dri-devel Archive on lore.kernel.org
 help / color / Atom feed
From: Akeem G Abodunrin <akeem.g.abodunrin@intel.com>
To: akeem.g.abodunrin@intel.com, intel-gfx@lists.freedesktop.org,
	dri-devel@lists.freedesktop.org, omer.aran@intel.com,
	pragyansri.pathi@intel.com, d.scott.phillips@intel.com,
	david.c.stewart@intel.com, tony.luck@intel.com,
	jon.bloomfield@intel.com, sudeep.dutt@intel.com,
	daniel.vetter@intel.com, joonas.lahtinen@intel.com,
	jani.nikula@intel.com, chris.p.wilson@intel.com,
	prathap.kumar.valsan@intel.com, mika.kuoppala@intel.com,
	francesco.balestrieri@intel.com
Subject: [RFC PATCH 0/2] Security mitigation for Intel Gen7 and Gen7.5
Date: Tue, 14 Jan 2020 06:51:34 -0800
Message-ID: <20200114145136.65373-1-akeem.g.abodunrin@intel.com> (raw)

Intel ID: PSIRT-TA-201910-001
CVEID: CVE-2019-14615

Summary of Vulnerability
------------------------
Insufficient control flow in certain data structures for some Intel(R)
Processors with Intel Processor Graphics may allow an unauthenticated
user to potentially enable information disclosure via local access

Products affected:
------------------
Intel CPU’s with Gen7, Gen7.5 and Gen9 Graphics.

Mitigation Summary
------------------
This patch provides mitigation for Gen7 and Gen7.5 hardware only.
Patch for Gen9 devices have been provided and merged to Linux mainline,
and backported to stable kernels.
Note that Gen8 is not impacted due to a previously implemented
workaround.

The mitigation involves submitting a custom EU kernel prior to every
context restore, in order to forcibly clear down residual EU and URB
resources.

This is currently an RFC while more analysis is performed on the
performance implications.

Note on Address Space Isolation (Full PPGTT)
--------------------------------------------

Isolation of EU kernel assets should be considered complementary to the
existing support for address space isolation (aka Full PPGTT), since
without address space isolation there is minimal value in preventing
leakage between EU contexts. Full PPGTT has long been supported on Gen
Gfx devices since Gen8, and protection against EU residual leakage is a
welcome addition for these newer platforms.

By contrast, Gen7 and Gen7.5 device introduced Full PPGTT support only
as a hardware development feature for anticipated Gen8 productization.
Support was never intended for, or provided to the Linux kernels for
these platforms. Recent work (still ongoing) to the mainline kernel is
retroactively providing this support, but due to the level of complexity
it is not practical to attempt to backport this to earlier stable
kernels. Since without Full PPGTT, EU residuals protection has
questionable benefit, *there are no plans to provide stable kernel
backports for this patch series.*

Mika Kuoppala (1):
  drm/i915: Add mechanism to submit a context WA on ring submission

Prathap Kumar Valsan (1):
  drm/i915/gen7: Clear all EU/L3 residual contexts

 drivers/gpu/drm/i915/Makefile                 |   1 +
 drivers/gpu/drm/i915/gt/gen7_renderclear.c    | 514 ++++++++++++++++++
 drivers/gpu/drm/i915/gt/gen7_renderclear.h    |  15 +
 drivers/gpu/drm/i915/gt/intel_gpu_commands.h  |  17 +-
 .../gpu/drm/i915/gt/intel_ring_submission.c   | 103 +++-
 drivers/gpu/drm/i915/i915_utils.h             |   5 +
 6 files changed, 649 insertions(+), 6 deletions(-)
 create mode 100644 drivers/gpu/drm/i915/gt/gen7_renderclear.c
 create mode 100644 drivers/gpu/drm/i915/gt/gen7_renderclear.h

-- 
2.20.1

_______________________________________________
dri-devel mailing list
dri-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/dri-devel

             reply index

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-01-14 14:51 Akeem G Abodunrin [this message]
2020-01-14 14:51 ` [RFC PATCH 1/2] drm/i915: Add mechanism to submit a context WA on ring submission Akeem G Abodunrin
2020-01-16 16:12   ` [PATCH " Mika Kuoppala
2020-01-14 14:51 ` [RFC PATCH 2/2] drm/i915/gen7: Clear all EU/L3 residual contexts Akeem G Abodunrin
2020-01-14 22:35   ` Chris Wilson

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200114145136.65373-1-akeem.g.abodunrin@intel.com \
    --to=akeem.g.abodunrin@intel.com \
    --cc=chris.p.wilson@intel.com \
    --cc=d.scott.phillips@intel.com \
    --cc=daniel.vetter@intel.com \
    --cc=david.c.stewart@intel.com \
    --cc=dri-devel@lists.freedesktop.org \
    --cc=francesco.balestrieri@intel.com \
    --cc=intel-gfx@lists.freedesktop.org \
    --cc=jani.nikula@intel.com \
    --cc=jon.bloomfield@intel.com \
    --cc=joonas.lahtinen@intel.com \
    --cc=mika.kuoppala@intel.com \
    --cc=omer.aran@intel.com \
    --cc=pragyansri.pathi@intel.com \
    --cc=prathap.kumar.valsan@intel.com \
    --cc=sudeep.dutt@intel.com \
    --cc=tony.luck@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

dri-devel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/dri-devel/0 dri-devel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dri-devel dri-devel/ https://lore.kernel.org/dri-devel \
		dri-devel@lists.freedesktop.org
	public-inbox-index dri-devel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.freedesktop.lists.dri-devel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git