Intel To Disable TSX By Default On More CPUs With New Microcode (phoronix.com) 46
Intel is going to be disabling Transactional Synchronization Extensions (TSX) by default for various Skylake through Coffee Lake processors with forthcoming microcode updates. Phoronix reports: Transactional Synchronization Extensions (TSX) have been around since Haswell for hardware transactional memory support and going off Intel's own past numbers can be around 40% faster in specific workloads or as much 4~5 times faster in database transaction benchmarks. TSX issues have been found in the past such as a possible side channel timing attack that could lead to KASLR being defeated and CVE-2019-11135 (TSX Async Abort) for an MDS-style flaw. Now in 2021 Intel is disabling TSX by default across multiple families of Intel CPUs from Skylake through Coffee Lake. [...] The Linux kernel is preparing for this microcode change as seen in the flow of new patches this morning for the 5.14 merge window.
A memory ordering issue is what is reportedly leading Intel to now deprecate TSX on various processors. There is this Intel whitepaper (PDF) updated this month that outlines the problem at length. As noted in the revision history, the memory ordering issue has been known to Intel since at least before October 2018 but only now in June 2021 are they pushing out microcode updates to disable TSX by default. With forthcoming microcode updates will effectively deprecate TSX for all Skylake Xeon CPUs prior to Stepping 5 (including Xeon D and 1st Gen Xeon Scalable), all 6th Gen Xeon E3-1500m v5 / E3-1200 v5 Skylake processors, all 7th/8th Gen Core and Pentium Kaby/Coffee/Whiskey CPUs prior to 0x8 stepping, and all 8th/9th Gen Core/Pentium Coffee Lake CPUs prior to 0xC stepping will be affected. That ultimately spans from various Skylake steppings through Coffee Lake; it was with 10th Gen Comet Lake and Ice Lake where TSX/TSX-NI was subsequently removed.
In addition to disabling TSX by default and force-aborting all RTM transactions by default, a new CPUID bit is being enumerated with the new microcode to indicate that the force aborting of RTM transactions. It's due to that new CPUID bit that the Linux kernel is seeing patches. Previously Linux and other operating systems applied a workaround for the TSX memory ordering issue but now when this feature is disabled, the kernel can drop said workaround. These patches are coming with the Linux 5.14 cycle and will likely be back-ported to stable too.
A memory ordering issue is what is reportedly leading Intel to now deprecate TSX on various processors. There is this Intel whitepaper (PDF) updated this month that outlines the problem at length. As noted in the revision history, the memory ordering issue has been known to Intel since at least before October 2018 but only now in June 2021 are they pushing out microcode updates to disable TSX by default. With forthcoming microcode updates will effectively deprecate TSX for all Skylake Xeon CPUs prior to Stepping 5 (including Xeon D and 1st Gen Xeon Scalable), all 6th Gen Xeon E3-1500m v5 / E3-1200 v5 Skylake processors, all 7th/8th Gen Core and Pentium Kaby/Coffee/Whiskey CPUs prior to 0x8 stepping, and all 8th/9th Gen Core/Pentium Coffee Lake CPUs prior to 0xC stepping will be affected. That ultimately spans from various Skylake steppings through Coffee Lake; it was with 10th Gen Comet Lake and Ice Lake where TSX/TSX-NI was subsequently removed.
In addition to disabling TSX by default and force-aborting all RTM transactions by default, a new CPUID bit is being enumerated with the new microcode to indicate that the force aborting of RTM transactions. It's due to that new CPUID bit that the Linux kernel is seeing patches. Previously Linux and other operating systems applied a workaround for the TSX memory ordering issue but now when this feature is disabled, the kernel can drop said workaround. These patches are coming with the Linux 5.14 cycle and will likely be back-ported to stable too.
Seems like a known defect (Score:3)
Seems like a known defect - class action lawsuit in the pipe yet?
Re:Seems like a known defect (Score:4, Funny)
Gotta love the American reaction. Something happens so we need to either sue it or shoot it.
Re: (Score:3)
And when aliens invade we'll shoot them first then sic our lawyers on them. No one messes with the US.
Re: (Score:1)
The problem is Klingons keep pounding our judges into bloody pulp. What's Plan B?
Re: (Score:2)
Re: (Score:2)
Very Old idea.
"The first thing we do, let's kill all the lawyers".
William Shakespeare; Henry VI, Part 2, Act IV,
Re: (Score:2)
Re:Seems like a known defect (Score:5, Insightful)
It's due to weak consumer protection laws.
I'm many European countries you would just go back to the retailer to get your partial refund for lost performance. No need to sue, small claims court is available if they refuse.
Re: (Score:3)
Except the Europeans pay for their consumer protection laws. TINSTAAFL after all. You might know this as "Europeans pay higher prices".
Sure, some of it is because the sales tax is embedded in the price, but the other part of the difference is the legislative cost - regulations cost money an
Re: (Score:1)
The problem with warranties is that they are all different, covering and excluding different things. It's much better to have a clear law with clear principals.
There might be some additional cost, but again warranties are an upsell item that is mostly profit. If it's a legal requirement then there is the normal price competition pressure and an incentive to build stuff that lasts. Well, it's more like an incentive for retailers to only stock stuff that isn't junk, because they are the ones liable.
There are
Re: (Score:2)
Small claims court in european countries is usually very cheap, you pay a fixed filing fee and don't need to hire a lawyer. For a claim of $500 the fee would be under $100, and i'm pretty sure you do get awarded the filing cost if the judgement goes your way.
Consumer law is also pretty straight forward, so if the company you're claiming against is in the wrong they will lose. In many cases companies know this and won't even contest the claim, but they will often ignore you prior to that in the hope that you
Re: (Score:1)
Re: (Score:2)
What's your reaction to a product getting 40% worse in usability after the sale?
- "Ask nicely for a refund, bowing down deeply with hat in hand"
- "Keep a stiff upper lip and just take the losses"
- "Don't care and continue watching sportsball"
- "Write a flaming Twitter post to vent anger"
- "Warn everyone that criticism of intel is dogwhistle antisemitism"
Which is it?
Re: (Score:2)
Consumer protection laws.
Consumer.
Protection.
Laws.
That's how you can tell EU citizens from everyone else. EU citizens CANNOT possibly fathom someone NOT being a consumer. They simply can't. Apart from a handful of startups and brave entrepreneurs, EU citizens CANNOT imagine running a business. No wonder the EU has no tech industry to speak of and everyone is living off the the state's teat and inflated money.
Don't worry, the US is catching up very quickly, though. They killed a lot of their businesses now a
Re: (Score:2)
No. What the Europeans, us Australians, and the rest of the civil world, is why Americans think its OK to get fucked in the arse in the name of "Free Enterprise". Aint nothing free about an enterprise where one sides got all the bargaining power. Thats how cocaine cartels work, not free enterprises.
If American Businesses can't survive without shafting the consumer, they are welcome to stay at home. We have our own businesses doing just fine that are respecting consumer rights.
Re: (Score:2)
bahahabaha - Right because there are so many good EU based options for high performance micro processor parts! Enjoy your ARM systems - and no you don't get the Apple version.
Re: (Score:2)
Freedom involves the option to behave badly, but barely enough to not be involved in criminal law or be sued easily. Any degree of freedom will have unethical companies teetering on the edge of what is allowed and what is not. Only way to change that it making everyone less free and turn the state into a bully. Sounds nice, but then again suing the state usually fails and the state has unending resources, compared to Apple and Intel who just have *very much* resources.
But lecture us about how dictatorship a
Re: (Score:2)
None of the above. I get compensated under fairly standard consumer protection laws for lost performance after the fact based on an expectation for duration of service and advertised performance.
Kind of the same reason why all red-ringed xboxes were replaced out of warranty in my country while in the USA Americans were told "hahah fuck you". Or the reason why my parents got a significant amount of cash back from Volkswagen a few years ago without ever having to resort to sueing or shooting anyone (or even a
Re: (Score:2)
My brother got $4000 or so from M-B over a defective thing, no need to sue. We live in America. Welcome to the real world.
Let me see your shocked face.
(My sue them post was a JOKE, but it will probably happen)
Re: (Score:2)
No need for a shocked face. I have zero doubt that if your brother's defective thing was wide spread that people would sue.
But congrats to your brother on finding a corporation which is ethical. That's rare and he should consider himself truly lucky rather than a citizen of a sanely setup society. 99% of corporations will happily just send you a fuck you unless the law says they can't.
Re: (Score:2)
I'm sorry you've had such a negative experience in your time living in America. Rest assured that your hardship is not at all typical of the experience of anyone I know in real life here in the good old USA. Maybe your luck will change. All the best. Perhaps dealing with businesses who care about their brand and reputation will help?
In any case, hope things improve for you.
Re: (Score:2)
You skipped - wait for someone people that care more than I do to file a class action suit. Sign my name on the little card that comes in the mail - wait for my $5 check and 10% coupon for a future purchase.
Article is not readable (Score:2)
it's worse than this : https://www.youtube.com/watch?... [youtube.com]
Why not just say : "Intel is downgrading remotely your CPU into 2012 because they just fucked up"
Re: Article is not readable (Score:2)
I would more consider that TSX is a feature that could be useful for some applications but not for every.
So if I set up a database server seeing a high intensity in transactions this feature could help, but for most other cases it would have marginal effect if it's disabled.
Re: (Score:2)
Yeah, but to fix their next set of bugs Intel will have to disable the multiply instruction in the microcode. I suspect that'll hit a lot more people.
When they have to disable memory loads, that's when it'll get really ugly.
Re: (Score:2)
I'm sure a significant number of people do run database servers, and they might have based their decision to purchase intel on the performance figures quoted. Had they been aware that TSX would be disabled, and the resultant lower performance figures they might have chosen AMD, ARM, IBM or even Oracle instead.
Re: (Score:2)
Another prospective is "they have to take away the speed cheats because they've been caught taking unsafe shortcuts."
Re: (Score:2)
Re: (Score:2)
I don't know about the particular ISA problem, but they've been caught using known unsafe shortcuts before, so it's not an unreasonable assumption.
Re: (Score:1)
I don't know enough specifics to say if it is "reasonable" that they should have tested for or been concerned about cross-thread data leak hacks.
Nice (Score:2)
I wonder if they'll hire Justin Long to do another one of those "go Intel" commercials?
Huge vulnerability. (Score:5, Informative)
If they are disabling it it means a definitive hack that can quickly compromise an entire system (similar to meltdown) has been identified. Intel doesn't do anything out of "an abundance of caution" (they have been aware of flaws in TSX for years) if it means they can still tout that their chip is faster at something. Instead, Intel only takes reactionary measures which means they are not the only ones who know how to exploit it. I expect a new CVE probably in a month after the microcode update has been pushed.
Re: (Score:2)
Yeah, and they're STILL going to claim their chips are faster, if history is any indication. Even though this has been disabled by default, signaling that it is too dangerous to use, they will base their performance claims on benchmarks with it enabled.
GCC / LLVM or Linux app (Score:2)
Anyone knows if GCC / LLVM had any optimizations for using TSX ? ...
If if any DB software running on Linux was using TSX ?
If it's yet another instruction Intel added just for use in a useless benchmark and not actually used by any software
Re: (Score:3)
Anyone knows if GCC / LLVM had any optimizations for using TSX ?
I'm pretty sure both of them would use TSX for C++11 atomic types [cppreference.com] and C11 atomic types [cppreference.com]. I should be noted that transactional memory is actually implemented in software and on half a dozen architectures, so this it's not a wasted effort (OK, maybe the TSX specific parts but not the rest).
If it's yet another instruction Intel added just for use in a useless benchmark and not actually used by any software
Any software that uses atomics and built for x86_64 is going to be affected. However, since it's an optional feature and identified in the CPUID register, all software generated by compilers will fallback on software imple
Re: (Score:2)
yeah.
Many lock free datastructures use these instructions. There are standard implementation in various libraries. They are certainly used in filesystems.
There were TSX patches discussed on postgresql mailing list last year.
To disable or not to disable? (Score:2)
Re: (Score:2)
All those side channel weaknesses are not normally exploitable on single user machines.
Unless you download and run software, or use a web browser which lets other people run software on your computer without you actually installing it. You know, use your computer as a computer?
Re: (Score:2)
Re: (Score:2)
There's PoC, I don't know if anyone has actually been exploited. Who knows?
But putting aside WebAssembly is probably a mistake, most people will run whatever
Look at it this way (Score:5, Interesting)
Look at it this way: I just read that Microsoft is doing all kind of stuff in the name of security that makes it much harder [read - you should buy a new computer] to use its upcoming Windows 11 with the same echelon of older computers. Coincidence? I don't think so. Now Intel is going to deliberately cripple their older than 10xxx processors so that people will have to buy these newer processors, and in order to have better performance even with Linux. It's all about the profit, not security. Criminals, only high level corporate ones. Too many people sticking with Skylake to Kaby Lake CPUs? Cripple them somehow [since previous patches didn't cripple them enough, it seems]. Force people to buy new computers. They need your money.