Intel's Linux Graphics Driver Patched For New Security Issue But Can Impact Performance
Written by Michael Larabel in Intel on 26 January 2022 at 01:54 PM EST. 19 Comments
INTEL --
Intel's "i915" kernel graphics driver has been patched for a software issue that could lead to malicious user-space trigger DMAR read/write faults or worse is the possibility of user-space gaining access to random memory pages. Unfortunately, the security fix comes with performance implications.

If not running with an IOMMU active, CVE-2022-0330 could lead to user-space gaining access to random memory pages. This could mean either data leaks and/or random memory corruption. The issue with the Intel graphics driver stems from a missing TLB flush when releasing memory that was backing a GPU buffer object to the system memory.

Intel engineer Tvrtko Ursulin wrote on the OSS security mailing list, "Flawed assumption was that flushing the TLB at the start of every userspace GPU execution is sufficient, given the programming model where userspace is expected to declare which graphics virtual memory address ranges it will be accessing at the start of every execution. However what was not considered is that userspace can legitimately (it is allowed in uapi) _not_ declare those accesses. This allows userspace to continue GPU access to memory, while the kernel driver (i915) is unaware of it being in use, and therefore is allowed to release the backing store back to the system. Should the system then give out those pages back for a different use, the exploit situation can arise. Return of the pages back to the system can either be specifically engineered by the malicious software, or can happen innocently via system memory pressure. All Intel integrated and discrete GPUs starting from Gen8 (Broadwell) are affected."

While a fix has already been merged into the mainline Linux kernel, unfortunately the extra TLB flushing can impact the Intel performance. Tvrtko added, "Fix has already been developed and consists of explicitly flushing the TLBs before releasing memory back to the system for any GPU buffer objects which were in use from the GPU. Note that this will have a varying performance impact depending on the specific GPU, GPU workload and overall system workload."


Another security patch with performance implications...


Needless to say, I'll be firing up some benchmarks with/without this security patch for showing any performance impact across different Intel hardware.

The security fix is in drm/i915: Flush TLBs before releasing backing store. The fix does note the route for simplicity was taken and depending upon benchmark results may be refined later.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week