| Thread overview | ||||||||
|---|---|---|---|---|---|---|---|---|
|
January 03, 2018 OT: Evidence of A Intel Virtual Memory Vulnerability | ||||
|---|---|---|---|---|
| ||||
 | The gist of the story is that an Intel vulnerability is requiring OS vendors to institute Page Table Isolation in their kernels. This fix has an _across the board_ 5-7% slowdown on Intel chips. Worse yet, programs which do lots of syscalls will see around a 30% slowdown or more, including compilation. AMD is not effected. Details and discussion: Reddit: https://www.reddit.com/r/sysadmin/comments/7nl8r0/intel_bug_incoming/ HN: https://news.ycombinator.com/item?id=16046636 | |||
Permalink
ReplyJanuary 04, 2018 Re: OT: Evidence of A Intel Virtual Memory Vulnerability | ||||
|---|---|---|---|---|
| ||||
Posted in reply to Jack Stouffer | On Wednesday, 3 January 2018 at 15:51:35 UTC, Jack Stouffer wrote: > The gist of the story is that an Intel vulnerability is requiring OS vendors to institute Page Table Isolation in their kernels. This fix has an _across the board_ 5-7% slowdown on Intel chips. > > Worse yet, programs which do lots of syscalls will see around a 30% slowdown or more, including compilation. > > AMD is not effected. > > Details and discussion: > Reddit: https://www.reddit.com/r/sysadmin/comments/7nl8r0/intel_bug_incoming/ > HN: https://news.ycombinator.com/item?id=16046636 Attack details published by Google Project Zero with official names https://meltdownattack.com | |||
January 04, 2018 Re: OT: Evidence of A Intel Virtual Memory Vulnerability | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Jack Stouffer | On Thursday, 4 January 2018 at 00:55:45 UTC, Jack Stouffer wrote: > On Wednesday, 3 January 2018 at 15:51:35 UTC, Jack Stouffer wrote: >> The gist of the story is that an Intel vulnerability is requiring OS vendors to institute Page Table Isolation in their kernels. This fix has an _across the board_ 5-7% slowdown on Intel chips. >> >> Worse yet, programs which do lots of syscalls will see around a 30% slowdown or more, including compilation. >> >> AMD is not effected. >> >> Details and discussion: >> Reddit: https://www.reddit.com/r/sysadmin/comments/7nl8r0/intel_bug_incoming/ >> HN: https://news.ycombinator.com/item?id=16046636 > > Attack details published by Google Project Zero with official names https://meltdownattack.com https://www.phoronix.com/scan.php?page=news_item&px=x86-PTI-EPYC-Linux-4.15-Test The linux kernel is not trusting even AMD chips. Supposedly even ARM is affected | |||
January 03, 2018 Re: OT: Evidence of A Intel Virtual Memory Vulnerability | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Jack Stouffer | On 1/3/2018 7:51 AM, Jack Stouffer via Digitalmars-d wrote:
> The gist of the story is that an Intel vulnerability is requiring OS vendors to institute Page Table Isolation in their kernels. This fix has an _across the board_ 5-7% slowdown on Intel chips.
>
> Worse yet, programs which do lots of syscalls will see around a 30% slowdown or more, including compilation.
>
> AMD is not effected.
>
> Details and discussion:
> Reddit: https://www.reddit.com/r/sysadmin/comments/7nl8r0/intel_bug_incoming/
> HN: https://news.ycombinator.com/item?id=16046636
Calling it a vendor or architecture specific issue is a bit misleading, based on the reading I did today. There's a couple different vulnerabilities here and they tie back to speculative (ie out of order) execution, timing of branch prediction, and timing of various conditions. These techniques are _widely_ used among high speed processors and any that use them are likely to be vulnerable when an adversary can control and time execution of code and data in caches. The same basic techniques have shown up in a number of recent exploits, for example some of those in SSL and TLS over the last few years.
It's very interesting research and I fully expect more of this sort of issue as more and more research is done.
| |||
January 05, 2018 Re: OT: Evidence of A Intel Virtual Memory Vulnerability | ||||
|---|---|---|---|---|
| ||||
Posted in reply to Brad Roberts | On Thursday, 4 January 2018 at 02:06:04 UTC, Brad Roberts wrote:
> Calling it a vendor or architecture specific issue is a bit misleading, based on the reading I did today.
In my defense, when I posted this all people had to go off of where the linux git patches. I assume the announcement was release when it was is because the reddit post linked made it to the front page, which forced their hand.
| |||
January 06, 2018 Re: OT: Evidence of A Intel Virtual Memory Vulnerability | ||||
|---|---|---|---|---|
| ||||
 Posted in reply to Jack Stouffer | On Friday, 5 January 2018 at 21:04:16 UTC, Jack Stouffer wrote: > On Thursday, 4 January 2018 at 02:06:04 UTC, Brad Roberts wrote: >> Calling it a vendor or architecture specific issue is a bit misleading, based on the reading I did today. > > In my defense, when I posted this all people had to go off of where the linux git patches. I assume the announcement was release when it was is because the reddit post linked made it to the front page, which forced their hand. Yes, the linux patches caused a lot of speculation so they pushed up the release from next week: https://www.anandtech.com/show/12214/understanding-meltdown-and-spectre | |||
Copyright © 1999-2021 by the D Language Foundation