One security issue I somehow missed back in July was Zenbleed, an issue with AMD CPUs that's getting patched up in the Linux kernel and now the Steam Deck is getting a kernel fix for it too.
    • VerifiablyMrWonka
      49 months ago

      From what I’ve seen the authors of the papers have listed the zenbleed mitigation impact as “statistically insignificant”.

      • interolivary
        39 months ago

        Which is clearly not correct. Take a look at eg. this benchmark; many workloads take a sizeable hit. Even plain 'ol glibc sin and cos take about 8% longer, and the most pathological hit was the MariaDB workload which took almost 200% longer. Looks like many tasks related to math or heavy-duty string processing will be at least 10-20% slower, but it’s hard to say yet what this’ll do to games. I’d expect CPU-heavy games to be affected

  • AutoTL;DRBEnglish
    99 months ago

    This is the best summary I could come up with:

    Turns out the original code in the Linux kernel somehow missed the Steam Deck, so now it’s being pulled in urgently to ensure it’s also protected as per the patch:

    Commit 522b1d69219d (“x86/cpu/amd: Add a Zenbleed fix”) provided a fix for the Zen2 VZEROUPPER data corruption bug affecting a range of CPU models, but the AMD Custom APU 0405 found on SteamDeck was not listed, although it is clearly affected by the vulnerability.

    Add this CPU variant to the Zenbleed erratum list, in order to unconditionally enable the fallback fix until a proper microcode update is available.

    I’m sure some people will argue against it as these fixes can come with performance penalties, because the Steam Deck is primarily a gaming device.

    But still, it has a full desktop mode it’s not a traditional locked down console, you can install a browser and do basically anything with it - better to be safe than sorry.

    If you’re on desktop, as always it’s a good idea to ensure you regularly check for updates to patch up issues like this.

    I’m a bot and I’m open source!

  • interolivaryEnglish
    79 months ago

    Bit of a silly mitigation to have on the Deck, honestly. Hopefully there’ll be a way to disable it; it’s probably going to kick performance down by tens of percents, and I really don’t need that on a gaming device where this particular attack is just incredibly unlikely and most likely wouldn’t lead to jack shit anyhow.

    • @ReakDuckEnglish
      49 months ago

      People have proven that the Steam Deck is pretty much just a daily desktop driver. People do all kinds of things on it. It also seems like its performance downgrade is insignificant.

      • interolivaryEnglish
        49 months ago

        And I’m not one of those people so I’d like the option to not take the performance hit. Based on benchmarks I’ve seen it’s definitely not going to be insignificant, but it’s hard to say what the effect on games will be. See eg https://openbenchmarking.org/result/2308071-NE-2308068NE86, where math operations can be seen to take about 10% hits and some tasks go way above that. Not terrible but it’s not going to be nothing either, which is why I’d like to be able to opt out

        Edit: corrected the link