硬件锁消除技术是否已因幽灵缓解而一去不复返了? [英] Has Hardware Lock Elision gone forever due to Spectre Mitigation?
问题描述
由于减轻了Spectre的影响,当前所有的CPU都禁用了硬件锁定清除"功能,并且使用HLE内部函数/指令进行互斥的任何尝试都会导致通常的互斥吗?
Is this correct that Hardware Lock Elision is disabled for all current CPUs due to Spectre mitigation, and any attempt to have a mutex using HLE intrinsics/instructions would result in usual mutex?
将来是否有可能没有像HLE互斥那样的东西来避免像Spectre这样的漏洞?
Is this likely that there will not be anything like HLE mutexes in future to avoid vulnerabilities like Spectre?
推荐答案
因此,可能禁用TSX并不是为了减轻Spectre,而是作为另一种缓解漏洞的一部分,即TSX异步中止(TAA).
So, TSX may be disabled not to mitigate Spectre, but as a part of another vulnerability mitigation, TSX Asynchronous Abort (TAA).
这是英特尔网站上的相关文章:
Here's relevant article on Intel website:
其中链接到两篇更详细的文章:
Which links to two more detailed articles:
- 微体系结构存储缓冲区数据采样(MSBDS) CVE-2018-12126
- TSX Asynchronous Abort (TAA) CVE-2019-11135
- Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12126
链接包含以下信息:
- 某些将来甚至当前的CPU可能会通过
IA32_ARCH_CAPABILITIES[TAA_NO]=1检测到针对TAA的硬件缓解措施. - 否则,如果CPU易受MDS(
IA32_ARCH_CAPABILITIES[MDS_NO]=0)影响,则缓解MDS的软件也会缓解TAA - 对于
IA32_ARCH_CAPABILITIES[TAA_NO]=0和IA32_ARCH_CAPABILITIES[MDS_NO]=1,应通过以下方法之一缓解TAA:- 软件缓解措施
- 有选择地禁用TSX
- Some future or even current CPUs may have hardware mitigation for TAA, detected by
IA32_ARCH_CAPABILITIES[TAA_NO]=1. - Otherwise if the CPU is susceptible to MDS (
IA32_ARCH_CAPABILITIES[MDS_NO]=0), software mitigation for MDS will also mitigate TAA - In the case of
IA32_ARCH_CAPABILITIES[TAA_NO]=0andIA32_ARCH_CAPABILITIES[MDS_NO]=1, TAA should be mitigated by one of following:- Software mitigation
- Selectively disabling TSX
上面提到的有选择地禁用TSX 的功能随微码更新一起提供.这样的微代码更新后,控制TSX的能力由
IA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7)=1控制.Ability for above mentioned selectively disabling TSX arrives with microcode update. After such microcode update, ability to control TSX is controlled by
IA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7)=1.现在,关于HLE. TAA文章说:
Now, about HLE. TAA article says:
某些处理器可能需要加载微代码更新以添加对
IA32_TSX_CTRL的支持. MSR支持通过设置TSX_CTRL_RTM_DISABLE (bit 0)禁用Intel TSX的RTM功能.设置此位后,所有RTM事务都将以中止代码0中止,直到在该事务中执行任何指令之前,即使是推测性执行.在枚举IA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7)=1的处理器上,始终会忽略HLE前缀提示.Some processors may need to load a microcode update to add support for
IA32_TSX_CTRL. The MSR supports disabling the RTM functionality of Intel TSX by settingTSX_CTRL_RTM_DISABLE (bit 0). When this bit is set, all RTM transactions will abort with abort code 0 before any instructions can execute within the transaction, even speculatively. On processors that enumerateIA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7)=1, HLE prefix hints are always ignored.The HLE feature is also marked as removed in Intel® 64 and IA-32 Architectures Software Developer’s Manual:
2.5英特尔指令集的体系结构和功能已删除
英特尔®内存保护扩展(英特尔®MPX) MSR_TEST_CTRL,位31(MSR地址33H) 硬件锁定清除(HLE)
2.5 INTEL INSTRUCTION SET ARCHITECTURE AND FEATURES REMOVED
Intel® Memory Protection Extensions (Intel® MPX) MSR_TEST_CTRL, bit 31 (MSR address 33H) Hardware Lock Elision (HLE)
我相信我已经回答了我的问题:
I believe that I have answers to my questions:
由于
SpectreTAA缓解,当前所有的CPU都禁用了硬件锁定清除功能,并且尝试使用HLE内部函数/指令进行互斥是否会导致通常的互斥,这是正确的吗?Is this correct that Hardware Lock Elision is disabled for all current CPUs due to
SpectreTAA mitigation, and any attempt to have a mutex using HLE intrinsics/instructions would result in usual mutex?是的.不推荐使用.除非英特尔不赞成这样做.
Yes. It is deprecated. Unless Intel undeprecates it.
将来是否有可能没有像HLE互斥那样的东西来避免像Spectre这样的漏洞?
Is this likely that there will not be anything like HLE mutexes in future to avoid vulnerabilities like Spectre?
不.仍然有RTM,它可能没有被禁用,它可用于创建HLE互斥锁等互斥锁.将来可能还会有一些处理器不受TAA的影响,RTM可能会为他们服务.
No. There is still RTM, which may be not disabled, and it can be used to create mutexes like HLE mutexes. There may also may be future processors not susceptible to TAA, RTM may work for them.
这篇关于硬件锁消除技术是否已因幽灵缓解而一去不复返了?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
