Intel® Transactional Synchronization Extensions (Intel® TSX) Asynchronous Abort / CVE-2019-11135 / INTEL-SA-00270

ID 660217
Updated 11/12/2019
Version Latest
Public

author-image

By

Disclosure date:
2019-11-12

Published date:
2019-11-12

Severity rating:
6.5 Medium

Industry-wide severity ratings can be found in the National Vulnerability Database


Aliases

  • TAA

Related Content

Intel® Transactional Synchronization Extensions (Intel® TSX) Asynchronous Abort

INTEL-SA-00270

Affected Processors: Transient Execution Attacks by Product CPU

Overview

Intel® Transactional Synchronization Extensions (Intel® TSX) are an extension to the x86 instruction set architecture that adds hardware transactional memory support to improve performance of multi-threaded software. The TSX Asynchronous Abort (TAA) vulnerability is similar to Microarchitectural Data Sampling (MDS) and affects the same buffers (store buffer, fill buffer, load port writeback data bus).

Intel TSX supports atomic memory transactions that are either committed or aborted. When an Intel TSX memory transaction is aborted, either synchronously or asynchronously, all earlier memory writes inside the transaction are rolled back to the state before the transaction start. While an Intel TSX asynchronous abort (TAA) is pending, certain loads inside the transaction that are not yet completed may read data from microarchitectural structures and speculatively pass that data to dependent operations. This may cause microarchitectural side effects, which can later be measured to infer the value of the data in the microarchitectural structures.

Mitigation

A processor is affected by TAA if and only if both of the following conditions are true:

  • CPU supports Intel TSX1
  • CPU does not enumerate TAA_NO2

Refer to the CPUs That Require Additional Mitigations section of Intel® Transactional Synchronization Extensions (Intel® TSX) Asynchronous Abort for a list of processors affected by TAA.

OS Developers

On CPUs affected by MDS (IA32_ARCH_CAPABILITIES[MDS_NO]=0), the mitigations for MDS will also help prevent TAA.  Refer to Microarchitectural Data Sampling for more details.

On CPUs that do not require software MDS mitigations (IA32_ARCH_CAPABILITIES [MDS_NO]=1), TAA can be mitigated by either applying the MDS software mitigations or by selectively disabling Intel TSX for the workload using the IA32_TSX_CTRL MSR. Refer to Intel® Transactional Synchronization Extensions (Intel® TSX) Asynchronous Abort for more details.

VMM Developers

To ensure that guests are properly mitigated, VMMs should load a microcode update that causes IA32_ARCH_CAPABILITIES[TSX_CTRL] (bit 7) to be set on processors that need additional mitigations for TAA.

To help prevent possibly malicious guest VMs from using Intel TSX when it is not enumerated to them, VMMs should set IA32_TSX_CTRL[RTM_DISABLE] (bit 0) to disable Intel TSX on processors affected by TAA that are running untrusted guest VMs.

VMMs should ensure they apply the mitigations described in the MDS disclosure to guest VMs for which Intel TSX is enabled (IA32_TSX_CTRL[RTM_DISABLE] (bit 0)=0). Specifically, the VMM should ensure that sensitive data is not in the affected buffers before entering possibly malicious Intel TSX-enabled guests (for example, by executing VERW). The VMM should also ensure that possible victim VMs are not running on the sibling logical processor as untrusted guests.

Developers of Software Running in an Enclave

Intel® Software Guard Extensions (Intel® SGX) enclaves are potentially impacted on CPUs that are not affected by MDS (IA32_ARCH_CAPABILITIES[MDS_NO]=1) but that are affected by TAA (IA32_ARCH_CAPABILITIES[TAA_NO]=0). As the Intel® SGX security model does not trust the system software, Intel SGX cannot rely on on the system software to disable Intel TSX or to clear the microarchitectural data buffers. Mitigating TAA for Intel SGX is achieved through a microcode update.

The Intel SGX remote attestation will indicate whether the required microcode update has been applied. The mitigation for Intel SGX does not depend on the behavior of the OS or VMM.

System Administrators

Always keep your systems up to date with the latest security updates, and follow the guidance from your OS and VMM vendors.

Footnotes

  1. Intel TSX support is indicated by CPUID.07h.EBX.RTM (bit 11) set to 1 and CPUID.07h.EBX.HLE (bit 4) set to 1.
  2. CPUID.7.EDX[IA32_ARCH_CAPABILITIES supported]=0 or IA32_ARCH_CAPABILITIES[TAA_NO]=0.

References

Engineering New Protections Into Hardware

 

Software Security Guidance Home | Advisory Guidance | Technical Documentation | Best Practices | Resources