Thursday , April 22 2021

Intel disables hardware lock elision on all current CPUs, Hacker News


x 86 / msr: Add the IA 32 _ TSX_CTRL MSR

Transactional Synchronization Extensions (TSX) may be used on certain processors as part of a speculative side channel attack. A microcode update for existing processors that are vulnerable to this attack will add a new MSR – IA 32 _ TSX_CTRL to allow the system administrator the option to disable TSX as one of the possible mitigations. The CPUs which get this new MSR after a microcode upgrade are the ones which do not set MSR_IA 32 _ ARCH_CAPABILITIES.MDS_NO (bit 5) because those CPUs have CPUID.MD_CLEAR, i.e., the VERW implementation which clears all CPU buffers takes care of the TAA case as well.   [ Note that future processors that are not vulnerable will also support the IA32_TSX_CTRL MSR. ] Add defines for the new IA 32 _ TSX_CTRL MSR and its bits. TSX has two sub-features: 1. Restricted Transactional Memory (RTM) is an explicitly-used feature    where new instructions begin and end TSX transactions. 2. Hardware Lock Elision (HLE) is implicitly used when certain kinds of    “old” style locks are used by software. Bit 7 of the IA 32 _ ARCH_CAPABILITIES indicates the presence of the IA 32 _ TSX_CTRL MSR. There are two control bits in IA 32 _ TSX_CTRL MSR:   Bit 0: When set, it disables the Restricted Transactional Memory (RTM)          sub-feature of TSX (will force all transactions to abort on the XBEGIN instruction).   Bit 1: When set, it disables the enumeration of the RTM and HLE feature          (i.e. it will make CPUID (EAX=7) .EBX {bit4} and CPUID (EAX=7) .EBX {bit 11} read as 0). The other TSX sub-feature, Hardware Lock Elision (HLE), is unconditionally disabled by the new microcode but still enumerated as present by CPUID (EAX=7) .EBX {bit4}, unless disabled by IA 32 _ TSX_CTRL_MSR [1] – TSX_CTRL_CPUID_CLEAR. Signed-off-by: Pawan GuptaSigned-off-by: Borislav PetkovSigned-off-by: Thomas GleixnerTested-by: Neelima KrishnanReviewed-by: Mark GrossReviewed-by: Tony LuckReviewed-by: Josh Poimboeuf

1 files changed, 5 insertions, 0 deletions

diff –git a / arch / x 86 / include / asm / msr-index.hb / arch / x 86 / include / asm / msr-index.h
index (CE) a 2540 .. da4caf6da 739 100644
— A / (arch / x) / include / asm / msr-index.h
B /arch / x 86 / include / asm / msr-index.h

@@ – 93, 6 93, 7 @@

* Microarchitectural Data

* Sampling (MDS) vulnerabilities.

* /

# define ARCH_CAP_TSX_CTRL_MSR BIT (7) / * MSR for TSX control is available. * /

#define MSR_IA 32 _FLUSH_CMD 0x00000 (b

#define L1D_FLUSH BIT ( 0) / *

@@ – 103, 6 104, 10 @@

#define MSR_IA (_ BBL_CR_CTL 0x)

#define MSR_IA 32 _ BBL_CR_CTL3 0x00000 11 e

# define MSR_IA (TSX_CTRL 0x) ******************************************

# define TSX_CTRL_RTM_DISABLE BIT (0) / * Disable RTM feature * /

# define TSX_CTRL_CPUID_CLEAR BIT (1) / * Disable TSX enumeration * /

(#define MSR_IA) _ SYSENTER_CS 0x 00000174

#define MSR_IA 32 _ SYSENTER_ESP 0x 00000175

#define MSR_IA 32 _ SYSENTER_EIP 0x 00000176

Brave Browser
Read More
Payeer

About admin

Check Also

Intel SGX is vulnerable to an unfixable flaw that can steal crypto keys and more, Ars Technica

Intel SGX is vulnerable to an unfixable flaw that can steal crypto keys and more, Ars Technica

SPECULATIVE EXECUTION STIKES AGAIN — Just when you thought it was secure again, Intel's digital vault falls to a new attack. Dan Goodin - Mar 10, 2020 10:40 pm UTC For the past 26 months, Intel and other CPU makers have been assailed by Spectre, Meltdown, and a steady flow of follow-on vulnerabilities that make…

Leave a Reply

Your email address will not be published. Required fields are marked *