由于 Spectre Mitigation,Hardware Lock Elision 是否已经一去不复返了? [英] Has Hardware Lock Elision gone forever due to Spectre Mitigation?
问题描述
由于 Spectre 缓解而对所有当前 CPU 禁用硬件锁定消除是否正确,并且任何尝试使用 HLE 内在函数/指令进行互斥都会导致通常的互斥?
Is this correct that Hardware Lock Elision is disabled for all current CPUs due to Spectre mitigation, and any attempt to have a mutex using HLE intrinsics/instructions would result in usual mutex?
未来是否有可能不会有类似 HLE 互斥的东西来避免像 Spectre 这样的漏洞?
Is this likely that there will not be anything like HLE mutexes in future to avoid vulnerabilities like Spectre?
推荐答案
因此,禁用 TSX 可能不是为了缓解 Spectre,而是作为另一个漏洞缓解的一部分,TSX 异步中止 (TAA).
So, TSX may be disabled not to mitigate Spectre, but as a part of another vulnerability mitigation, TSX Asynchronous Abort (TAA).
这是英特尔网站上的相关文章:
Here's relevant article on Intel website:
链接到两篇更详细的文章:
Which links to two more detailed articles:
- TSX 异步中止 (TAA) CVE-2019-11135
- 微架构存储缓冲区数据采样 (MSBDS) CVE-2018-12126
- TSX Asynchronous Abort (TAA) CVE-2019-11135
- Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12126
链接包含以下信息:
- 某些未来甚至当前的 CPU 可能会对 TAA 进行硬件缓解,由
IA32_ARCH_CAPABILITIES[TAA_NO]=1检测到. - 否则,如果 CPU 容易受到 MDS (
IA32_ARCH_CAPABILITIES[MDS_NO]=0) 的影响,MDS 的软件缓解也将缓解 TAA - 在
IA32_ARCH_CAPABILITIES[TAA_NO]=0和IA32_ARCH_CAPABILITIES[MDS_NO]=1的情况下,TAA应通过以下之一缓解:- 软件缓解
- 有选择地禁用 TSX
- Some future or even current CPUs may have hardware mitigation for TAA, detected by
IA32_ARCH_CAPABILITIES[TAA_NO]=1. - Otherwise if the CPU is susceptible to MDS (
IA32_ARCH_CAPABILITIES[MDS_NO]=0), software mitigation for MDS will also mitigate TAA - In the case of
IA32_ARCH_CAPABILITIES[TAA_NO]=0andIA32_ARCH_CAPABILITIES[MDS_NO]=1, TAA should be mitigated by one of following:- Software mitigation
- Selectively disabling TSX
上述选择性禁用 TSX 的能力随微码更新一起提供.在这样的微码更新之后,控制 TSX 的能力由
IA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7)=1控制.Ability for above mentioned selectively disabling TSX arrives with microcode update. After such microcode update, ability to control TSX is controlled by
IA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7)=1.现在,关于 HLE.TAA 文章说:
Now, about HLE. TAA article says:
某些处理器可能需要加载微码更新以添加对
IA32_TSX_CTRL的支持.MSR 支持通过设置TSX_CTRL_RTM_DISABLE (bit 0)来禁用英特尔 TSX 的 RTM 功能.当该位被设置时,所有 RTM 事务都将在事务中执行任何指令之前以中止代码 0 中止,即使是推测性的.在枚举IA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7)=1的处理器上,HLE 前缀提示总是被忽略.Some processors may need to load a microcode update to add support for
IA32_TSX_CTRL. The MSR supports disabling the RTM functionality of Intel TSX by settingTSX_CTRL_RTM_DISABLE (bit 0). When this bit is set, all RTM transactions will abort with abort code 0 before any instructions can execute within the transaction, even speculatively. On processors that enumerateIA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7)=1, HLE prefix hints are always ignored.HLE 功能也在 英特尔® 64 和 IA-32 架构软件开发人员手册:
英特尔® 内存保护扩展(英特尔® MPX)MSR_TEST_CTRL,位 31(MSR 地址 33H)硬件锁消除 (HLE)
2.5 INTEL INSTRUCTION SET ARCHITECTURE AND FEATURES REMOVED
Intel® Memory Protection Extensions (Intel® MPX) MSR_TEST_CTRL, bit 31 (MSR address 33H) Hardware Lock Elision (HLE)
我相信我有问题的答案:
I believe that I have answers to my questions:
由于
SpectreTAA 缓解而对所有当前 CPU 禁用硬件锁消除是否正确,并且任何尝试使用 HLE 内在函数/指令进行互斥都会导致通常的互斥?Is this correct that Hardware Lock Elision is disabled for all current CPUs due to
SpectreTAA mitigation, and any attempt to have a mutex using HLE intrinsics/instructions would result in usual mutex?是的.它已被弃用.除非英特尔不赞成使用它.
Yes. It is deprecated. Unless Intel undeprecates it.
未来是否有可能不会有类似 HLE 互斥的东西来避免像 Spectre 这样的漏洞?
Is this likely that there will not be anything like HLE mutexes in future to avoid vulnerabilities like Spectre?
没有.还有RTM,可能没有禁用,可以用来创建类似HLE互斥锁的互斥锁.未来的处理器可能也不会受到 TAA 的影响,RTM 可能适用于他们.
No. There is still RTM, which may be not disabled, and it can be used to create mutexes like HLE mutexes. There may also may be future processors not susceptible to TAA, RTM may work for them.
这篇关于由于 Spectre Mitigation,Hardware Lock Elision 是否已经一去不复返了?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
