Linux 5.18-rc3 Two Intel TSX (Transaction Synchronization Extensions) fixes were previously committed and are also marked for backporting to the existing Linux stable kernel. One of the fixes addresses a situation where the system is still vulnerable to the TSX Asynchronous Abort (TAA) vulnerability, and the other is a situation where TSX may fail to shut down. The first is to disable changes to TSX development mode
on startup. While the Intel microcode update causes all TSX transactions to abort bastion security by default, it also adds a "development mode" to re-enable TSX. Through this microcoded TSX development model, a system may be inadvertently vulnerable to the TSX Async Abort vulnerability.
A microcode update on some Intel processors causes all TSX transactions to always abort by default [*]. The microcode also adds the ability to re-enable TSX for development purposes. After loading this microcode, if tsx=on is passed on the cmdline, and TSX development mode is enabled before the kernel starts, it may leave the system vulnerable to TSX Asynchronous Abort (TAA).
For greater security, TSX development mode is unconditionally disabled during boot. This can be revisited later if a viable use case emerges.
TSX Asynchronous Abort (TAA, officially known as CVE-2019-11135) was disclosed in 2019 as a hardware vulnerability that allows an asynchronous abort within the TSX transaction area to cause damage to the CPU's internal buffers. Unprivileged speculative access to data.
Another fix is to resolve that the TSX_FORCE_ABORT MSR is not available on all CPUs to disable TSX, so the TSX_CTRL MSR is now also used on supported CPUs. A code comment in the Intel-developed patch sums it up as "disabling TSX is not trivial."
Both patches were submitted on Easter morning ahead of the release of the Linux 5.18-rc3 kernel later today, and the patches are also marked as backported to existing stable and maintained Kernel version series.
The above is the detailed content of New Intel TSX fix for Linux kernel queues, force turning off TSX 'development mode'. For more information, please follow other related articles on the PHP Chinese website!