troublemaker_23 shares an article from ITWire: Linux creator Linus Torvalds has had some harsh words for Intel in the course of a discussion about patches for two bugs that were found to affect most of the company's processors... Torvalds was clearly unimpressed by Intel's bid to play down the crisis through its media statements, saying: "I think somebody inside of Intel needs to really take a long hard look at their CPUs, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed... Or is Intel basically saying 'we are committed to selling you shit forever and ever, and never fixing anything'?" he asked. "Because if that's the case, maybe we should start looking towards the ARM64 people more."
Elsewhere Linus told ZDNet that "there's no one number" for the performance drop users will experience after patches. "It will depend on your hardware and on your load. I think 5 percent for a load with a noticeable kernel component (e.g. a database) is roughly in the right ballpark. But if you do micro-benchmarks that really try to stress it, you might see double-digit performance degradation. A number of loads will spend almost all their time in user space, and not see much of an impact at all."
Red Hat screws up their implementaition of the fix
Won't boot with a Xen hypervisor (eg. Amazon AWS) [centos.org]
CentOS's kernel-plus 7.4 boots fine under Xen 4.9 running with Fedora 27, all with the latest patches.
RHAT doesn't give a damn about Xen. Maybe they didn't break it intentionally on 7.4 but they didn't test it either. 'Cause nobody like Amazon uses Xen, right?
But buy their KVM product, it's much less prone to [their] breakage. Hah. Debian isn't hostile to Xen, nor is Arch.
I think that the bad kernel package has been withdrawn.
Redhat's support is very selective these days. There is a clear imperative to more quickly support products that they can wrap a support contract around like RHEL. I understand that since they've got Wall Street to please, salaries to pay, etc., but it would not be a lot of extra effort to also support the free products in their ecosystem at a similar cadence. As a result, I have been weaning applications off Redhat products. The availability of support is great, but the vast majority of my applications
does it have speculative execution? if so, is it also vulnerable in similar way? Intel doesn't have monopoly, they have competitors in mobile, desktop and server spaces.
80-90% of x86 CPUs.
80-90% is not a monopoly. If you don't like Intel, there are reasonable alternatives that will run 100% of your current software.
Re:Zhaoxin
It's not a pure monopoly, but it has a lot of monopoly power. Monopoly is not a binary state, as most lay pedants assume.
There is no such legal concept as "pure monopoly". There is only anti-competitive behavior as defined in America by the Sherman, Clayton and FTC acts [wikipedia.org] which includes such concepts as market power. There is endless confusion about this simple fact: a monopolist need not control 100% of a market to violate anti-trust laws. Usually much less than that, less than 50% is not at all uncommon. What matters is breaking the law or not.
Re:Zhaoxin
Re: Zhaoxin
He won the name game.
Actually, 83% is often used as a cutoff in both the US and Canada, derived from (US) judge Learned Hand's opinion...
Hand's opinion is certainly not the last word on the subject. From the horse's mouth: "Somebody has 40 percent of the market but everybody else has one percent each."); id. at 52 (Sidak) ("Would we infer that there is not a problem because the market share is only 40 percent and that is way below Judge Hand's ALCOA threshold or would we look at a price increase or loss of competitor market share and say that is a more direct set of facts that elucidates what the price elasticity of demand is?" [justice.gov]
Perhaps. However if you're buying hardware from a company like HP they might not support a non-intel choice for the particular servers you want/need. Try getting one of their commodity DL360/380 servers with a non-Xeon part.
Personally, I welcome the addition of competition in the server market. Epyc looks like it will be a boon to folks who need more threads and more memory and who don't want to pay the huge Intel premiums for their highest core counts.
Re:Zhaoxin
We clearly don't trust Intel
... why would we trust Chinese CPUs??
Who is more likely to put in a backdoor for the NSA? Intel or China?
Intel of course!
Zhaoxin will more likely do the same for Ministry of State Security or another spy agency in China.
They're both likely to have a backdoor for their own state.
Re:Zhaoxin
Chinese companies just put in backdoors for the Chinese government, organised crime, your Chinese competitors and so on.
https://thehackernews.com/2015... [thehackernews.com]
http://www.zdnet.com/article/f... [zdnet.com]
http://www.securityweek.com/ap... [securityweek.com]
http://www.businessinsider.com... [businessinsider.com]
https://tvnewswatch.blogspot.c... [blogspot.co.uk]
Re:Zhaoxin
Most likely to put backdoors into PLA are ColorFabb, Faberdashery or Proto-Pasta. But you'll have to download a 3D model of a backdoor first.
Russian CPU's?
https://thenextweb.com/insider... [thenextweb.com]
""Ruselectronics also said that the chip contains features that “guarantees its users a high level of information security,” although it’s not immediately obvious what these are.""
No thanks. We don't need any rice cookers with direct line to Xi Jinping.
Just bring back the Alpha chip. Whoops! Intel owns it. That sucks! Once again our technology is crippled by patents and copyrights. We could have a vastly superior chip right now. Oh well...
Re:Zhaoxin
The patents on the original MIPS architecture have run out by now. And MIPS was both very similar to Alpha and very elegant.
I have to ask... What's the state of play with the recently acquired Imagination now that Apple have stopped licensing their GPU and everyone else switched to Mali long ago?
I would have thought that Canyon Bridge might release a cheap MIPS board as a raspberry pi competitor.
Re: (Score:3)
MIPS was bought by Imagination Technologies who also own PowerVR (and, oddly enough Pure, a wonderfully geeky DAB radio company)
https://en.wikipedia.org/wiki/... [wikipedia.org]
MIPS/Imagination is heading resolutely for embedded platforms and probably the plughole.
Still the original MIPS architecture is probably patent free. And Loongson make MIPS compatible chips. Unlicensed as far as I know. Not that there is much to licence in the original MIPS architecture
https://en.wikipedia.org/wiki/... [wikipedia.org]
So it's possible for third part
Just bring back the Alpha chip. Whoops! Intel owns it.
Not so, it came back as Ryzen. [wikipedia.org]
Re:Look to arm64
His point is more likely the fact that ARM didn't do any sort of PR-bullshit and instead produced a very, very in-depth whitepaper, example-code and whatnot on the whole thing. Their behaviour here is pretty much everything one would hope for in a case like this.
ARM has a lot less to lose
While ARM CPUs are relatively ubiquitous in smartphones and tablets, those devices aren't nearly as high-value of a target as servers, where Intel CPUs dominate (well over 90% of the market).
Linus is in a unique position - he is an engineer, almost 100% focused on technical solutions, yet he is also a public facing figure and is able to make public comments. He also (to the best of my knowledge) doesn't have to worry about customers, profits, shareholders, etc., things that a for-profit, publicly-traded company does. Most of the time, the engineers aren't the ones making public comments. I haven't heard from any Intel engineers yet, only their PR department, but I would guess the Intel engineers are just as interested in fixing this as he is, but we aren't hearing about it.
Re:
Linus is in a unique position - he is an engineer, almost 100% focused on technical solutions, yet he is also a public facing figure and is able to make public comments. He also (to the best of my knowledge) doesn't have to worry about customers, profits, shareholders, etc., things that a for-profit, publicly-traded company does
You've succinctly explained why Intel is in the troubles they are.
nvidia make their own ARM SoC; just sayin'.
That'll show 'em
Or is Intel basically saying 'we are committed to selling you shit forever and ever, and never fixing anything'?" he asked. "Because if that's the case, maybe we should start looking towards the ARM64 people more."
Not sure how much Intel really cares about threats from the free Linux community - vs Microsoft, etc... To quote Rick Sanchez, "What -- What's this supposed to accomplish? We have infinite grand-kids. You're trying to use Disney bucks at a Caesar's Palace here."
Not sure how much Intel really cares about threats from the free Linux community - vs Microsoft, etc...
Do they care about selling CPUs? Do they care about the competition who clearly has the advantage now? If they do they better get their shit together and stop pissing off the IT guys that will make or break them.
Re:
This was said over and over on slashdot: not everyone has your use-case.
Ya, I get that. But I'll note that I'm a system programmer and system administrator and have administered Windows, Unix and Linux on just about everything from PCs to Crays over my 30+ years, so I have a lot of varied use-cases under my belt. I have Intel and AMD systems at home running a mix of Windows, Linux, BSD and vSphere - with a mix on that.
linux dominates the server market. it's installed on all the world's supercomputers. if these have a 5% performance hit because of the intel meltdown bug, you bet your ass it's a big deal (as in very expensive). also all enterprises run linux on servers to a degree.
Sure and many of those system use Intel processors. Sure, they could switch to other architectures or they could just add 5% more Intel CPUs. Perhaps Intel coul
Threats from who?
[Intel] was the largest corporate sponsor of new contributions to the Linux computer operating system, according to a report Wednesday morning from the Linux Foundation [oregonlive.com]
Intel is a big part of that community.
They were the top corporate contributor in 2015 and 2016. Before that they were second to Redhat. Before that they were third to Redhat and Novell.
Re:
Or is Intel basically saying 'we are committed to selling you shit forever and ever, and never fixing anything'?" he asked. "Because if that's the case, maybe we should start looking towards the ARM64 people more."
Not sure how much Intel really cares about threats from the free Linux community - vs Microsoft, etc...
Out of touch much? Intel now derives a large and expanding portion of its revenue from Linux servers, versus the shrinking Wintel market. Intel cares every much about its image in the Linux community, it is very easy to drive devs away to ARM and AMD. Intel has done a respectable job of keeping that brain drain under control and anything else would just be suicidal.
Re:
He has found/created a small pond
The world's most widely-used operating system kernel is hardly a "small pond".
Some people see this and call him irrelevant. They feel that he shouldn't be allowed an
And, to be honest, the larger world has no idea who the guy is nor to they pay any attention to what he has to say no matter how much attention he seeks. He has found/created a small pond, and careens around like a shark in a goldfish bowl. That's not particularly bad or at all unique, but certainly no one at Intel gives a crap what he thinks, and to expect any different shows a lack of perspective.
Guess what? Nobody give a shit what you think either. As the software he writes and manages runs most of the devices on the planet and is the world's most widely used OS, some of us actually care what he thinks. You, not so much...
Don't like Linus; Agree with Linus; CEO s/b fired.
Intel on the other hand issued a totally bizarre PR spin. Trying to spin it as works as designed (which might be the case, but the design was flawed), trying to distract the public by using 'Look over there...' deflection technique. Then indicating that the earliest architectural change will be later this year (which by the way coincides with the beginning of the next generation release). Processors for one generation of chips tends to be phased in over a two year period - does this mean that they plan to continue selling defective CPUs for the next 2 and a half years?
On top of that the news that the [probably legal] sale share (after the news of the defect, but before it was made public) -- is at least optically horrible. An ethical CEO would have delayed the planned share sale until after the defect was public - and accepted the risk of holding onto the shares during that time. Not to mention selling 889,700 shares and keeping only the absolute minimum to remain CEO
This all put together indicates to me that the current CEO should be fired.
> But in typical, Linus hissy-fit fashion he pivots to tangential claims, like how Intel will "sell shit forever" and "never fix anything".
Dude, you and I are seeing this NOW.
But some folks have been aware of that fact since some time, and no solution came up -- because this one is hard... hardware. The bubble just popped because Google decided enough is enough (not to mention this affects their business directly).
And what about the designers? What were they thinking? Don't they know about space separati
what about the designers? What were they thinking? Don't they know about space separation?
You seem less than clear on the details. There is nothing wrong with Intel's privilege separation, however nobody anticipated that timing attacks could be so effective, even the researchers. It came down to luck more than anything: AMD, by luck more than anything, implemented algorithms that avoid the worst of it, but bad luck for Intel. Hard to fault the Intel engineers, but one can certainly fault the managers for a less than forthcoming response.
Not about zero defects...
The lack of acceptance of responsibility, the attempt to deflect responsibility; the lack of transparency on when/how the defect will be fixed. That is why Linus was right to tear a strip off of Intel.
Most CPU defects can be patched. This one cannot.
According to Intel anyway who, if they did patch it, would own the responsibility for any more problems and/or bricked CPUs resulting from that. Since it affects almost every CPU they've made in the last 20 years, better for them to punt with "fixed in the next release".
Re: Linus love attention more than money
well, the right thing for intel to do IS to recall all CPUs for users that request it. also to NOT downplay the huuuge security issue that they have caused, in their race for corner-cutting. maybe to publish some test results for the patches, maybe open some specs that might help the devs in better patching this issue in software, maybe even dump some cash for the devs. These are just from the top of my head, but you get the picture. The whole fiasco was very badly handled by Intel.
They probably do think that.
No they don't, they have plenty of competent kernel engineers on staff. Some PHB thinks that.
I actually do think the issue is minor
The kernel memory read issue was 90% a design decision to improve performance. I would argue that it should actually be an option in the BIOS. The fact the AMD didn't do this with zen to match Intel is what is really interesting. Intel did a little cheat to improve performance but AMD didn't and chose caution.
To me it's not a clear cut case if you brought a class action into court. The engineers cheated a bit but didn't think it would turn into such a security hole. I can just imagine the closing arguments... point is computers are complicated and not necessarily a guaranteed thing except that they can compute.
the Intel bug does not look like an intentional design decision to me, more like an oversight. the performance win speculating over security domain page boundaries can not be that large, I would guess it should be 1% loss.
...
IMHO someone just did not really think all the details and consequences of this boundary case thru,
It doesn't matter if Intel intended to open up a security hole or not. The tort system in the U.S. is one of strict liability. If something goes wrong with your product, and you didn't explicitly say NOT to do that, then you're on the hook. It doesn't matter what your intentions were, only the result.
Your subject line is idiotic. There is nothing minor about millions of computers having authentication secrets exposed.
AMD got lucky with their design decisions, if it was a conscious decision they'd have exposed Intel's flaw themselves.
You're acting like it's possible to make a decision of this magnitude unconsciously. AMD consciously chose to do things the correct way, whether or not they knew what Intel was doing. That they didn't expose Intel's flaw suggests that they in fact did not know that Intel was playing fast and loose there. I'd argue that if they did know what Intel was doing and chose not to do the same, that would be even more laudable, but I am perfectly happy that they chose to do things correctly no matter the reason. It
Older AMD processors still leaked information between protection domains through the BTB, was that a conscious decision? BTBs have been leaking information into scripting language sandboxes for everyone, they were conscious of that and didn't bother telling anyone nor provide a way to fix it?
I'm sure a lot of people have been sitting on these exploits for a long long time, but I hope AMD designers were not among them. I'd rather have them be blind to it than massive assholes.
I'm sure a lot of people have been sitting on these exploits for a long long time, but I hope AMD designers were not among them. I'd rather have them be blind to it than massive assholes.
Like I said, I share the belief that their failure to share the information probably means that they in fact did not know. Why wouldn't they have shared this information with us, when they come out looking like geniuses, or at least responsible?
the many forks of speculation
So you decide to speculate a future instruction.
It happens to be a load.
The address is [ebp+eax]. A recent instruction had the same address field, so you speculate that it remained the same.
Now you need to translate the address. The translate might be in the TLB, but you check, and for some reason it isn't.
So you decide to speculatively trigger TLB load.
Finally, you get a physical address back. A previous write instruction is not yet translated, but it seems unlikely it will translate to the same address, so you decide to speculate the load and you make a cache line request from L1.
It might be in L1, but it isn't. So you decide to speculate again, and request it from L2. Not in L3, either, so finally you speculate the load all the way to external memory. When the cache line returns, you speculatively cache this at all levels. Then you speculatively store the value into the target register. The final step was the least dangerous, because you can dump this later, no harm to the abstract state. But the concrete side effects on the TLB and the three layers of cache are not so easily reversed. In theory, the concrete state doesn't leak into the abstract state. Because we simply don't like to think about time (time, above all things, being never simple; hint: functional programming has no time, only progress).
Not all speculative architectures are created equal. There are many opportunities for an architecture to Just Say No.
With cache coherence, you have the MESI protocol [wikipedia.org] (and its bewildering shoe full of second cousins).
One could apply the same concept of "exclusive" to the page tables, an exclusively mapped page being one mapped only onto into the current process and security context. If TLB speculation hits a different kind of beast, abandon speculation. Same thing with cache fill. Concrete side effects thereby only accrue from speculation to exclusive resources. Share-nothing usually solves most problems in computer science (except performance, which is mainly defined in the time domain).
I'm gong to abandon the back of my envelope here, One has to think really damn hard to take this to the next logical level, and frankly, I don't have a damn to spare right this very minute.
But please, advance the conversation beyond:
[_] has speculation
[_] does not have speculation
Because that is Intel's diabolical trap, for as long as their PR department can continue to get away with tugging their wool in broad daylight.
off-topic quickie
I got to thinking about Google's clever Retpoline from the other day.
Google Says CPU Patches Cause 'Negligible Impact On Performance' With New 'Retpoline' Technique [slashdot.org]
The problem is, this is not invariant under peephole optimization. These instruction sequences need to be handled by the compiler through a very literal minded end-game code generation pass.
Which got me to thinking about RETGUARD gadgets.
RETGUARD, the OpenBSD next level in exploit mitigation, is about to debut [reddit.com]
Retguard: OpenBSD/Clang [ycombinator.com]
I know, both
Are speculative gadgets a problem here? If so, Google's clever patch is going to need a sump pump bolted on the side.
Sure, speculative gadgets are a problem... which is why the Retpoline solution has to be applied to every binary in the system. And it has to be implemented in the code generation back-end. The back-end has to scan for potential gadgets and retpoline them.
And then you get into the whole problem of deterministic compilation [wikipedia.org] in order to be certain that the executable you build contains the necessary mitigations (or some tricky post-compile analysis I sure don't wish to develop myself).
That's an easy problem for Google and, I expect, other big cloud systems. Google builds everything itself, including compilers. If you're big enough and have the engineering resources, that makes sense for lots of other reasons anyway.
For everyone else,
FDIV redeux
https://en.wikipedia.org/wiki/... [wikipedia.org]
Linus being a drama queen again
His quote: "Or is Intel basically saying 'we are committed to selling you shit forever and ever, and never fixing anything'?"
I think the record until now clearly shows that Intel's CPU products have actually been generally pretty good and that they actually do release fixes for their fuckups.
Let's put this into perspective: its a security hole not a major functional failure. People are having to get amazingly creative in finding new ways to break into anything. Basically anything even slightly complex has p
Ryzen my friends
Meanwhile, enjoying my Ryzen, largely unaffected by Meltdown or Spectre [reddit.com] in spite of some well meaning or self-serving FUD to the the contrary. Yes, I got an early part with the segfault bug, but AMD RMAed without fuss when presented with appropriate https://github.com/suaefar/ryz... [github.com]>test data to eliminate the possibility of bad motherboard, memory or overclocking. Quite different attitude compared to Intel! And the Ryzen is sweet - 16 high performing CPU threads, tiny power consumption at idle and respec
where are the patches?
Intel has said they are working together with oem partners blah blah but i have yet to see their microcode patches posted on their website. I build my own machine, i can't contact Lenovo (who haven't even acknowledged most of their products are vulnerable)
CPU cannot be patched
FPGA, Linus, FPGA!
I'm no fan of Trump, but let's remember that Mueller's investigation is still ongoing.
Even the publicly know facts are damning, just one example: the Trump tower meeting with Russians, including denials already admitted as false, and multiple attempted cover ups. It's hard to imagine any objective observer not already having enough evidence at hand to know that America is currently under the control of a criminal gang of thugs.
This is not about Republicans versus Democrats, it is now about saving democracy.
Hey Linus.
How's that Transmeta business going?
Wrong, he works for the Linux Foundation, and has since IIRC 2013.
It's too bad Asshole Torvalds isn't still employed by CPU maker Transmeta, so Linus can't tell his loyal following of Linux idiots to boycott Intel crap and buy Transmeta perfection instead. Transmeta CPUs were the bestest ever and that's why Transmeta went out of business, right.
The idea behind the Transmeta architecture may not have panned out, but I'm guessing that it had one redeeming feature compared to the current CPUs on the market: If their CPUs did have this problem, they probably could have fixed them with a firmware update.
BS - It is serious.
The issue is that through using the exploits you can have access to things like passwords used in kernel code, certificates, etc. -- and that can get this through pilfering the cache -- which breaks the isolation between user applications and the operating system.... While already bad on a personal computer, it is horribly bad for shared hosting environments -- where some actor can get access to a common computing environment and attack from the inside.
on Linux anyway, things like authentication and certificates are handled by other apps, some of which may access syscalls of course, but to repeat - as SO many do - that passwords are part of kernel code is nonsense.
You are the one who does not understand. Every bit of memory on your computer goes through the kernel. As witness that far more clueful people than you regard these issues as deadly serious.
How would you know; when you know - it's too late
Basically, by the time the world would have visibility - it would already be far too late (and it may be the case). We see the results, but not the attack vector... The odds of a whitehat finding any exploit first -- is probably much less than 50%.
The odds of a whitehat finding any exploit first -- is probably much less than 50%.
What is your rationale for this claim?
Economics
Ask anyone involved - even whitehats - and you are likely to be told that the demand and renumeration for exploits on the open market is higher than it is for submitting it and expecting a bounty.
I work with a lot of such people, and their response is that remuneration on the dark side is iffy and dangerous, and there's the constant threat of getting caught and prosecuted. Their opinion is that -- excluding spook operations -- the black hat side is small and relatively untalented.
I guess maybe it depends how you classify the government-funded stuff. Personally, I don't consider it either white or black, but somewhere in between. And I don't think it attracts the best, though perhaps quantity count
No known exploits in the wild yet.
How many unknown exploits in the wild?
Oh, right, we don't know. If we did, they wouldn't be unknown.
No issue with Intel and design.
It is not the design / defect that I have lost
>you heard me. he may be a great programmer, but he doesn't know DICK about how hard it is to make a CPU
Did you forget that Linus worked at Transmeta?
Linus is reasonable angry at Intel's response
