• Guest, The rules for the P & N subforum have been updated to prohibit "ad hominem" or personal attacks against other posters. See the full details in the post "Politics and News Rules & Guidelines."

[ZDNet] Intel CPUs impacted by new PortSmash side-channel vulnerability

Hitman928

Diamond Member
Apr 15, 2012
3,622
4,031
136
https://www.zdnet.com/article/intel-cpus-impacted-by-new-portsmash-side-channel-vulnerability/

Vulnerability confirmed on Skylake and Kaby Lake CPU series. Researchers suspect AMD processors are also impacted.
Confirmed on Skylake and Kabylake. Intel just released a patch. In the article it mentions that possibly all CPUs with SMT could be vulnerable but it's only been confirmed on intel processors so far.

Does not require root access but must be able to run malicious code on same physical core. Seems to be mostly a problem for VM environments with multiple clients.
 
Last edited:

moinmoin

Platinum Member
Jun 1, 2017
2,688
3,503
136
Why do they just suspect that other manufacturers are affected but don't test them? It's stupid that Intel gets the time to patch vulnerabilities (good) while no other potentially affected parties are notified (very bad).
 

Abwx

Diamond Member
Apr 2, 2011
9,233
1,112
126
Why do they just suspect that other manufacturers are affected but don't test them? It's stupid that Intel gets the time to patch vulnerabilities (good) while no other potentially affected parties are notified (very bad).
In a one month timeframe it s likely that they did some tests since they know the methodology, i suspect that they got zero indication that AMD CPUs were impacted, if they were you could be sure that they would had aknowledged the thing...
 
  • Like
Reactions: Rifter

LTC8K6

Lifer
Mar 10, 2004
28,520
1,573
126
Researchers say PortSmash impacts all CPUs that use a Simultaneous Multithreading (SMT) architecture, a technology that allows multiple computing threads to be executed simultaneously on a CPU core.
No AMD testing yet:

AMD CPUs likely impacted
"We leave as future work exploring the capabilities of PortSmash on other architectures featuring SMT, especially on AMD Ryzen systems," the research team said in a version of their paper shared with ZDNet, but Brumley told us via email that he strongly suspects that AMD CPUs are also impacted.
 

moinmoin

Platinum Member
Jun 1, 2017
2,688
3,503
136
In a one month timeframe it s likely that they did some tests since they know the methodology, i suspect that they got zero indication that AMD CPUs were impacted, if they were you could be sure that they would had aknowledged the thing...
Two things: 1) It's not only AMD potentially affected, any tech with SMT including the latest ARMs and Power PC is, and 2) for "they got zero indication" the article sure is alarmist about AMD potentially being affected, with quotes like:
right in the subheader too said:
Researchers suspect AMD processors are also impacted
AMD CPUs likely impacted
"We leave as future work exploring the capabilities of PortSmash on other architectures featuring SMT, especially on AMD Ryzen systems," the research team said in a version of their paper shared with ZDNet, but Brumley told us via email that he strongly suspects that AMD CPUs are also impacted.
The researcher interviewed doesn't even seem to consider the possibility that a secure implementation of SMT exists.
my bolding said:
"This is the main reason we released the exploit -- to show how reproducible it is," Brumley told us, "and help to kill off the SMT trend in chips."

"Security and SMT are mutually exclusive concepts," he added. "I hope our work encourages users to disable SMT in the BIOS or choose to spend their money on architectures not featuring SMT."
All on the back of Intel's terribad security track record with HT since its introduction in Core Duo. The researchers still didn't check any non-Intel SMT implementations first before being quoted like the above.
 

VirtualLarry

No Lifer
Aug 25, 2001
51,728
6,771
126
Could Intel possibly have known about this issue / exploit, and that's why some of their top 9th-Gen Core CPUs lack SMT?

"SMT considered harmful. News at 11."
 

Abwx

Diamond Member
Apr 2, 2011
9,233
1,112
126
The researcher interviewed doesn't even seem to consider the possibility that a secure implementation of SMT exists.

All on the back of Intel's terribad security track record with HT since its introduction in Core Duo. The researchers still didn't check any non-Intel SMT implementations first before being quoted like the above.


You can be sure that he checked, indeed that s the first thing i would have done at his place, but since he found nothing he said that he didnt test an AMD/ARM system as a mean to say that they were "likely" impacted, that s pure damage control on the behalf of Intel..
 

LTC8K6

Lifer
Mar 10, 2004
28,520
1,573
126
You can be sure that he checked, indeed that s the first thing i would have done at his place, but since he found nothing he said that he didnt test an AMD/ARM system as a mean to say that they were "likely" impacted, that s pure damage control on the behalf of Intel..
Really? What a poor post.
 

LTC8K6

Lifer
Mar 10, 2004
28,520
1,573
126
Could Intel possibly have known about this issue / exploit, and that's why some of their top 9th-Gen Core CPUs lack SMT?

"SMT considered harmful. News at 11."
Why would they want their flagship vulnerable?
BTW, the 9900K still seems MIA and shows no sign of appearing before December...
 
May 11, 2008
18,309
831
126
Makes me think of this article and wonder if this portsmash flaw is the reason:
https://azure.microsoft.com/en-us/blog/introducing-the-new-hb-and-hc-azure-vm-sizes-for-hpc/
First, we are introducing HB-series VMs optimized for applications driven by memory bandwidth, such as fluid dynamics, explicit finite element analysis, and weather modeling. HB VMs feature 60 AMD EPYC 7551 processor cores, 4 GB of RAM per CPU core, and no hyperthreading. The AMD EPYC platform provides more than 260 GB/sec of memory bandwidth, which is 33 percent faster than x86 alternatives and 2.5x faster than what most HPC customers have in their datacenters today.

Next, we are introducing HC-series VMs optimized for applications driven by dense computation, such as implicit finite element analysis, reservoir simulation, and computational chemistry. HC VMs feature 44 Intel Xeon Platinum 8168 processor cores, 8 GB of RAM per CPU core, and no hyperthreading. The Intel Xeon Platinum platform supports Intel’s rich ecosystem of software tools such as the Intel Math Kernel Library, and features an all-cores clock speed greater than 3 GHz for most workloads.
 
  • Like
Reactions: beginner99

Rifter

Lifer
Oct 9, 1999
11,520
747
126
In a one month timeframe it s likely that they did some tests since they know the methodology, i suspect that they got zero indication that AMD CPUs were impacted, if they were you could be sure that they would had aknowledged the thing...
I agree, there is about a 0% chance they didnt test this on all easily available CPU's in a one month timespan.
 
May 11, 2008
18,309
831
126
It makes me wonder that these kind of attacks can be prevented in a very simple way that will cause some performance loss.
The scheduler of the os switches all the threads. If the threads get a security flag from the os because the thread belongs to a process that has certain priviliges.
Then the scheduler can group threads together that are only allowed to run on the same physical core which has two logical cores.
It is a solution but will slow things down.
It is better to just throw raw resources at it with lots of physical cores and drop the logical cores created by HT and SMT entirely.
The moar cores race AMD started in the x86 world might in the end be just what we need for more security.
In the future we might get 16 physical cores without hyperthreading as standard. More dark silicon because of this.
 

LTC8K6

Lifer
Mar 10, 2004
28,520
1,573
126
AMD was only informed recently, meaning it's likely that no one has tested it on AMD chips, or AMD would have known already.

There’s no need to panic yet, however. OpenSSL, the cryptography library used by over 60% of the internet, has already released a patch that prevents access via this direct method. A more generalized patch may be coming soon they say, but the security researchers say something needs to be done on the hardware and BIOS front. They notified Intel of the vulnerability on October 1st.
"At AMD, security is a top priority and we are continually working to ensure the safety of our users as new risks arise. We are investigating the PortSmash side-channel vulnerability report, which we just received, to understand any potential AMD product susceptibility."
“This issue is not reliant on speculative execution, and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers’ data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners and researchers to understand and mitigate any vulnerabilities that are identified.”
https://www.techspot.com/news/77240-meet-latest-vulnerability-multi-threaded-cpu-portsmash.html
 

Panino Manino

Senior member
Jan 28, 2017
465
541
136
Pretty stupid to NOT test it on Ryzen at this point.
Why it's always like this?
They discover and test the flaws in Intel chips but not on AMD chips? They just wrap it up with "we suspect"?
This is ridiculous, or they test and see or they say nothing.
 

JoeRambo

Golden Member
Jun 13, 2013
1,217
1,121
136
The way this vulnerability works, pretty much any SMT implementation is vulnerable as long as threads share core execution resources and very precise timing is available to all processes.
 

Abwx

Diamond Member
Apr 2, 2011
9,233
1,112
126
Really? What a poor post.
Poor, really..?.

One month that Intel received the detailed info, they surely checked also for AMD systems but here all they had to say :

Update on November 2, 15:20 ET: An Intel spokesperson has provided the following statement in regards to the research team going public with details about the PortSmash flaw:

Intel received notice of the research. This issue is not reliant on speculative execution, and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers' data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners and researchers to understand and mitigate any vulnerabilities that are identified.


LOL...
 

beginner99

Diamond Member
Jun 2, 2009
4,846
1,233
136
Again this issue is IMHO overblown. It's irrelevant for consumers as the attack needs to install malware. In that case you already lost. It's only a problem for cloud / VM providers. But even there an attacker can't attack a specific target only whatever is running on the same physical core. Chances of making profit from that are low. Anything critical will either not run in the cloud or a dedicated server with no other users.
 

VirtualLarry

No Lifer
Aug 25, 2001
51,728
6,771
126
How does this exploit affect CMT processors like the AMD FX series (BullDozer and derivatives?) If those CPUs need to have half of their cores disabled for security purposes, people are going to be pissed.

Then again, given BullDozer / PileDriver's not-so-great utility for cloud computing, this may be a non-issue. Also, perhaps, CMT architectures are not as affected?
 

dualsmp

Golden Member
Aug 16, 2003
1,617
30
91
The last SMT vulnerability TLBleed only affected Intel, so including the throwaway line "AMD processors likely impacted" seems politically driven. Either test AMD processors and prove they are vulnerable or shut up about such speculation.
 
Last edited:

LTC8K6

Lifer
Mar 10, 2004
28,520
1,573
126
Poor, really..?.

One month that Intel received the detailed info, they surely checked also for AMD systems but here all they had to say :

Update on November 2, 15:20 ET: An Intel spokesperson has provided the following statement in regards to the research team going public with details about the PortSmash flaw:

Intel received notice of the research. This issue is not reliant on speculative execution, and is therefore unrelated to Spectre, Meltdown or L1 Terminal Fault. We expect that it is not unique to Intel platforms. Research on side-channel analysis methods often focuses on manipulating and measuring the characteristics, such as timing, of shared hardware resources. Software or software libraries can be protected against such issues by employing side channel safe development practices. Protecting our customers' data and ensuring the security of our products is a top priority for Intel and we will continue to work with customers, partners and researchers to understand and mitigate any vulnerabilities that are identified.


LOL...
AMD made a statement, if you care to read it. Don't let me stop you.
 

ASK THE COMMUNITY

TRENDING THREADS