Massive security hole in CPU's incoming?Official Meltdown/Spectre Discussion Thread

[Hitman928]

Intel is side stepping from this issue towards a more general side channel attack that some AMD and ARM cpu's are also susceptible to.
At least, that is the impression i get.

So Intel's response was to focus on one type of attack but not the more serious one affecting them so they're technically not lying?

 

[Rifter]

So Intel's response was to focus on one type of attack but not the more serious one affecting them so they're technically not lying?

What did you expect, intel has already proven to be very dishonest in the past. They will do whatever they can to minimize this loss.

 

[ZippZ]

"Near zero" and "at this time" is not exactly what i was hoping to hear.

Nothing in life is ever "zero" chance and there is always a possibility some vulnerability can be found 10 years from now.

 

[Adul]

So reading the google project 0 on this, looks like older AMD CPU are affected by Spectre, but not meltdown. I have not seen anything regarding test against AMD Zen architecture, so if we go by AMD word, they are not affected.

https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

 

[Markfw]

So reading the google project 0 on this, looks like older AMD CPU are affected by Spectre, but not meltdown. I have not seen anything regarding test against AMD Zen architecture, so if we go by AMD word, they are not affected.

https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

I really like that article, but wish they could expand on the CPU list ! Especially the later model AMD and Intel processors. The E5-1650v3 (I think that was it) is pretty old, and all the AMD's might still be sold, but none of the Zen ones or newer gen Intels were tested.

 

[Hitman928]

So reading the google project 0 on this, looks like older AMD CPU are affected by Spectre, but not meltdown. I have not seen anything regarding test against AMD Zen architecture, so if we go by AMD word, they are not affected.

https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html

From Spectre's whitepaper:

We have also verified the attack’s applicability
to AMD Ryzen CPUs. Finally, we have also success-
fully mounted Spectre attacks on several Samsung and
Qualcomm processors (which use an ARM architecture)
found in popular mobile phones.

But once again, from what I have seen, this can be fixed in software without a performance penalty.

 

[Jan Olšan]

Google Zero claims basically everyone is affected

https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html

There are two issues - Meltdown and Spectre. If I understand it correctly, then:

1. Meltdown is the issue that kPTI (and the correspodning techinques in Windows and Apple OS) patches. Meltdown seems to be isolated to Intel due to hardware design issue. So only Intel needs the performance-lowering fix.
2. Spectre is more complex, harder to exploit, and supposedly universal to AMD, Intel, ARM (etc). kPTI does not fix it*, so it (and its performance hit) is not required on ARM and AMD to fix this issue.
* This vulnerability allows process to read other processes' memory, the kernel/user adress space split does not prevent it.

So if we are talking the performance issue, that one is Intel's mess only. Also only Intel bug allows reading of kernel memory, which is more grave as a vulnerability.

 

[Dayman1225]

Found this in the Meltdown PDF

"However, for both ARM and AMD, the toy example as described in Section 3 works reliably, indicating that out-of-order execution generally occurs and instructions past illegal memory accesses are also performed

page 13, bottom right, 6.4

 

[Dayman1225]

Looks like Microsoft has pushed the windows kernel update

https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892

 

[formulav8]

Law Offices of Howard G. Smith Commences Investigation on Behalf of Intel Corporation Investors

 

[Markfw]

Found this in the Meltdown PDF

page 13, bottom right, 6.4

Please read the entire paragraph. I read it that AMD and ARM are NOT susceptible to meltdown:

6.4 Limitations on ARM and AMD
We also tried to reproduce the Meltdown bug on several
ARM and AMD CPUs. However, we did not manage
to successfully leak kernel memory with the attack de-
scribed in Section 5, neither on ARM nor on AMD. The
reasons for this can be manifold. First of all, our im-
plementation might simply be too slow and a more opti-
mized version might succeed. For instance, a more shal-
low out-of-order execution pipeline could tip the race
condition towards against the data leakage. Similarly,
if the processor lacks certain features, e.g., no re-order
buffer, our current implementation might not be able to
leak data. However, for both ARM and AMD, the toy
example as described in Section 3 works reliably, indi-
cating that out-of-order execution generally occurs and
instructions past illegal memory accesses are also per-
formed.

 

[Dayman1225]

Please read the entire paragraph. I read it that AMD and ARM are NOT susceptible to meltdown:

6.4 Limitations on ARM and AMD
We also tried to reproduce the Meltdown bug on several
ARM and AMD CPUs. However, we did not manage
to successfully leak kernel memory with the attack de-
scribed in Section 5, neither on ARM nor on AMD. The
reasons for this can be manifold. First of all, our im-
plementation might simply be too slow and a more opti-
mized version might succeed. For instance, a more shal-
low out-of-order execution pipeline could tip the race
condition towards against the data leakage. Similarly,
if the processor lacks certain features, e.g., no re-order
buffer, our current implementation might not be able to
leak data. However, for both ARM and AMD, the toy
example as described in Section 3 works reliably, indi-
cating that out-of-order execution generally occurs and
instructions past illegal memory accesses are also per-
formed.

Im not well versed in all this, but to me it seems that the are saying "we haven't found a way to do it but it may be possible"

 

[formulav8]

Meltdown seems to be the bad issue and causes the need for a Kernel update for Intel CPU's Not AMD.

 

[Markfw]

Meltdown seems to be the bad issue and causes the need for a Kernel update for Intel CPU's Not AMD.

Also I read that the Spectre bug (that AMD may have, but Intel does also) does not cause a performance penalty in the fix.

 

[Hitman928]

Im not well versed in all this, but to me it seems that the are saying "we haven't found a way to do it but it may be possible"

Pretty much, please see my post here for a bullet point summary from what I've read in the papers.

 

[William Gaatjes]

Found this in the Meltdown PDF

page 13, bottom right, 6.4

Very interesting.
It almost reads as if the most secure processor not vulnerable to these kind of exploits is an in order processor which performs all instructions sequentially and does not do speculative execution at conditional branches like for example itanium did (predication).. Multi core can be done but no smt or OOE.

 

[Hitman928]

Also I read that the Spectre bug (that AMD may have, but Intel does also) does not cause a performance penalty in the fix.

It seems like it is actually extremely easy for AMD machines not to be effected by the Spectre bug as it was only shown to work in a non-default OS configuration (a Debian based system was tested).

I believe I was also mistaken slightly in that 2 of the 3 exploits are Spectre based, but only 1 of the exploits was successful on AMD CPUs. The other Spectre exploit and the Meltdown exploit (which carries the big performance hit to fix) were possible on intel CPUs only.

 

[stockolicious]

Probably not. As long as it wasn't a known issue until recently.

"Probably not. As long as it wasn't a known issue until recently."

it does look pretty bad then as their CEO sold all the shares he could just last month - and there have been rumors of increased EPYC demand for months all the way back to a SemiAccurate article probably 5 months ago. Intel is either "in trouble" or "in big trouble"

 

[Shivansps]

So the most secure processor is a Atom 330? (No "Security processor", no Out-of-order or Speculative) Crazy times.

 

[Dayman1225]

An Update on AMD Processor Security

 

[William Gaatjes]

So the most secure processor from INtel is a Atom 330? Crazy times.

Correction :

 

[majord]

Going to put the conspiracy hat on for a moment - but, behind the scenes could this have any relation to CNL's DOA'ness' and/or ICelake Delay? Thinking along the lines of discovering this after Tapeout (Hence the vunerabilty being carried onto these evolutionary uARCH's) and having B3 Phenom style repair job on there hands - After all it Seems this has been known about for a while (again, 'behind the scenes')

 

[Dayman1225]

Going to put the conspiracy hat on for a moment - but, behind the scenes could this have any relation to CNL's DOA'ness' and/or ICelake Delay? Thinking along the lines of discovering this after Tapeout (Hence the vunerabilty being carried onto these evolutionary uARCH's) and having B3 Phenom style repair job on there hands - After all it Seems this has been known about for a while (again, 'behind the scenes')

Google reportedly told AMD/Intel/ARM/etc in June 2017, so I doubt that is the issue with that, Intel stated in the investor call that Intel products released in 2018 calendar will not have these issues

 

[William Gaatjes]

Looks like Microsoft has pushed the windows kernel update

https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892

yikes :

Update installation may stop at 99% and may show elevated CPU or disk utilization if a device was reset using the Reset this PC functionality after installing KB4054022.

I will wait for the update to come through the normal channel.

 

[psolord]

https://spectreattack.com/

Intel users, click it if you dare and you will be attacked!

j/k