Linux Kernel Gets Mitigations For TSX Async Abort Plus Another New Issue: iITLB Multihit
The mainline Linux kernel received mitigations for ZombieLoad TAA that work in conjunction with newly-published Intel microcode. The mitigations also now expose /sys/devices/system/cpu/vulnerabilities/tsx_async_abort for reporting the mitigation status plus a new tsx_async_abort kernel parameter. With the TAA mitigation, the system will clear CPU buffers on ring transitions.
But the other issue brought up by this mitigation work is the other new issue as "iITLB Multihit (NX) - No eXcuses." This issue occurs for some Intel CPUs causing a machine check error and possible unrecoverable CPU lockup stemming from page size changes. This has implications in the cloud/VM space for being able to cause a denial of service attack by a malicious guest. The workaround for this "No eXcuses" vulnerability is KVM marking huge pages in the extended page tables as non-executable (NX).
For the iTLB Multihit issue is a new /sys/devices/system/cpu/vulnerabilities/itlb_multihit sysfs node and kvm.nx_huge_pages= option. This issue has been known since last year and tagged CVE-2018-12207. More details on that separate vulnerability from today's other CPU problems via this documentation. Microsoft also mitigated Windows today in the latest updates for this problem.
Intel's latest CPU microcode images for TAA and JCC erratum can be found via GitHub.
I'll be running some fresh kernel benchmarks of TSX async abort mitigations shortly as well as continuing in my JCC erratum benchmarking. Like my relentless Linux benchmarking? Consider showing your support by joining Phoronix Premium.