AMD Squashes Bug That Impacted Zen 4 Security Features in Linux

Phoronix reports that a new bug fix for AMD Zen 4 chips was recently implemented into Linux version 6.6. The fix rectifies an issue surrounding undefined instruction exceptions potentially occurring on Zen 4 chips when the Single Threaded Indirect Branch Predictors (STIBP) are disabled. The bug, Erratum #1485, will also be back-ported to existing stable Linux kernels.

STIBP is a branch prediction feature in Zen 4 that restricts branch prediction sharing to one physical core and any logical cores used with the physical core (i.e., SMT/HyperThreading). STIBP is integrated into Zen 4's default security mitigations, specifically as part of the Spectre Variant Two protections. 

By default, Zen 4 chips will automatically enable this feature since it is vital to the CPU's security systems. But, like other similar CPU security mitigations, enabling STIBP can incur a performance penalty. As a result, users can disable STIBP to regain performance when security is less of a concern.

To re-iterate, the bug fix is only needed to fix issues when STIBP is off, not on. Since STIBP is enabled on Zen 4 by default, most users will not have problems. Only the few who go out of their way to disable STIBP are affected. Indirect instruction exception errors can occur when a CPU is processing instructions. These can lead to errors and corruption, similar to unstable CPU overclocks.

Phoronix reports that this STIBP fix will also make its way to previous stable kernel versions but did not confirm when that will happen. There's a chance other operating systems could also be affected, but we haven't heard of any serious issues so far in Windows.