Intel Sends Out Latest Patches For Mitigating Graphics Flaw On Ivybridge/Haswell
It has been one month and a few days since Intel first made public the need for graphics driver patching of Gen 7/7.5 graphics for older Ivybridge / Haswell hardware to fix a graphics hardware flaw. That vulnerability also affected the common Intel Gen9 graphics but there the mitigation was uneventful and quickly merged without causing any performance hit. But for Ivybridge/Haswell one month later the graphics driver mitigation for CVE-2019-14615 is still being addressed.
This vulnerability is also known as iGPU Leak by the researchers that discovered it but for the Gen7/Gen7.5 protection the mitigation has been particularly problematic. With the initial Gen7/Gen7.5 patches posted in mid-January there was a huge hit to the graphics performance while Intel worked towards no performance loss.
At the end of January they sent out their latest mitigation and confirmation that the performance penalties should now be avoided. Fast forward to today, a second version of the patches have been posted.
The new patches still touch nearly 700 lines of driver code and make just some minor code changes compared to the previous revision. They still are under the belief that this revised mitigation should cause no hit to the graphics performance.
As the Intel open-source driver developers appear to be in no rush in landing this fix unlike the same-day action for the Gen9 mitigation, we'll see if they try to get this merged for Linux 5.6 in the near-term or just end up holding it in DRM-Next until Linux 5.7.
Separately, we are also still waiting on Intel to provide updated CPU microcode for Linux users in order to address the other CPU data leakage disclosures from last month.
This vulnerability is also known as iGPU Leak by the researchers that discovered it but for the Gen7/Gen7.5 protection the mitigation has been particularly problematic. With the initial Gen7/Gen7.5 patches posted in mid-January there was a huge hit to the graphics performance while Intel worked towards no performance loss.
At the end of January they sent out their latest mitigation and confirmation that the performance penalties should now be avoided. Fast forward to today, a second version of the patches have been posted.
The new patches still touch nearly 700 lines of driver code and make just some minor code changes compared to the previous revision. They still are under the belief that this revised mitigation should cause no hit to the graphics performance.
As the Intel open-source driver developers appear to be in no rush in landing this fix unlike the same-day action for the Gen9 mitigation, we'll see if they try to get this merged for Linux 5.6 in the near-term or just end up holding it in DRM-Next until Linux 5.7.
Separately, we are also still waiting on Intel to provide updated CPU microcode for Linux users in order to address the other CPU data leakage disclosures from last month.
8 Comments