Intel's Linux Graphics Driver Patched For New Security Issue But Can Impact Performance

Written by Michael Larabel in Intel on 26 January 2022 at 01:54 PM EST. 19 Comments
INTEL
Intel's "i915" kernel graphics driver has been patched for a software issue that could lead to malicious user-space trigger DMAR read/write faults or worse is the possibility of user-space gaining access to random memory pages. Unfortunately, the security fix comes with performance implications.

If not running with an IOMMU active, CVE-2022-0330 could lead to user-space gaining access to random memory pages. This could mean either data leaks and/or random memory corruption. The issue with the Intel graphics driver stems from a missing TLB flush when releasing memory that was backing a GPU buffer object to the system memory.

Intel engineer Tvrtko Ursulin wrote on the OSS security mailing list, "Flawed assumption was that flushing the TLB at the start of every userspace GPU execution is sufficient, given the programming model where userspace is expected to declare which graphics virtual memory address ranges it will be accessing at the start of every execution. However what was not considered is that userspace can legitimately (it is allowed in uapi) _not_ declare those accesses. This allows userspace to continue GPU access to memory, while the kernel driver (i915) is unaware of it being in use, and therefore is allowed to release the backing store back to the system. Should the system then give out those pages back for a different use, the exploit situation can arise. Return of the pages back to the system can either be specifically engineered by the malicious software, or can happen innocently via system memory pressure. All Intel integrated and discrete GPUs starting from Gen8 (Broadwell) are affected."

While a fix has already been merged into the mainline Linux kernel, unfortunately the extra TLB flushing can impact the Intel performance. Tvrtko added, "Fix has already been developed and consists of explicitly flushing the TLBs before releasing memory back to the system for any GPU buffer objects which were in use from the GPU. Note that this will have a varying performance impact depending on the specific GPU, GPU workload and overall system workload."


Another security patch with performance implications...


Needless to say, I'll be firing up some benchmarks with/without this security patch for showing any performance impact across different Intel hardware.

The security fix is in drm/i915: Flush TLBs before releasing backing store. The fix does note the route for simplicity was taken and depending upon benchmark results may be refined later.
19 Comments
Related News
Linux 6.10 Adding Intel Low-Latency Hint To Aggressively Boost GT Frequency For GPU Compute
Intel Releases OpenVINO 2024.1 With More Gen AI & LLM Features
Intel ANV Vulkan Driver Enables VK_KHR_shader_float_controls2
Intel Has Many Improvements For The Xe Graphics Driver In Linux 6.10
Intel Enabling Linux Driver Display Support For Upcoming "Battlemage" GPUs
Intel Media Driver 2024Q1 Brings Arrow Lake H Support
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Fedora Linux 40 Cleared For Release Next Week
Fedora Linux 40 Available For Download As A Wonderful Upgrade
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"
MPV 0.38 Media Player Released With New Options & Fixes