Project

General

Profile

Actions

Bug #11967

closed

need TAA mitigation

Added by John Levon almost 2 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

We need some mitigation for CVE-2019-11135 aka TSX Asynchronous Abort

Actions #1

Updated by John Levon almost 2 years ago

I tested this on a suitable Cascade Lake machine that has newer microcode. On booting I confirmed that all CPUs had the new microcode, the x86 featureset looked good, and that a test program that tried TSX despite it not being present in CPUID was aborted in the correct fashion. I also booted on other systems and verified they booted OK, as well as setting x86_disable_taa to check that worked OK too.

Actions #2

Updated by Electric Monk almost 2 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

git commit e25cb0e77ab84d3147918b8aef1f5161fbccb30e

commit  e25cb0e77ab84d3147918b8aef1f5161fbccb30e
Author: John Levon <john.levon@joyent.com>
Date:   2020-01-15T10:15:29.000Z

    11967 need TAA mitigation
    Portions contributed by: Robert Mustacchi <rm@fingolfin.org>
    Reviewed by: Dan McDonald <danmcd@joyent.com>
    Approved by: Richard Lowe <richlowe@richlowe.net>

Actions

Also available in: Atom PDF