New Intel TSX Fixes For The Linux Kernel Queue Up, Forces Off TSX "Development Mode"
Two Intel TSX (Transactional Synchronization Extensions) fixes were submitted today ahead of Linux 5.18-rc3 and are also marked for back-porting to existing Linux stable kernels. One of the fixes is for addressing a case where systems could still be left vulnerable to the TSX Asynchronous Abort (TAA) vulnerability and the other is where TSX may not get turned off.
First up is a change to disable TSX development mode at boot. While an Intel microcode update had made it so all TSX transactions would abort by default fort security, it also added a "development mode" to re-enable TSX. It's possible through that microcode TSX development mode that systems could unintentionally be left vulnerable to the TSX Async Abort vulnerability.
TSX Asynchronous Abort (TAA, formally CVE-2019-11135) was disclosed in 2019 as a hardware vulnerability leading to unprivileged speculative access to data in CPU-internal buffers through asynchronous aborts within TSX transactional regions.
The other fix is to address the TSX_FORCE_ABORT MSR not being available on all CPUs to disable TSX so now on supported CPUs the TSX_CTRL MSR is also used. The code comment in that Intel-developed patch sums it up as "Disabling TSX is not a trivial business."
Both of these patches were submitted this Easter morning ahead of the Linux 5.18-rc3 kernel coming later today while these patches are also marked for back-porting to existing stable and maintained kernel release series.
First up is a change to disable TSX development mode at boot. While an Intel microcode update had made it so all TSX transactions would abort by default fort security, it also added a "development mode" to re-enable TSX. It's possible through that microcode TSX development mode that systems could unintentionally be left vulnerable to the TSX Async Abort vulnerability.
A microcode update on some Intel processors causes all TSX transactions to always abort by default[*]. Microcode also added functionality to re-enable TSX for development purposes. With this microcode loaded, if tsx=on was passed on the cmdline, and TSX development mode was already enabled before the kernel boot, it may make the system vulnerable to TSX Asynchronous Abort (TAA).
To be on safer side, unconditionally disable TSX development mode during boot. If a viable use case appears, this can be revisited later.
TSX Asynchronous Abort (TAA, formally CVE-2019-11135) was disclosed in 2019 as a hardware vulnerability leading to unprivileged speculative access to data in CPU-internal buffers through asynchronous aborts within TSX transactional regions.
The other fix is to address the TSX_FORCE_ABORT MSR not being available on all CPUs to disable TSX so now on supported CPUs the TSX_CTRL MSR is also used. The code comment in that Intel-developed patch sums it up as "Disabling TSX is not a trivial business."
Both of these patches were submitted this Easter morning ahead of the Linux 5.18-rc3 kernel coming later today while these patches are also marked for back-porting to existing stable and maintained kernel release series.
Add A Comment