![]() ![]() They can be revealed, for example, by careful timing of operations of the real CPU which the speculative state can cause to take longer or shorter than normal. Meltdown and Spectre are both due to cases where the side-effects of speculative execution on this hardware are not completely hidden. ![]() Modern processors have lots of hardware supporting speculative execution. If it is wrong the processor state accumulated during the speculative execution has to be hidden from the real program. If it is right, it has saved a lot of time. For example, it can guess which way it is likely to go at a branch, and head off down that path ("branch prediction"). So the CPU continues to execute "speculatively". It is a waste to stop the CPU while it waits for these operations to complete. What is speculative execution? Some things a CPU does, such as fetching a cache miss from main memory, take hundreds of clock cycles. That access would result in a page fault." Higher privileged data when running in a lesser privileged mode when That patch, the developer wrote, "The AMD microarchitecture does notĪllow memory references, including speculative references, that access That excluded AMD chips from the Meltdown mitigation. Just after Christmas, an AMD developer contributed a Linux patch This may have been due to an AMD engineer's comment: The public release of details about Meltdown and Spectre was rushed, as developers not read-in to the problem started figuring out what was going on. Good whitepaper, whereas AMD so far has only offered PR-and the fact that it contradicts both Intel (and, as we'll see later, ARM's) response is very peculiar. What these might be-while Intel released awful PR, it also produced a ![]() That of Intel: specifically, operating system patches. Systems, and for that, AMD is suggesting a very different solution from The array bounds problem has, however, been demonstrated on AMD Less susceptible to the branch prediction attack. The company also says (vaguely) that it should be AMD's chips aren't believed susceptible to the In addition, Intel's CEO is suspected of insider trading on information about these vulnerabilities:īrian Krzanich, chief executive officer of Intel, sold millions of dollars' worth of Intel stock- all he could part with under corporate bylaws-after Intel learned of Meltdown and Spectre, two related families of security flaws in Intel processors. Nobody claimed otherwise! The statementĭoesn't distinguish between Meltdown-a flaw that Intel's biggestĬompetitor, AMD, appears to have dodged-and Spectre and, hence, fails toĭemonstrate the unequal impact on the different company's products. Many statements that are technically true-for example, "these exploitsĭo not have the potential to corrupt, modify, or delete data"-but Produced on Wednesday, was a masterpiece of obfuscation. Below the fold, I look at the reaction, explain what speculative execution means, and point to the best explanation I've found of where the vulnerabilities come from and what the mitigations do.Īlthough CPUs from AMD and ARM are also affected, Intel's initial response was pathetic, as Peter Bright reports at Ars Technica: The three vulnerabilties are very serious but mitigations are in place and appear to be less costly than reports focused on the worst-case would lead you to believe. The release of these vulnerabilities was rushed and the initial reaction less than adequate. Now they, and other CPU manufacturers are facing Meltdown and Spectre, three major vulnerabilities caused by side-effects of speculative execution. I wrote in November about the vulnerabilities in their Management Engine. This hasn't been a good few months for Intel. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |