1 .. SPDX-License-Identifier: GPL-2.0
3 SRBDS - Special Register Buffer Data Sampling
4 =============================================
6 SRBDS is a hardware vulnerability that allows MDS :doc:`mds` techniques to
7 infer values returned from special register accesses. Special register
8 accesses are accesses to off core registers. According to Intel's evaluation,
9 the special register reads that have a security expectation of privacy are
10 RDRAND, RDSEED and SGX EGETKEY.
12 When RDRAND, RDSEED and EGETKEY instructions are used, the data is moved
13 to the core through the special register mechanism that is susceptible
18 Core models (desktop, mobile, Xeon-E3) that implement RDRAND and/or RDSEED may
21 A processor is affected by SRBDS if its Family_Model and stepping is
22 in the following list, with the exception of the listed processors
23 exporting MDS_NO while Intel TSX is available yet not enabled. The
24 latter class of processors are only affected when Intel TSX is enabled
25 by software using TSX_CTRL_MSR otherwise they are not affected.
27 ============= ============ ========
28 common name Family_Model Stepping
29 ============= ============ ========
36 Broadwell_G 06_47H All
42 Kabylake_L 06_8EH <= 0xC
43 Kabylake 06_9EH <= 0xD
44 ============= ============ ========
49 The following CVE entry is related to this SRBDS issue:
51 ============== ===== =====================================
52 CVE-2020-0543 SRBDS Special Register Buffer Data Sampling
53 ============== ===== =====================================
57 An unprivileged user can extract values returned from RDRAND and RDSEED
58 executed on another core or sibling thread using MDS techniques.
63 Intel will release microcode updates that modify the RDRAND, RDSEED, and
64 EGETKEY instructions to overwrite secret special register data in the shared
65 staging buffer before the secret data can be accessed by another logical
68 During execution of the RDRAND, RDSEED, or EGETKEY instructions, off-core
69 accesses from other logical processors will be delayed until the special
70 register read is complete and the secret data in the shared staging buffer is
73 This has three effects on performance:
75 #. RDRAND, RDSEED, or EGETKEY instructions have higher latency.
77 #. Executing RDRAND at the same time on multiple logical processors will be
78 serialized, resulting in an overall reduction in the maximum RDRAND
81 #. Executing RDRAND, RDSEED or EGETKEY will delay memory accesses from other
82 logical processors that miss their core caches, with an impact similar to
83 legacy locked cache-line-split accesses.
85 The microcode updates provide an opt-out mechanism (RNGDS_MITG_DIS) to disable
86 the mitigation for RDRAND and RDSEED instructions executed outside of Intel
87 Software Guard Extensions (Intel SGX) enclaves. On logical processors that
88 disable the mitigation using this opt-out mechanism, RDRAND and RDSEED do not
89 take longer to execute and do not impact performance of sibling logical
90 processors memory accesses. The opt-out mechanism does not affect Intel SGX
91 enclaves (including execution of RDRAND or RDSEED inside an enclave, as well
92 as EGETKEY execution).
94 IA32_MCU_OPT_CTRL MSR Definition
95 --------------------------------
96 Along with the mitigation for this issue, Intel added a new thread-scope
97 IA32_MCU_OPT_CTRL MSR, (address 0x123). The presence of this MSR and
98 RNGDS_MITG_DIS (bit 0) is enumerated by CPUID.(EAX=07H,ECX=0).EDX[SRBDS_CTRL =
99 9]==1. This MSR is introduced through the microcode update.
101 Setting IA32_MCU_OPT_CTRL[0] (RNGDS_MITG_DIS) to 1 for a logical processor
102 disables the mitigation for RDRAND and RDSEED executed outside of an Intel SGX
103 enclave on that logical processor. Opting out of the mitigation for a
104 particular logical processor does not affect the RDRAND and RDSEED mitigations
105 for other logical processors.
107 Note that inside of an Intel SGX enclave, the mitigation is applied regardless
108 of the value of RNGDS_MITG_DS.
110 Mitigation control on the kernel command line
111 ---------------------------------------------
112 The kernel command line allows control over the SRBDS mitigation at boot time
113 with the option "srbds=". The option for this is:
115 ============= =============================================================
116 off This option disables SRBDS mitigation for RDRAND and RDSEED on
118 ============= =============================================================
120 SRBDS System Information
121 ------------------------
122 The Linux kernel provides vulnerability status information through sysfs. For
123 SRBDS this can be accessed by the following sysfs file:
124 /sys/devices/system/cpu/vulnerabilities/srbds
126 The possible values contained in this file are:
128 ============================== =============================================
129 Not affected Processor not vulnerable
130 Vulnerable Processor vulnerable and mitigation disabled
131 Vulnerable: No microcode Processor vulnerable and microcode is missing
133 Mitigation: Microcode Processor is vulnerable and mitigation is in
135 Mitigation: TSX disabled Processor is only vulnerable when TSX is
136 enabled while this system was booted with TSX
138 Unknown: Dependent on
139 hypervisor status Running on virtual guest processor that is
140 affected but with no way to know if host
141 processor is mitigated or vulnerable.
142 ============================== =============================================
144 SRBDS Default mitigation
145 ------------------------
146 This new microcode serializes processor access during execution of RDRAND,
147 RDSEED ensures that the shared buffer is overwritten before it is released for
148 reuse. Use the "srbds=off" kernel command line to disable the mitigation for