[ZDNet] Intel CPUs impacted by new PortSmash side-channel vulnerability

[DaveSimmons]

But the leaks must be acquired from a single core contention, and here it is useless to try anything on the FPU since even if it s SMT the initalisation and completion of each process is managed by the two separate cores.

I haven't investigated contention or data retention for any of the shared resources, and perhaps they are all safely shared. But perhaps not, some clever researcher might find a leak via timing changes, or a sequence of operations exposing a flaw in the data sharing. Or something entirely new.

Until there is a successful CMT design few if any researchers are going to put effort into poking holes in its security.

 

[IntelUser2000]

no, i mean if CMT design is safer, maybe they will design Zen with CMT, instead of SMT, or maybe fix several Bulldozer flaw.

Yea, but CMT sucks, that's why AMD moved away from it with Zen. It's probably why pre-Bulldozer did ok and why Zen got such an improvement.

CMT must be like those things where it sounds good in paper, and maybe even in simulation but not in reality. The degradation in performance happens because there are penalties in sharing an execution unit due to resource contention and that significantly increases latency. That's why sharing works for some things and not others.

Whatever you may theoretically save in power and transistors from using CMT is overcome by probably needing some sort of a rather complex router that intelligently distributes instructions between the two.