News Side Channel Attack Hits Arm CPUs

Gomez Addams

Prominent
Mar 4, 2020
53
27
560
The first sentence of the article :

"Arm, the well known manufacturer of chips that power our daily lives, ..."

This is incorrect. They do not manufacture anything. They license intellectual property and provide design services and tools.
 

cfbcfb

Reputable
Jan 17, 2020
96
58
4,610
Color me shocked that there is an exploit for a CPU. Its almost as if all of them have exploits and will eventually be found as time passes.

Folks like Intel as a punching bag, but issues with AMD and ARM chips are about as common and severe as those affecting intel. AMD was just found to have a bug going back to 2011 that affects everything they've made since.

This may not be popular, but this is in many ways a part of the much vaunted "competition" that brings us faster, cheaper things more quickly. Testing has to be cut short, software compatibility is often delayed past the hardware introduction, etc.
 

InvalidError

Titan
Moderator
Color me shocked that there is an exploit for a CPU. Its almost as if all of them have exploits and will eventually be found as time passes.
Given infinite time and infinite resources, exploit vectors can be found in even in security-hardened stuff. Doesn't make them practical in the real world, though you may still want to keep possibilities in mind because even if there is only a one in a billion chance of a given exploit succeeding, there are places where a once per billion failure is all you need to get screwed such as top-level authentication certificates and root keys.
 

nofanneeded

Respectable
Sep 29, 2019
1,541
251
2,090
CPUs that access data in advance

and yet all CPU makers insist on using this even after they know already it is dangerous to design CPUs this way ...

we dont need that extra performance we get from this when it is not secured ... Abandon this method CPU makers !!!
 

abryant

Asst. Managing Editor
Staff member
May 16, 2016
183
17
10,685
The first sentence of the article :

"Arm, the well known manufacturer of chips that power our daily lives, ..."

This is incorrect. They do not manufacture anything. They license intellectual property and provide design services and tools.
This has been fixed. Thanks.
 

InvalidError

Titan
Moderator
and yet all CPU makers insist on using this even after they know already it is dangerous to design CPUs this way ...
we dont need that extra performance we get from this when it is not secured ... Abandon this method CPU makers !!!
Without speculative out-of-order execution, modern CPUs would have massively slower single-threaded performance from threads stalling on every single conditional branch and the inability to prefetch data based on where speculative execution is going so dependencies don't cause stalls. Modern x86 CPUs look 192-320 instructions ahead to fill execution units and with typical code having one conditional branch every 15-20 instructions, that's 10-20 branches ahead. The performance penalty would be massive, quite possibly in excess of 90%.
 

nofanneeded

Respectable
Sep 29, 2019
1,541
251
2,090
Without speculative out-of-order execution, modern CPUs would have massively slower single-threaded performance from threads stalling on every single conditional branch and the inability to prefetch data based on where speculative execution is going so dependencies don't cause stalls. Modern x86 CPUs look 192-320 instructions ahead to fill execution units and with typical code having one conditional branch every 15-20 instructions, that's 10-20 branches ahead. The performance penalty would be massive, quite possibly in excess of 90%.

what 90% ? this is wrong , it is 90% of the time you need to fetch the data not the total speed of CPU. it would be 20% hit in total speed at worst speculations.

older cpu's the time of core 2 Generation did not use this method and they were not slow at that time.
 
Given infinite time and infinite resources, exploit vectors can be found in even in security-hardened stuff. Doesn't make them practical in the real world, though you may still want to keep possibilities in mind because even if there is only a one in a billion chance of a given exploit succeeding, there are places where a once per billion failure is all you need to get screwed such as top-level authentication certificates and root keys.

True. There are plenty exposed that are not applicable. For example some require physical access. If you are at the point where someone is physically accessing your servers or systems you have much bigger problems.
 

bit_user

Polypheme
Ambassador
The first sentence of the article :

"Arm, the well known manufacturer of chips that power our daily lives, ..."

This is incorrect. They do not manufacture anything. They license intellectual property and provide design services and tools.
True, but irrelevant. Ideally, they'd have said something like "producer of the IP in many chips that power our daily lives, ..."

Still, their wording gets the point across about why this is potentially relevant to the reader, which is the real goal.

And basically no one besides Intel and Samsung actually manufacture their own chips anymore, anyhow.
 

bit_user

Polypheme
Ambassador
You have no idea how wrong you are. Speculative execution has been in x86 CPUs since the Pentium Pro back in 1998.
I think you're getting off-topic. The issue is prefetcing data across speculated branch boundaries.

And I doubt the Pentium Pro (launched in 1995, BTW) did that, being the first x86 CPU to do out-of-order, at all.

BTW, I'm not arguing the broader point - clearly there's a real win to this prefetching, or else they wouldn't have bothered to do it.