Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Devastating Speculative Execution Intel CPU Bug
#1
This is Intel's Barcelona: https://www.theregister.co.uk/2018/01/02...sign_flaw/
Quote:A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit. Your mileage may vary.

Similar operating systems, such as Apple's 64-bit macOS, will also need to be updated – the flaw is in the Intel x86-64 hardware, and it appears a microcode update can't address it. It has to be fixed in software at the OS level, or go buy a new processor without the design blunder.

https://www.techpowerup.com/240187/amd-s...el-patches
Quote:Close inspection of kernel patches reveal code that forces machines running all x86 processors, Intel or AMD, to be patched, regardless of the fact that AMD processors are immune. Older commits to the Linux kernel git, which should feature the line "if (c->x86_vendor != X86_VENDOR_AMD)" (condition that the processor should be flagged "X86_BUG_CPU_INSECURE" only if it's not an AMD processor), have been replaced with the line "/* Assume for now that ALL x86 CPUs are insecure */" with no further accepted commits in the past 10 days. This shows that AMD's requests are being turned down by Kernel developers. Their intentions are questionable in the wake of proof that AMD processors are immune, given that patched software inflicts performance penalties on both Intel and AMD processors creating a crony "level playing field," even if the latter doesn't warrant a patch. Ideally, AMD should push to be excluded from this patch, and offer to demonstrate the invulnerability of its processors to Intel's mess.

https://www.phoronix.com/scan.php?page=n...ming-Tests
Quote:Linux gaming performance in initial testing doesn't appear to be affected. Then again, we personally didn't expect it to be much considering it's more isolated than some of the other syscall / context switching heavy workloads benchmarked. But for those concerned whether running the patched Linux kernel could lead to a drop in frame-rates, it doesn't appear to be when firing up some of the common Linux games on Steam.
Valve hater, Nintendo hater, Microsoft defender, AMD hater, Google Fiber hater, 4K lover.
Reply
#2
http://www.tomshardware.com/news/intel-b...36208.html
Quote:The vulnerability appears to be most dangerous to data center workloads and virtualization. However, it is irrational to assume that the overwhelming majority of data centers will see a 30% reduction in performance. Losing even 15% of the computational horsepower from a data center would be a major blow, and that compute would have to be replaced almost immediately. The patch has been in development for several months, so if Intel and the major data center operators were expecting massive performance reductions, there would have been an incredible spike in data center equipment purchases.

Also, we would have likely already seen signs of a pending financial disaster for Intel if there was a serious threat to a wide swath of the data center. Intel's customers would likely be able to pursue litigation for widespread losses that are directly the fault of Intel. It's also reasonable to assume that the company would be required to replace faulty processors. For instance, Intel disclosed during its Q4 2016 earnings call that it had encountered a higher-than-expected failure rate for some of its processors, so it established a financial reserve to deal with the costs of replacements. We reported on Intel's statements, and later the fund was connected to failures in Intel's Atom C2000 processors. In no recent financial commentary has Intel disclosed the establishment of any new funds, so it appears the company doesn't foresee significant hardware replacements any time soon.

Intel CEO Brian Krzanich also recently sold $11 million in stock, which some have proclaimed is a sign that he's unloading his shares before a pending disaster. However, Krzanich sold the stock under a 10b-51 plan, which is a pre-planned sale of stocks intended to prevent insider trading. The nature of Krzanich's transactions makes it unlikely that the trades are a precursor of a major monetary loss for the company.

Currently, there are no major shifts in Intel's stock that would indicate a mass sell-off by investors. There are conflicting reports about the impact to AMD processors, and AMD's shares are currently up 5%. However, such an increase is a fairly common occurrence for the sometimes-volatile AMD stock, so the bump may be incidental; in any case, it's not out of the ordinary.

For now, we await more detail on the nature of the bug and its impact. We expect an update to emerge in a future Patch Tuesday update, but Microsoft has not listed an official release date.

The bug is locked behind a wall of NDAs at this point, which is frustrating. However, the silence is necessary to prevent a wave of exploits. We expect, and have seen already, the normal level of hyperventilation that comes with such news, but it's best to wait for more information. We have followed up with Intel for more information and will update as necessary.
Valve hater, Nintendo hater, Microsoft defender, AMD hater, Google Fiber hater, 4K lover.
Reply
#3
Intel responds: http://www.tomshardware.com/news/intel-c...36213.html
Valve hater, Nintendo hater, Microsoft defender, AMD hater, Google Fiber hater, 4K lover.
Reply
#4
It's not just Intel CPUs, Nvidia has announced that its GPUs are affected, expect a new driver to fix the vulnerabilities next week: http://nvidia.custhelp.com/app/answers/detail/a_id/4611
Valve hater, Nintendo hater, Microsoft defender, AMD hater, Google Fiber hater, 4K lover.
Reply
#5
https://www.techpowerup.com/240414/nvidi...n-21-games
Quote:Cryptominers can rest assured that the new GeForce 390.65 driver won't affect their profits negatively. Our testing shows zero impact in Ethereum mining. With regard to gaming, there is no significant difference in performance either. The new driver actually gains a little bit of performance on average over the previous version (+0.32%). The results hint at some undocumented small performance gains in Wolfenstein 2 and F1 2017; the other games are nearly unchanged. Even if we exclude those two titles, the performance difference is still +0.1%. The variations that you see in the chart above are due to random effects and due to limited precision on taking measurements in Windows. Generally, for the kind of testing done in our VGA reviews we typically expect 1-2% random variation between benchmark runs, even when using the same game, at identical settings, using the same hardware.
Valve hater, Nintendo hater, Microsoft defender, AMD hater, Google Fiber hater, 4K lover.
Reply
#6
http://www.tomshardware.com/news/microso...36293.html
Quote:Microsoft has begun updating its Windows operating systems against the Meltdown and Spectre vulnerabilities, but not all users will be too happy about it. According to the company, machines running Windows 7 and 8, as well as computers based on Haswell chips or older, will see “significant slowdowns” from the update. Intel’s own findings largely confirm Microsoft’s results.
Valve hater, Nintendo hater, Microsoft defender, AMD hater, Google Fiber hater, 4K lover.
Reply
#7
http://www.tomshardware.com/news/intel-r...36317.html
Quote:Intel has released numbers from its own benchmarks on the impact of Meltdown/Spectre patches on Windows, and the results show an up to 21% decrease in benchmark performance for 6th-gen Intel CPUs (Sky Lake).

The Meltdown/Spectre vulnerabilities have been much more than just a blemish on Intel’s reputation. Right from the get-go, it was known that the fixes for it had the potential for a significant performance impact. The immediate follow up from major involved parties seemed to be mild, however. Many independent tests, including our own, also didn’t find any major concerns. Intel’s official stance continued to be that home users would face little impact, while the effect on enterprise would be “highly workload-dependent.”

Many were skeptical, naturally, and believed that Intel and its affected enterprise customers were downplaying the issue. As the issue entered its second week and patches had been rolled out to more customers, however, a different picture was appearing. Epic Games said the patches were responsible for a huge performance hit on its cloud service provider, which caused instability in servers for Fortnite. Microsoft, which was among those downplaying the issue before, said that they had recorded significant performance impacts on Windows 7.
Valve hater, Nintendo hater, Microsoft defender, AMD hater, Google Fiber hater, 4K lover.
Reply
#8
https://www.extremetech.com/computing/26...nerability
Quote:When MS and AMD referred to these bugs as affecting old chips, they weren’t kidding. Assuming AMD properly gave its own full brand names in each case, as they did with the Turion X2 Ultra, AMD’s Athlon is over a decade old, as is the original Opteron brand. These references could conceivably refer to newer cores, but even the Turion X2 Ultra turns 10 this year. Owners of Ryzen or even Piledriver-derived hardware don’t seem to have much to worry about.

As for Variant 2 (Branch Target Injection, the variant MS believes has the greatest chance of harming performance), AMD continues to believe the company’s architecture makes it difficult to exploit. AMD is distributing microcode updates and MS has OS patches to coming to make this issue harder to leverage for system attacks. Once again, no performance impact information has been published.

AMD’s overall position in this statement is consistent with its previous guidance on January 3rd. The company stated then that vulnerability to Variant 2 had not yet been demonstrated on an AMD system. The company’s new language, which states that Variant 2 is “difficult” to exploit, represents a departure from its previous message. But with no context for how easy or difficult the exploit might be, we can’t gauge the size of the shift or the new relative risk.
Valve hater, Nintendo hater, Microsoft defender, AMD hater, Google Fiber hater, 4K lover.
Reply
#9
https://www.neowin.net/news/google039s-m...ud-systems
Quote:Google has announced that its cloud systems have been patched against Meltdown and one variant of Spectre since September, and for a second variant of Spectre since December, and that its cloud systems have not been slowed down. The outcome of Google’s patches are in stark contrast to Amazon’s experience patching AWS, with Amazon acknowledging a slowdown of its offerings.
Valve hater, Nintendo hater, Microsoft defender, AMD hater, Google Fiber hater, 4K lover.
Reply
#10
Added the name of the bug to the thread Title

Speculative Execution
Reply
#11
I don't think the performance hit is as big of a deal as many people are trying to make it out to be.

CPU's have been literaly twindling their thumbs with excess power for close to 10 years now.

Edit - OK, just read the Extremetech article that says exactly what I thought too.
Reply
#12
I am waiting until we have more information. Otherwise I would be speculating. Angel
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)