buffered) + Speed: 3200 MT/s + Manufacturer: SK Hynix + Serial Number: 431E9207 + Asset Tag: P1-DIMMG1_AssetTag (date:19/00) + Part Number: HMA84GR7CJR4N-XN + Rank: 2 + Configured Clock Speed: 3200 MT/s + Minimum Voltage: 1.2 V + Maximum Voltage: 1.2 V + Configured Voltage: 1.2 V + + Handle 0x0040, DMI type 17, 84 bytes + Memory Device + Array Handle: 0x0023 + Error Information Handle: 0x003F + Total Width: 72 bits + Data Width: 64 bits + Size: 32 GB + Form Factor: DIMM + Set: None + Locator: DIMMH1 + Bank Locator: P0_Node0_Channel7_Dimm0 + Type: DDR4 + Type Detail: Synchronous Registered (Buffered) + Speed: 3200 MT/s + Manufacturer: SK Hynix + Serial Number: 431E9209 + Asset Tag: P1-DIMMH1_AssetTag (date:19/00) + Part Number: HMA84GR7CJR4N-XN + Rank: 2 + Configured Clock Speed: 3200 MT/s + Minimum Voltage: 1.2 V + Maximum Voltage: 1.2 V + Configured Voltage: 1.2 V +``` + +## EPYC zn2 Server BIOS Configuration - TG + +### Boot Feature + +``` + | Quiet Boot [Enabled] |Boot option | + | | | + | Option ROM Messages [Force BIOS] | | + | Bootup NumLock State [On] | | + | Wait For "F1" If Error [Enabled] | | + | INT19 Trap Response [Immediate] | | + | Re-try Boot [Disabled] | | + | | | + | Power Configuration | | + | Watch Dog Function [Disabled] | | + | Restore on AC Power Loss [Last State] | | + | Power Button Function [Instant Off] | | +``` + +### CPU Configuration + +``` + | ACPI Settings ^| | + | -------------------------------------------------- *| | + | PCI AER Support [Disabled] *| | + | High Precision Event Timer [Disabled] *| | + | NUMA Nodes Per Socket [NPS2] *| | + | ACPI SRAT L3 Cache As NUMA Domain [Auto] *| | + | *| | + | CPU Configuration ^| | + | -------------------------------------------------- *| | + | SMT Control [Auto] *| | + | Core Performance Boost [Auto] *| | + | Global C-state control [Disabled] *| | + | Local APIC Mode [Auto] *| | + | CCD Control [Auto] *| | + | Core Control [Auto] *| | + | Core Control [Auto] *| | + | L1 Stream HW Prefetcher [Enabled] *| | + | L2 Stream HW Prefetcher [Enabled] *| | + | SVM Mode [Enabled] *| | + | SMEE [Disabled] *| | + | *| | + |> CPU1 Information *| | + | *| | + | NB Configuration ^| | + | -------------------------------------------------- *| | + | Determinism Control [Manual] *| | + | Determinism Slider [Performance] *| | + | cTDP Control [Disabled] *| | + | IOMMU [Disabled] *| | + | ACS Enable [Auto] *| | + | Package Power Limit Control [Auto] *| | + | APBDIS [1] *| | + | Fixed SOC Pstate [P0] *| | + | DF Cstates [Enabled] *| | + | Preferred IO [Manual] *| | + | Preferred IO Bus [##] *| | + | *| | + | *|-----------------------------| + | *|><: Select Screen | + | *|^v: Select Item | + | *|Enter: Select | + | +|+/-: Change Opt. | + | +|F1: General Help | + | +|F2: Previous Values | + | +|F3: Optimized Defaults | + | v|F4: Save & Exit | + | | | +``` + + +## EPYC zn2 Server BIOS Configuration - DUT + +### Boot Feature + +``` + | Quiet Boot [Enabled] |Boot option | + | | | + | Option ROM Messages [Force BIOS] | | + | Bootup NumLock State [On] | | + | Wait For "F1" If Error [Enabled] | | + | INT19 Trap Response [Immediate] | | + | Re-try Boot [Disabled] | | + | | | + | Power Configuration | | + | Watch Dog Function [Disabled] | | + | Restore on AC Power Loss [Last State] | | + | Power Button Function [Instant Off] | | +``` + +### CPU Configuration + +``` + | ACPI Settings ^| | + | -------------------------------------------------- *| | + | PCI AER Support [Disabled] *| | + | High Precision Event Timer [Disabled] *| | + | NUMA Nodes Per Socket [NPS2] *| | + | ACPI SRAT L3 Cache As NUMA Domain [Auto] *| | + | *| | + | CPU Configuration ^| | + | -------------------------------------------------- *| | + | SMT Control [Auto] *| | + | Core Performance Boost [Auto] *| | + | Global C-state control [Disabled] *| | + | Local APIC Mode [Auto] *| | + | CCD Control [Auto] *| | + | Core Control [Auto] *| | + | Core Control [Auto] *| | + | L1 Stream HW Prefetcher [Enabled] *| | + | L2 Stream HW Prefetcher [Enabled] *| | + | SVM Mode [Enabled] *| | + | SMEE [Disabled] *| | + | *| | + |> CPU1 Information *| | + | *| | + | NB Configuration ^| | + | -------------------------------------------------- *| | + | Determinism Control [Manual] *| | + | Determinism Slider [Performance] *| | + | cTDP Control [Disabled] *| | + | IOMMU [Disabled] *| | + | ACS Enable [Auto] *| | + | Package Power Limit Control [Auto] *| | + | APBDIS [1] *| | + | Fixed SOC Pstate [P0] *| | + | DF Cstates [Enabled] *| | + | Preferred IO [Manual] *| | + | Preferred IO Bus [##] *| | + | *| | + | *|-----------------------------| + | *|><: Select Screen | + | *|^v: Select Item | + | *|Enter: Select | + | +|+/-: Change Opt. | + | +|F1: General Help | + | +|F2: Previous Values | + | +|F3: Optimized Defaults | + | v|F4: Save & Exit | + | | | +``` + + +## EPYC zn2 Server Firmware Inventory + +``` +Host. IPMI IP. BMC. BIOS. CPLD. CPU Microcode. PCI Bus. X710 Firmware. XXV710 Firmware. i40e. MLX5 Firmware. mlx5_core +s60-t210-sut1. 10.30.55.24. 03.10.04. 1.1a. 02.c2.00. 0x8301038. ?. 6.80 0x80003ce6 1.2074.0. 6.01 0x80003554 1.1747.0. 2.1.14-k. 16.26.1040. 4.6-1.0.1. +s61-t210-tg1. 10.30.55.25. 03.10.04. 1.1a. 02.c2.00. 0x8301038. ?. 6.80 0x80003ce6 1.2074.0. 6.01 0x80003554 1.1747.0. 2.1.14-k. 16.26.1040. 4.6-1.0.1. +```
\ No newline at end of file diff --git a/docs/report/introduction/test_environment_sut_calib_zn2.rst b/docs/report/introduction/test_environment_sut_calib_zn2.rst new file mode 100644 index 0000000000..c181b5f34c --- /dev/null +++ b/docs/report/introduction/test_environment_sut_calib_zn2.rst @@ -0,0 +1,118 @@ +EPYC Zen2 +~~~~~~~~~ + +Following sections include sample calibration data measured on +s60-t210-sut1 server running in one of the AMD EPYC testbeds as +specified in `FD.io CSIT testbeds - EPYC Zen2`_. + + +Linux cmdline +^^^^^^^^^^^^^ + +:: + + $ cat /proc/cmdline + BOOT_IMAGE=/boot/vmlinuz-4.15.0-72-generic root=UUID=1672f0ef-755e-4a26-884d-02a3f4ac933c ro isolcpus=1-15,33-47,17-31,49-63 nohz_full=1-15,33-47,17-31,49-63 rcu_nocbs=1-15,33-47,17-31,49-63 numa_balancing=disable amd_iommu=on iommu=pt nmi_watchdog=0 audit=0 nosoftlockup processor.max_cstate=0 hpet=disable tsc=reliable mce=off splash quiet vt.handoff=1 + + +Linux uname +^^^^^^^^^^^ + +:: + + $ uname -a + Linux s60-t210-sut1 4.15.0-72-generic #81-Ubuntu SMP Tue Nov 26 12:20:02 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux + + +System-level Core Jitter +^^^^^^^^^^^^^^^^^^^^^^^^ + +:: + + $ sudo taskset -c 3 /home/testuser/pma_tools/jitter/jitter -i 30 + Linux Jitter testing program version 1.9 + Iterations=20 + The pragram will execute a dummy function 80000 times + Display is updated every 20000 displayUpdate intervals + Thread affinity will be set to core_id:7 + Timings are in CPU Core cycles + Inst_Min: Minimum Excution time during the display update interval(default is ~1 second) + Inst_Max: Maximum Excution time during the display update interval(default is ~1 second) + Inst_jitter: Jitter in the Excution time during rhe display update interval. This is the value of interest + last_Exec: The Excution time of last iteration just before the display update + Abs_Min: Absolute Minimum Excution time since the program started or statistics were reset + Abs_Max: Absolute Maximum Excution time since the program started or statistics were reset + tmp: Cumulative value calcualted by the dummy function + Interval: Time interval between the display updates in Core Cycles + Sample No: Sample number + + Inst_Min,Inst_Max,Inst_jitter,last_Exec,Abs_min,Abs_max,tmp,Interval,Sample No + 116376,145848,29472,116376,116376,145848,3399090176,2350958712,1 + 116376,145848,29472,116400,116376,145848,4158259200,2355136968,2 + 116376,145848,29472,116376,116376,145848,622460928,2343355128,3 + 116376,145848,29472,116376,116376,145848,1381629952,2362905912,4 + 116376,145848,29472,116400,116376,145848,2140798976,2344101768,5 + 116376,145848,29472,116376,116376,145848,2899968000,2341791912,6 + 116376,145848,29472,116400,116376,145848,3659137024,2340794664,7 + 116376,145848,29472,116400,116376,145848,123338752,2336863896,8 + 116376,145752,29376,116400,116376,145848,882507776,2335339584,9 + 116376,145512,29136,116376,116376,145848,1641676800,2335619160,10 + 116376,145512,29136,116400,116376,145848,2400845824,2335646280,11 + 116376,145848,29472,116400,116376,145848,3160014848,2350534872,12 + 116376,145848,29472,116400,116376,145848,3919183872,2348972352,13 + 116376,145848,29472,116400,116376,145848,383385600,2363157840,14 + 116376,145848,29472,116400,116376,145848,1142554624,2349686904,15 + 116376,145848,29472,116400,116376,145848,1901723648,2356550976,16 + 116376,145848,29472,119304,116376,145848,2660892672,2365225944,17 + 116376,145848,29472,116400,116376,145848,3420061696,2365215576,18 + 116376,145848,29472,116400,116376,145848,4179230720,2349971088,19 + 116376,145848,29472,116400,116376,145848,643432448,2339421384,20" + + +Memory Bandwidth +^^^^^^^^^^^^^^^^ + +:: + + $ sudo /home/testuser/mlc --bandwidth_matrix + TBC + +:: + + $ sudo /home/testuser/mlc --peak_injection_bandwidth + TBC + +:: + + $ sudo /home/testuser/mlc --max_bandwidth + TBC + + +Memory Latency +^^^^^^^^^^^^^^ + +:: + + $ sudo /home/testuser/mlc --latency_matrix + TBC + +:: + + $ sudo /home/testuser/mlc --idle_latency + TBC + +:: + + $ sudo /home/testuser/mlc --loaded_latency + TBC + + +L1/L2/LLC Latency +^^^^^^^^^^^^^^^^^ + +:: + + $ sudo /home/testuser/mlc --c2c_latency + TBC + +.. include:: ../introduction/test_environment_sut_meltspec_zn2.rst diff --git a/docs/report/introduction/test_environment_sut_meltspec_zn2.rst b/docs/report/introduction/test_environment_sut_meltspec_zn2.rst new file mode 100644 index 0000000000..24169331a7 --- /dev/null +++ b/docs/report/introduction/test_environment_sut_meltspec_zn2.rst @@ -0,0 +1,331 @@ +Spectre and Meltdown Checks +^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Following section displays the output of a running shell script to tell if +system is vulnerable against the several speculative execution CVEs that were +made public in 2018. Script is available on `Spectre & Meltdown Checker Github +<https://github.com/speed47/spectre-meltdown-checker>`_. + +:: + + Spectre and Meltdown mitigation detection tool v0.43 + + Checking for vulnerabilities on current system + Kernel is Linux 4.15.0-72-generic #81-Ubuntu SMP Tue Nov 26 12:20:02 UTC 2019 x86_64 + CPU is AMD EPYC 7532 32-Core Processor + + Hardware check + * Hardware support (CPU microcode) for mitigation techniques + * Indirect Branch Restricted Speculation (IBRS) + * SPEC_CTRL MSR is available: YES + * CPU indicates IBRS capability: YES (IBRS_SUPPORT feature bit) + * CPU indicates preferring IBRS always-on: NO + * CPU indicates preferring IBRS over retpoline: YES + * Indirect Branch Prediction Barrier (IBPB) + * PRED_CMD MSR is available: YES + * CPU indicates IBPB capability: YES (IBPB_SUPPORT feature bit) + * Single Thread Indirect Branch Predictors (STIBP) + * SPEC_CTRL MSR is available: YES + * CPU indicates STIBP capability: YES (AMD STIBP feature bit) + * CPU indicates preferring STIBP always-on: NO + * Speculative Store Bypass Disable (SSBD) + * CPU indicates SSBD capability: YES (AMD SSBD in SPEC_CTRL) + * L1 data cache invalidation + * FLUSH_CMD MSR is available: NO + * CPU indicates L1D flush capability: NO + * CPU supports Transactional Synchronization Extensions (TSX): NO + * CPU supports Software Guard Extensions (SGX): NO + * CPU supports Special Register Buffer Data Sampling (SRBDS): NO + * CPU microcode is known to cause stability problems: NO (family 0x17 model 0x31 stepping 0x0 ucode 0x8301034 cpuid 0x830f10) + * CPU microcode is the latest known available version: NO (latest version is 0x8301039 dated 2020/02/07 according to builtin firmwares DB v160.20200912+i20200722) + * CPU vulnerability to the speculative execution attack variants + * Vulnerable to CVE-2017-5753 (Spectre Variant 1, bounds check bypass): YES + * Vulnerable to CVE-2017-5715 (Spectre Variant 2, branch target injection): YES + * Vulnerable to CVE-2017-5754 (Variant 3, Meltdown, rogue data cache load): NO + * Vulnerable to CVE-2018-3640 (Variant 3a, rogue system register read): NO + * Vulnerable to CVE-2018-3639 (Variant 4, speculative store bypass): YES + * Vulnerable to CVE-2018-3615 (Foreshadow (SGX), L1 terminal fault): NO + * Vulnerable to CVE-2018-3620 (Foreshadow-NG (OS), L1 terminal fault): NO + * Vulnerable to CVE-2018-3646 (Foreshadow-NG (VMM), L1 terminal fault): NO + * Vulnerable to CVE-2018-12126 (Fallout, microarchitectural store buffer data sampling (MSBDS)): NO + * Vulnerable to CVE-2018-12130 (ZombieLoad, microarchitectural fill buffer data sampling (MFBDS)): NO + * Vulnerable to CVE-2018-12127 (RIDL, microarchitectural load port data sampling (MLPDS)): NO + * Vulnerable to CVE-2019-11091 (RIDL, microarchitectural data sampling uncacheable memory (MDSUM)): NO + * Vulnerable to CVE-2019-11135 (ZombieLoad V2, TSX Asynchronous Abort (TAA)): NO + * Vulnerable to CVE-2018-12207 (No eXcuses, iTLB Multihit, machine check exception on page size changes (MCEPSC)): NO + * Vulnerable to CVE-2020-0543 (Special Register Buffer Data Sampling (SRBDS)): NO + + CVE-2017-5753 aka 'Spectre Variant 1, bounds check bypass' + * Mitigated according to the /sys interface: YES (Mitigation: usercopy/swapgs barriers and __user pointer sanitization) + * Kernel has array_index_mask_nospec: YES (1 occurrence(s) found of x86 64 bits array_index_mask_nospec()) + * Kernel has the Red Hat/Ubuntu patch: NO + * Kernel has mask_nospec64 (arm64): NO + * Kernel has array_index_nospec (arm64): NO + > STATUS: NOT VULNERABLE (Mitigation: usercopy/swapgs barriers and __user pointer sanitization) + + CVE-2017-5715 aka 'Spectre Variant 2, branch target injection' + * Mitigated according to the /sys interface: YES (Mitigation: Full AMD retpoline, IBPB: conditional, IBRS_FW, STIBP: conditional, RSB filling) + * Mitigation 1 + * Kernel is compiled with IBRS support: YES + * IBRS enabled and active: YES (for firmware code only) + * Kernel is compiled with IBPB support: YES + * IBPB enabled and active: YES + * Mitigation 2 + * Kernel has branch predictor hardening (arm): NO + * Kernel compiled with retpoline option: YES + * Kernel compiled with a retpoline-aware compiler: YES (kernel reports full retpoline compilation) + > STATUS: NOT VULNERABLE (Full retpoline + IBPB are mitigating the vulnerability) + + CVE-2017-5754 aka 'Variant 3, Meltdown, rogue data cache load' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports Page Table Isolation (PTI): YES + * PTI enabled and active: NO + * Reduced performance impact of PTI: NO (PCID/INVPCID not supported, performance impact of PTI will be significant) + * Running as a Xen PV DomU: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-3640 aka 'Variant 3a, rogue system register read' + * CPU microcode mitigates the vulnerability: YES + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-3639 aka 'Variant 4, speculative store bypass' + * Mitigated according to the /sys interface: YES (Mitigation: Speculative Store Bypass disabled via prctl and seccomp) + * Kernel supports disabling speculative store bypass (SSB): YES (found in /proc/self/status) + * SSB mitigation is enabled and active: YES (per-thread through prctl) + * SSB mitigation currently active for selected processes: YES (systemd-journald systemd-logind systemd-networkd systemd-resolved systemd-timesyncd systemd-udevd) + > STATUS: NOT VULNERABLE (Mitigation: Speculative Store Bypass disabled via prctl and seccomp) + + CVE-2018-3615 aka 'Foreshadow (SGX), L1 terminal fault' + * CPU microcode mitigates the vulnerability: N/A + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-3620 aka 'Foreshadow-NG (OS), L1 terminal fault' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports PTE inversion: YES (found in kernel image) + * PTE inversion enabled and active: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-3646 aka 'Foreshadow-NG (VMM), L1 terminal fault' + * Information from the /sys interface: Not affected + * This system is a host running a hypervisor: NO + * Mitigation 1 (KVM) + * EPT is disabled: N/A (the kvm_intel module is not loaded) + * Mitigation 2 + * L1D flush is supported by kernel: YES (found flush_l1d in kernel image) + * L1D flush enabled: NO + * Hardware-backed L1D flush supported: NO (flush will be done in software, this is slower) + * Hyper-Threading (SMT) is enabled: YES + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-12126 aka 'Fallout, microarchitectural store buffer data sampling (MSBDS)' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports using MD_CLEAR mitigation: YES (found md_clear implementation evidence in kernel image) + * Kernel mitigation is enabled and active: NO + * SMT is either mitigated or disabled: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-12130 aka 'ZombieLoad, microarchitectural fill buffer data sampling (MFBDS)' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports using MD_CLEAR mitigation: YES (found md_clear implementation evidence in kernel image) + * Kernel mitigation is enabled and active: NO + * SMT is either mitigated or disabled: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-12127 aka 'RIDL, microarchitectural load port data sampling (MLPDS)' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports using MD_CLEAR mitigation: YES (found md_clear implementation evidence in kernel image) + * Kernel mitigation is enabled and active: NO + * SMT is either mitigated or disabled: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2019-11091 aka 'RIDL, microarchitectural data sampling uncacheable memory (MDSUM)' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports using MD_CLEAR mitigation: YES (found md_clear implementation evidence in kernel image) + * Kernel mitigation is enabled and active: NO + * SMT is either mitigated or disabled: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2019-11135 aka 'ZombieLoad V2, TSX Asynchronous Abort (TAA)' + * Mitigated according to the /sys interface: YES (Not affected) + * TAA mitigation is supported by kernel: YES (found tsx_async_abort in kernel image) + * TAA mitigation enabled and active: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-12207 aka 'No eXcuses, iTLB Multihit, machine check exception on page size changes (MCEPSC)' + * Mitigated according to the /sys interface: YES (Not affected) + * This system is a host running a hypervisor: NO + * iTLB Multihit mitigation is supported by kernel: YES (found itlb_multihit in kernel image) + * iTLB Multihit mitigation enabled and active: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2020-0543 aka 'Special Register Buffer Data Sampling (SRBDS)' + * SRBDS mitigation control is supported by the kernel: NO + * SRBDS mitigation control is enabled and active: NO (SRBDS not found in sysfs hierarchy) + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + > SUMMARY: CVE-2017-5753:OK CVE-2017-5715:OK CVE-2017-5754:OK CVE-2018-3640:OK CVE-2018-3639:OK CVE-2018-3615:OK CVE-2018-3620:OK CVE-2018-3646:OK CVE-2018-12126:OK CVE-2018-12130:OK CVE-2018-12127:OK CVE-2019-11091:OK CVE-2019-11135:OK CVE-2018-12207:OK CVE-2020-0543:OK + + Need more detailed information about mitigation options? Use --explain + A false sense of security is worse than no security at all, see --disclaimer + +:: + + Spectre and Meltdown mitigation detection tool v0.43 + + Checking for vulnerabilities on current system + Kernel is Linux 4.15.0-72-generic #81-Ubuntu SMP Tue Nov 26 12:20:02 UTC 2019 x86_64 + CPU is AMD EPYC 7532 32-Core Processor + + Hardware check + * Hardware support (CPU microcode) for mitigation techniques + * Indirect Branch Restricted Speculation (IBRS) + * SPEC_CTRL MSR is available: YES + * CPU indicates IBRS capability: YES (IBRS_SUPPORT feature bit) + * CPU indicates preferring IBRS always-on: NO + * CPU indicates preferring IBRS over retpoline: YES + * Indirect Branch Prediction Barrier (IBPB) + * PRED_CMD MSR is available: YES + * CPU indicates IBPB capability: YES (IBPB_SUPPORT feature bit) + * Single Thread Indirect Branch Predictors (STIBP) + * SPEC_CTRL MSR is available: YES + * CPU indicates STIBP capability: YES (AMD STIBP feature bit) + * CPU indicates preferring STIBP always-on: NO + * Speculative Store Bypass Disable (SSBD) + * CPU indicates SSBD capability: YES (AMD SSBD in SPEC_CTRL) + * L1 data cache invalidation + * FLUSH_CMD MSR is available: NO + * CPU indicates L1D flush capability: NO + * CPU supports Transactional Synchronization Extensions (TSX): NO + * CPU supports Software Guard Extensions (SGX): NO + * CPU supports Special Register Buffer Data Sampling (SRBDS): NO + * CPU microcode is known to cause stability problems: NO (family 0x17 model 0x31 stepping 0x0 ucode 0x8301034 cpuid 0x830f10) + * CPU microcode is the latest known available version: NO (latest version is 0x8301039 dated 2020/02/07 according to builtin firmwares DB v160.20200912+i20200722) + * CPU vulnerability to the speculative execution attack variants + * Vulnerable to CVE-2017-5753 (Spectre Variant 1, bounds check bypass): YES + * Vulnerable to CVE-2017-5715 (Spectre Variant 2, branch target injection): YES + * Vulnerable to CVE-2017-5754 (Variant 3, Meltdown, rogue data cache load): NO + * Vulnerable to CVE-2018-3640 (Variant 3a, rogue system register read): NO + * Vulnerable to CVE-2018-3639 (Variant 4, speculative store bypass): YES + * Vulnerable to CVE-2018-3615 (Foreshadow (SGX), L1 terminal fault): NO + * Vulnerable to CVE-2018-3620 (Foreshadow-NG (OS), L1 terminal fault): NO + * Vulnerable to CVE-2018-3646 (Foreshadow-NG (VMM), L1 terminal fault): NO + * Vulnerable to CVE-2018-12126 (Fallout, microarchitectural store buffer data sampling (MSBDS)): NO + * Vulnerable to CVE-2018-12130 (ZombieLoad, microarchitectural fill buffer data sampling (MFBDS)): NO + * Vulnerable to CVE-2018-12127 (RIDL, microarchitectural load port data sampling (MLPDS)): NO + * Vulnerable to CVE-2019-11091 (RIDL, microarchitectural data sampling uncacheable memory (MDSUM)): NO + * Vulnerable to CVE-2019-11135 (ZombieLoad V2, TSX Asynchronous Abort (TAA)): NO + * Vulnerable to CVE-2018-12207 (No eXcuses, iTLB Multihit, machine check exception on page size changes (MCEPSC)): NO + * Vulnerable to CVE-2020-0543 (Special Register Buffer Data Sampling (SRBDS)): NO + + CVE-2017-5753 aka 'Spectre Variant 1, bounds check bypass' + * Mitigated according to the /sys interface: YES (Mitigation: usercopy/swapgs barriers and __user pointer sanitization) + * Kernel has array_index_mask_nospec: YES (1 occurrence(s) found of x86 64 bits array_index_mask_nospec()) + * Kernel has the Red Hat/Ubuntu patch: NO + * Kernel has mask_nospec64 (arm64): NO + * Kernel has array_index_nospec (arm64): NO + > STATUS: NOT VULNERABLE (Mitigation: usercopy/swapgs barriers and __user pointer sanitization) + + CVE-2017-5715 aka 'Spectre Variant 2, branch target injection' + * Mitigated according to the /sys interface: YES (Mitigation: Full AMD retpoline, IBPB: conditional, IBRS_FW, STIBP: conditional, RSB filling) + * Mitigation 1 + * Kernel is compiled with IBRS support: YES + * IBRS enabled and active: YES (for firmware code only) + * Kernel is compiled with IBPB support: YES + * IBPB enabled and active: YES + * Mitigation 2 + * Kernel has branch predictor hardening (arm): NO + * Kernel compiled with retpoline option: YES + * Kernel compiled with a retpoline-aware compiler: YES (kernel reports full retpoline compilation) + > STATUS: NOT VULNERABLE (Full retpoline + IBPB are mitigating the vulnerability) + + CVE-2017-5754 aka 'Variant 3, Meltdown, rogue data cache load' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports Page Table Isolation (PTI): YES + * PTI enabled and active: NO + * Reduced performance impact of PTI: NO (PCID/INVPCID not supported, performance impact of PTI will be significant) + * Running as a Xen PV DomU: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-3640 aka 'Variant 3a, rogue system register read' + * CPU microcode mitigates the vulnerability: YES + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-3639 aka 'Variant 4, speculative store bypass' + * Mitigated according to the /sys interface: YES (Mitigation: Speculative Store Bypass disabled via prctl and seccomp) + * Kernel supports disabling speculative store bypass (SSB): YES (found in /proc/self/status) + * SSB mitigation is enabled and active: YES (per-thread through prctl) + * SSB mitigation currently active for selected processes: YES (systemd-journald systemd-logind systemd-networkd systemd-resolved systemd-timesyncd systemd-udevd) + > STATUS: NOT VULNERABLE (Mitigation: Speculative Store Bypass disabled via prctl and seccomp) + + CVE-2018-3615 aka 'Foreshadow (SGX), L1 terminal fault' + * CPU microcode mitigates the vulnerability: N/A + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-3620 aka 'Foreshadow-NG (OS), L1 terminal fault' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports PTE inversion: YES (found in kernel image) + * PTE inversion enabled and active: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-3646 aka 'Foreshadow-NG (VMM), L1 terminal fault' + * Information from the /sys interface: Not affected + * This system is a host running a hypervisor: NO + * Mitigation 1 (KVM) + * EPT is disabled: N/A (the kvm_intel module is not loaded) + * Mitigation 2 + * L1D flush is supported by kernel: YES (found flush_l1d in kernel image) + * L1D flush enabled: NO + * Hardware-backed L1D flush supported: NO (flush will be done in software, this is slower) + * Hyper-Threading (SMT) is enabled: YES + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-12126 aka 'Fallout, microarchitectural store buffer data sampling (MSBDS)' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports using MD_CLEAR mitigation: YES (found md_clear implementation evidence in kernel image) + * Kernel mitigation is enabled and active: NO + * SMT is either mitigated or disabled: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-12130 aka 'ZombieLoad, microarchitectural fill buffer data sampling (MFBDS)' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports using MD_CLEAR mitigation: YES (found md_clear implementation evidence in kernel image) + * Kernel mitigation is enabled and active: NO + * SMT is either mitigated or disabled: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-12127 aka 'RIDL, microarchitectural load port data sampling (MLPDS)' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports using MD_CLEAR mitigation: YES (found md_clear implementation evidence in kernel image) + * Kernel mitigation is enabled and active: NO + * SMT is either mitigated or disabled: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2019-11091 aka 'RIDL, microarchitectural data sampling uncacheable memory (MDSUM)' + * Mitigated according to the /sys interface: YES (Not affected) + * Kernel supports using MD_CLEAR mitigation: YES (found md_clear implementation evidence in kernel image) + * Kernel mitigation is enabled and active: NO + * SMT is either mitigated or disabled: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2019-11135 aka 'ZombieLoad V2, TSX Asynchronous Abort (TAA)' + * Mitigated according to the /sys interface: YES (Not affected) + * TAA mitigation is supported by kernel: YES (found tsx_async_abort in kernel image) + * TAA mitigation enabled and active: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2018-12207 aka 'No eXcuses, iTLB Multihit, machine check exception on page size changes (MCEPSC)' + * Mitigated according to the /sys interface: YES (Not affected) + * This system is a host running a hypervisor: NO + * iTLB Multihit mitigation is supported by kernel: YES (found itlb_multihit in kernel image) + * iTLB Multihit mitigation enabled and active: NO + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + CVE-2020-0543 aka 'Special Register Buffer Data Sampling (SRBDS)' + * SRBDS mitigation control is supported by the kernel: NO + * SRBDS mitigation control is enabled and active: NO (SRBDS not found in sysfs hierarchy) + > STATUS: NOT VULNERABLE (your CPU vendor reported your CPU model as not vulnerable) + + > SUMMARY: CVE-2017-5753:OK CVE-2017-5715:OK CVE-2017-5754:OK CVE-2018-3640:OK CVE-2018-3639:OK CVE-2018-3615:OK CVE-2018-3620:OK CVE-2018-3646:OK CVE-2018-12126:OK CVE-2018-12130:OK CVE-2018-12127:OK CVE-2019-11091:OK CVE-2019-11135:OK CVE-2018-12207:OK CVE-2020-0543:OK + + Need more detailed information about mitigation options? Use --explain + A false sense of security is worse than no security at all, see --disclaimer
\ No newline at end of file |