Re: [Test-Announce] Call for testing: updates to address today's CPU/kernel vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 4 Jan 2018 09:23:58 +0800
Ed Greshko <ed.greshko@xxxxxxxxxxx> wrote:

> I don't know about that.  Going to https://meltdownattack.com/ it
> reads....
> 
> Which systems are affected by Meltdown?
> Desktop, Laptop, and Cloud computers may be affected by Meltdown.
> More technically, every Intel processor which implements out-of-order
> execution is potentially affected, which is effectively every
> processor since 1995 (except Intel Itanium and Intel Atom before
> 2013). We successfully tested Meltdown on Intel processor generations
> released as early as 2011. Currently, we have only verified MeltdownC
> on Intel processors. At the moment, it is unclear whether ARM and AMD
> processors are also affected by Meltdown.
> 
> Notice the last sentence.
> 
> And how about
> https://www.windowscentral.com/all-modern-processors-impacted-new-meltdown-and-spectre-exploits  ;
> ?
> 
> Unless there is a significant performance hit isn't it better to just
> be safe and make it for all?

The hit is significant.  I've seen numbers from 17% to 30%.  And, I
saw a patch submitted by AMD for the kernel that bypassed the fix for
AMD CPUs, as well as the statement.  I'll take AMD's word over that
of the above site. I can't speak to ARM; I've seen nothing about the
effect on them, which leads me to believe that there isn't one.  But
the site above could be right about ARM.

The exploit appears to be related to speculative execution that Intel
CPUs do to improve throughput.  i.e. they run all likely paths, so
the one actually chosen is already completed or in process.  During that
execution, the security level can be escalated to that of the kernel
from that of the user process, allowing the exploit.  AMD doesn't do
that speculative execution, so they aren't vulnerable to the security
level escalation.

There is speculation online that Intel is pushing for other x86 CPUs to
be subject to the fix so they aren't the only one affected by the
performance degradation.  There's probably a reason the CEO of Intel
sold all that stock in December.  :-)

But the actual exploit is supposed to be formally announced soon, which
should end all the confusion.
_______________________________________________
test mailing list -- test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to test-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux