More Information on FWBleed

ID 778543
Updated 5/5/2023
Version 1.0
Public

author-image

By

Recently researchers at BINARLY Labs* released tools that identify platform firmware (BIOS) that are potential impacted by side channel vulnerabilities described in CVE-2017-5715. The tools developed by the researchers use binary analysis to identify the key SMI resume code paths and then verify the presence of the RSB stuffing mitigation. The researchers use the name FirmwareBleed to describe the missing RSB stuffing mitigation. Because the tool is run directly on the binary firmware image, it does not consider the processors supported by the platform. This may lead to the tool incorrectly identifying a platform as missing the RSB stuffing mitigation. 

The RSB stuffing mitigation in BIOS code is only relevant for Skylake-generation processors (and close derivatives; refer to the table below) with Different Empty RSB Behavior, to support OS code using the retpoline mitigation. See Retpoline: A Branch Target Injection Mitigation for more details about this mitigation.

 

Mitigation

Platform firmware (BIOS) code should be aware that System Management Interrupt (SMI) handlers can leave the RSB in a state that OS code does not expect, which can affect use of the retpoline mitigation on processors with Different Empty RSB Behavior. Systems that support such processors should implement RSB stuffing prior to resuming from SMM. RSB stuffing supports retpoline by reducing the chance of RSB underflow in the OS.

This mitigation is not necessary for mitigating Branch Target Injection on other processors (including processors which support enhanced IBRS, such as Ice Lake), so BIOS code for systems which do not support such processors do not need to implement this RSB stuffing mitigation. However, RSB stuffing can be applied on other processors, even when not needed.

Enumeration

Processors that have this different RSB behavior with the latest microcode will either enumerate IA32_ARCH_CAPABILITIES[RSBA] or have a DisplayFamily/DisplayModel signature (provided by the CPUID instruction) listed in the following table. These two methods should can be used to determine if RSB stuffing is required prior to resuming from SMM.

Table 1: Processors with Different Empty RSB Behavior
Processor Stepping CPUID Code Names / Microarchitectures
06_4EH 3 406E3

Skylake Y
Skylake U
Skylake U23e
06_5EH 3 506E3

Skylake Xeon E3
Skylake H
Skylake S
06_55H 3,4 50653
50654

Skylake Server
Skylake D, Bakerville
Skylake W
Skylake X
06_66H 3 60663 Cannon Lake L
06_8EH 9,A,B 806E9
806EA
806EB

Amber Lake Y
Kaby Lake U
Kaby Lake Y
Kaby Lake U23e
Coffee Lake U43e
Kaby Lake Refresh U
Whiskey Lake U
06_9EH 9,A,B,C 906E9
906EA
906EB
906EC

Kaby Lake S
Kaby Lake H
Kaby Lake G
Kaby Lake X
Kaby Lake Xeon E3
Coffee Lake H
Coffee Lake S Xeon E
Coffee Lake S
Coffee Lake S w/KBP
Coffee Lake Xeon E

 

Product and Performance Information

1

Performance varies by use, configuration and other factors. Learn more at www.Intel.com/PerformanceIndex.