June 26, 2017 // 10:05 a.m.
Users of Intel's Skylake and Kaby Lake processors with HyperThreading capabilities are being warned to disable the feature pending firmware updates designed to resolve an erratum in the chip which can hard-crash a system and result in data loss.
The issue with all sixth- and seventh-generation Intel processors based on the Skylake and Kaby Lake microarchitectures was brought to light this weekend by a post to the Debian Linux mailing list highlighting the problem: 'unfixed Skylake and Kaby Lake processors could, in some situations, dangerously misbehave when HyperThreading is enabled,' the Debian Project's Henrique de Moraes Holschuh warned users. 'Disable hyper-threading immediately in BIOS/UEFI to work around the problem.'
Although the problem, which affects all HyperThreading-capable chips from the Skylake and Kaby Lake families including desktop, mobile, and Xeon server variants, is known to Intel the company has not issued a formal announcement; instead, it has simply updated its erratum documentation for the relevant stock-keeping units (SKUs). 'Under complex micro-architectural conditions,' the company's documents state, 'short loops of less than 64 instructions that use AH, BH, CH or DH registers as well as their corresponding wider register (eg RAX, EAX or AX for AH) may cause unpredictable system behaviour. This can only happen when both logical processors on the same physical processor are active.'
It is not known how common these conditions are, but that they can occur in the wild is confirmed: The erratum was brought to the attention of the Debian team by OCaml toolchain developer Mark Shinwell following crashes in the OCaml compiler traced back to the bug. The flaw is not restricted to affecting Linux users, either: 'Please note that the defect can potentially affect any operating system: It is not restricted to Debian, and it is not restricted to Linux-based systems,' warned Holschuh. 'It can be either avoided (by disabling HyperThreading), or fixed (by updating the processor microcode).'
Kaby Lake systems suffering from the flaw require a microcode update in the form of a UEFI firmware upgrade, the basis for which Intel has already made available to its hardware partners but which is not yet publicly available for all affected products. Those on older Skylake parts have the choice of either installing a UEFI update, if available, or if running a Linux-based operating system can install the intel-microcode package version 3.20170511.1 or above to implant the same microcode-based fix at the kernel level. If neither option is available, the only way to guarantee the stability of your system is to disable HyperThreading in UEFI.
Intel Skylake and Kaby Lake processors without HyperThreading capabilities are not affected by the flaw.