Massive security hole in CPU's incoming?Official Meltdown/Spectre Discussion Thread

[Rifter]

There is no easy yes/no answer , patches are still being worked on , but the overall indication so far , gaming performance will not take a hit that is noticeable to the user.

gaming appears to be only a few percent slower.

What worries me is some of the stuff that has been posted about the nvme ssd performance tanking around 8%, this would, in theory, have an impact on any program accessing the SSD to a 8% effect on performance would it not? This sounds like something that would indeed effect all users no matter how intel is trying to spin it.

Hopefully in a few weeks this is worked out and someone does a very thorough and comprehensive testing on it.

 

[Phynaz]

I think most people get what you mean, it's just that the larger context here is that the fix fixes something specific (the exploit) that isn't a problem on AMD's recent CPUs. So it's not that the same or similar "hole" in the design couldn't be exploited in a different way in the future, it's that if that happens the current fix might not prevent that and if that's the case AMD CPUs have been punished simply because Intel CPUs had to be addressed.

I think that's the context.

The larger context isn't that this attack or that attack can affect a particular CPU. That's missing the forest for the trees. The larger context that all the fanboys (on both sides) are missing is that this opens a new attack vector that fundamentally affects how every CPU and GPU is designed. In order to mitigate these issues is going to require processor core and OS redesigns across the board.

This isn't an Intel vs. AMD thing as some are trying to make it out to be. This affects the fundamental aspects of speculative execution.

 

[dark zero]

Seeing the situation... This is becoming to be another Pentium 4 for Intel?

 

[Phynaz]

Redhat has stated the measured performance impact of the Linux patches varies from less than 2% up to 10% based upon workload.

 

[William Gaatjes]

gaming appears to be only a few percent slower.

What worries me is some of the stuff that has been posted about the nvme ssd performance tanking around 8%, this would, in theory, have an impact on any program accessing the SSD to a 8% effect on performance would it not? This sounds like something that would indeed effect all users no matter how intel is trying to spin it.

Hopefully in a few weeks this is worked out and someone does a very thorough and comprehensive testing on it.

I wonder how it would affect the strong point of xpoint drives, namely the IOPS.
This would also affect the strong point of 3d xpoint ssd that is promoted in commercials.
I hope for Intel that their next generation of cpu's does not have this flaw and the patch is not needed for these next generation of cpu's.

 

[crazylocha]

Rifter,
Agree from preliminary results that heavy SSD/nvme/m.2 access seems to be taking a hit.

Makes me wonder if the majority of YouTube tech reviewers that opted for the 7980X are going to put their two cents in, as most of that particular choice was made for their content creation machines. Adobe Premiere being the main program used for editing videos etc, if hit hard enough, how many will rethink the choice of 7980 vs threadripper and publish videos accordingly.

With the internet media that is primary source for reviews for the younger generations, how much is that going to sway purchasing in the next 10ish years for them the same way Intel branding is now for us in the over 30 crowd.

The bars around CES ought to be really interesting this year

 

[jpiniero]

This isn't an Intel vs. AMD thing as some are trying to make it out to be. This affects the fundamental aspects of speculative execution.

Right, but (for now anyway) PTI isn't needed on AMD due to preventing the data leak.

 

[StinkyPinky]

From what I have seen so far, it seems 4K read times are impacted quite a lot (~10%) just with the latest windows patch. That's not even to say any bios/firmware updates may be needed.

On the flip side, many other aspects of IO performance seems to have no impact.

 

[Malogeek]

Redhat has stated the measured performance impact of the Linux patches varies from less than 2% up to 10% based upon workload.

I'm sure large datacenter clients won't really be happy about their bills being 10% higher lol. For big companies that can mean 6 figure increases monthly.

 

[Phynaz]

Right, but (for now anyway) PTI isn't needed on AMD due to preventing the data leak.

Zoooommmm



Stop your trolling.


esquared
Anandtech Forum Director

 

[Rifter]

I'm sure large datacenter clients won't really be happy about their bills being 10% higher lol. For big companies that can mean 6 figure increases monthly.

Not to mention the hardware upgrade costs, these datacenters spent millions to upgrade their CPU's just to have this patch likely nerf their performance down below the levels of the systems they upgraded from, depending on workloads.

This is certainly alot worse than intel is letting on, at least for datacenters.

 

[crazylocha]

In the category of "sure could have been better timing" department:

http://m.dell.com/h5/m/us/InventorySearch?c=us&cs=28&l=en&s=dfb&brandid=2804&sign=PXhcOSHtr1T4IOw/PR7UdW+yDO2RsRlVS0snTV+FGbIgbd9ay0wp3NJh5Z9Tgc1c8E+YDTSvlkseAF57WRlj93amQsbEHMgeiJQpNxZjAmkFEmOQ3bCG1m1cS+jdu1NouHIP8INzu/R8+U4nHpg6p/1UhUqOp3sHr7odl9yoX5hPDrNP9f9KZ7HHkm2e9Gwh0Eqi+tydbzTTMhUJ+u73e3UrcS+3m6iIAGW0vLn4A8oZXRfD1nWiRh1V4K5BIx+89+obQIemOjLtRf78D7pb9CTl1/xdVosGhok+K8Lmnv6jK+ZP02Rb/w==

Yes you can get a nicely discounted slightly used Poweredge Xeon server. Only driven to Netflix on Sundays

 

[William Gaatjes]

Well, thanks to elixer who had a nice post:
https://forums.anandtech.com/thread...-processor-design-flaw.2532621/#post-39244658

https://support.microsoft.com/en-gb...-to-protect-against-the-speculative-execution
https://support.microsoft.com/en-gb...or-it-pros-to-protect-against-speculative-exe

It seems the lates windows 10 update (KB4056892) does not enable support when the processor is not vulnerable to it( That is, if i interpret it correctly):

https://googleprojectzero.blogspot.nl/2018/01/reading-privileged-memory-with-side.html

• Variant 1: bounds check bypass (CVE-2017-5753)
• Variant 2: branch target injection (CVE-2017-5715)
• Variant 3: rogue data cache load (CVE-2017-5754)

• Spectre (variants 1 and 2)
• Meltdown (variant 3)

https://www.amd.com/en/corporate/speculative-execution

Variant One : Bounds Check Bypass : Resolved by software / OS updates to be made available by system vendors and manufacturers. Negligible performance impact expected.
Variant Two : Branch Target Injection : Differences in AMD architecture mean there is a near zero risk of exploitation of this variant. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date.
Variant Three : Rogue Data Cache Load : Zero AMD vulnerability due to AMD architecture differences.

This is the output from powershell when testing :
Since i have an AMD cpu, the security fix seems to not be enabled since it is unnecessary.

Speculation control settings for CVE-2017-5715 [branch target injection]
Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]
Hardware requires kernel VA shadowing: False

.


edit:
Forgot to note that when you do the powershell thing, do not forget to do a
Set-executionpolicy Restricted afterwards.
Or Set-executionpolicy default will do.
I think that is better for safety.
Check with Get-executionpolicy that it is set to restriced which is default.

https://docs.microsoft.com/en-us/po...urity/set-executionpolicy?view=powershell-5.1

 

[SPBHM]

C2D on 32bit win10
Speculation control settings for CVE-2017-5715 [branch target injection]

Hardware support for branch target injection mitigation is present: False
Windows OS support for branch target injection mitigation is present: True
Windows OS support for branch target injection mitigation is enabled: False
Windows OS support for branch target injection mitigation is disabled by system policy: False
Windows OS support for branch target injection mitigation is disabled by absence of hardware support: True

Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: False
Windows OS support for kernel VA shadow is enabled: False

 

[Despoiler]

Here is the link to the status list of anti-virus that have been updated to support the windows patch.

https://docs.google.com/spreadsheet...tckQxYiuirADzf3cL42FQ/htmlview?sle=true#gid=0

 

[Markfw]

I haven't read Intel's statements, as I never believe any company's PR. I read the researchers papers that state AMD processors speculatively execute instructions after an exception just like Intel's. As do ARM's processors and IBM's. As the authors said, just because they didn't exploit this on an AMD CPU doesn't mean it's not exploitable. The researchers also said they couldn't get their code to cause the condition on ARM, but ARM has stated that some of their architectures are vulnerable.



I might believe AMD if they disclose what the "near zero" statement means. I'm speculating it has something to do with their earlier statements about page faults. They claim this doesn't occur in AMD CPUs when a page fault occurs. What about if a page fault doesn't occur?

I believe everybody here who says AMD is safe, are talking about the meltdown variant, the bad one that everyone is most worried about, and the one that has a fix with a big performance penalty. Please specify which variant you are commenting about, otherwise it could be construed as trolling.

 

[sze5003]

Hmm I wonder what third party apps I'll have issues with now after the update. Waiting until work is done so I can reboot. One guy had to uninstall some Asus suite tools which I would probably not have on there anyway.

 

[Malogeek]

This is the output from powershell when testing :
Since i have an AMD cpu, the security fix seems to not be enabled since it is unnecessary.

I've confirmed this on my systems as well for Meltdown.

Ryzen 1700:
Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: False

Both Intel's installed:
Speculation control settings for CVE-2017-5754 [rogue data cache load]

Hardware requires kernel VA shadowing: True
Windows OS support for kernel VA shadow is present: True
Windows OS support for kernel VA shadow is enabled: True
Windows OS support for PCID optimization is enabled: False

 

[Phynaz]

It seems the lates windows 10 update (KB4056892) does not enable support when the processor is not vulnerable to it( That is, if i interpret it correctly):

I didn't get that from the linked KB article. The article was specifically about manually enabling the mitigation on Windows Server 2016.

Edit: Malogeek beat me, looks like it.

 

[William Gaatjes]

I didn't get that from the linked KB article. The article was specifically about manually enabling the mitigation on Windows Server 2016.

Edit: Malogeek beat me, looks like it.

I added the extra link for the windows 10 client below the server text.

 

[Phynaz]

Here is the link to the status list of anti-virus that have been updated to support the windows patch.

https://docs.google.com/spreadsheet...tckQxYiuirADzf3cL42FQ/htmlview?sle=true#gid=0

Great, we use both Carbon Black and Trend, which are still in testing. Although I'm betting we aren't going to be in a huge hurry to rush these patches out.

 

[Phynaz]

I added the extra link for the windows 10 client below the server text.

Nice, thanks!

 

[RichUK]

So what are the headline performance impacts?

 

[traderjay]

Intel's PR must be working overtime that they can't even spell a country's name correctly:

[/IMG]

 

[Karnak]

More details from google. Basically

Variant 1: Applications need to be patched
Variant 2: Microcode update from the CPU Vendor or software mitigation (like Googles "Retpoline")
Variant 3: Patching the OS

https://security.googleblog.com/2018/01/more-details-about-mitigations-for-cpu_4.html