Info Meltdown and Spectre Vulnerabilities Information

Page 12 - Seeking answers? Join the Tom's Hardware community: where nearly two million members share solutions and discuss the latest tech.
Toggle sidebar Toggle sidebar
Status
Not open for further replies.
I would not be surprised if the exploits have already been exploited in the wild.

AFAIK, there isn't any way to trace it since it's straight inside the CPU... Only way would be to check network/firewall logs and try to find out if anyone got in and correlate that with loss of data.
 
Ubuntu Preparing Kernel Updates With IBRS/IBPB For Spectre Mitigation
Written by Michael Larabel in Ubuntu on 18 January 2018 at 08:25 AM EST
https://www.phoronix.com/scan.php?page=news_item&px=Ubuntu-Preps-Spectre-Kernels
Canonical has rolled out Spectre Variant One and Spectre Variant Two mitigation to their proposed repository with updated kernels for Ubuntu 14.04 LTS / 16.04 LTS / 17.10. These kernels with IBRS and IBPB added in will be sent down as stable release updates next week.

Canonical is mitigating Spectre Variant One/Two via the Intel IBRS/IBPB patches. Indirect Branch Predictor Barrier and Indirect Branch Restricted Speculation is the path being used by Ubuntu for addressing Spectre at this time. They do note they are investigating Retpoline support but given that it involves toolchain changes (patched GCC versions for now) for full support, they went ahead with the IBRS/IBPB approach although it may involve greater performance overhead.

The IBRS/IBPB means of restricting speculation of indirect branches and ensuring code does not control later indirect branch predictions does depend upon CPU microcode updates. The Intel CPU microcode updates are out there now on many Linux distributions and on the AMD side for some platforms but Ubuntu has yet to push out the updated AMD CPU microcode.

Canonical has back-ported Intel's patches to their Linux 4.13 kernel for Ubuntu 17.10, Linux 4.4 for Ubuntu 16.04 LTS, and Linux 3.13 for Ubuntu 14.04 LTS.
Canonical plans to promote these patched kernels to their stable update channel for all supported distributions next Monday, 22 January. Canonical previously sent down SRU kernel updates with KPTI (Kernel Page Table Isolation) for addressing the Meltdown vulnerability.

More details on the tentative kernel upgrades for testing via insights.ubuntu.com.

I've been meaning to run some IBRS/IBPB impact performance benchmark tests but have been occupied with Retpoline (and formerly KPTI) testing on top of my usual daily benchmarking workload. But plan to run some tests on these proposed Ubuntu kernel updates very soon for seeing how they compare to full Retpoline protection on Linux 4.15 built with GCC 8.0.1. Stay tuned...
Click to expand...
 


goldfingerattack.com goldeneyeattack.com octopussyattack.com thunderballattack.com casinoroyaleattack.com moonrakerattack.com also registered. Someone is having fun.
 


SPECTRE had nothing to do with Moonraker! Fake news!

But seriously, yeah, someone is having fun here.
 


The patches generated unexpected reboots in some Haswell and Broadwell systems. Intel is working in a solution. No very different from when patches affected some old AMD sytems and Microsoft halted the updates until the problem was fixed

http://www.businessinsider.com/microsoft-stops-updates-for-amd-machines-affected-by-spectre-and-meltdown-2018-1
 


These are BIOS patches. They're are, without a doubt, different beasts. Plus, they're telling everyone to stop applying them. Why do you feel the need to call out AMD on this as well, when we all know about it? Ah, right; "my dear Intel is being called out, I MUST PROTECT IT".
 


In the end, the performance impact of the Meltdown and Spectre patches is a bit more severe on laptops with an Intel U-series CPU inside compared to the desktop platforms we looked at earlier.

On the desktop, most productivity workloads saw performance drops that were within the margin of error, or a few percent at worst. However on both the Kaby Lake Refresh and Broadwell laptops we looked at today, almost every workload was impacted by an amount that’s too large to attribute to a simple margin of error.

Workloads like Cinebench, x264 encoding, Excel, Adobe Premiere, Photoshop, and MATLAB all experienced noticeable performance declines typically around the 5 percent mark, though the worst case was a 19 percent drop in Photoshop on the i5-5200U. Other tests like PCMark, Handbrake, 3DMark and both compression and decompression were largely unaffected.
Click to expand...

Based on this information, Intel is now advising OEMs to pull their Spectre BIOS updates until a newer release is tested and distributed. There have also been reports that the updates don’t even fix the vulnerabilities. Meanwhile, Google is coming to the rescue by offering a software solution that they claim not only patches the security holes but come at negligible impact in performance.

No doubt we'll be seeing even more updates to try and lock down these issues in the coming weeks and months, and we’ll be letting you know if any of them further affect (or fix) performance.
Click to expand...
 


Since I am using the Laptops I have for what the bugs actually really attack, I'm afraid I can't. I'm doing just that with my desk PC, since it's mostly for games, but my old and new laptops are for development 8(

I'm kind of screwed...

Cheers!
 


Same boat here. Wonder which will give out first: my 10k RPM HDD (SSD's were expensive back in 2011!), my 2600k, or my 1080 GTX not being able to push 4k.
 


You're seeing the aftereffects of this being made news earlier then intended; the patches were all rushed out without going through a full suite of testing, and you see the chaos that can result.

I think we're nearing the point where we may need to seriously take a look at our hardware/software designs and start over again. What we have now is always going to be security wrapped around what is fundamentally insecure. Unless you design both the hardware and software with security in mind from the ground up, these issues will continue to pop up, and I suspect with increasing frequency.
 
Status
Not open for further replies.

TRENDING THREADS

Latest posts

Moderators online

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom