Friday, January 26th 2018

Intel Processors to Have "In-silicon" Fixes to Meltdown and Spectre This Year

Intel, which benefited from the post-Q4 public-disclosure of Meltdown and Spectre vulnerabilities in its latest results, is hoping to mitigate its fallout on Q1-2018. The company, along with several other CPU designers, such as AMD and ARM, are firefighting the two devastating security vulnerabilities through OS kernel patches and CPU micro-code updates; which come at a slight expense of performance. In a bid to unnerve investors, company CEO Brian Krzanich announced that Intel is working on "in-silicon" fixes to Meltdown and Spectre.

An "in-silicon" fix would entail a major CPU micro-architecture design that's inherently immune to the two vulnerabilities and yet offers the benefits of modern branch-prediction and speculative execution. Krzanich says processors with in-silicon fixes to the two vulnerabilities will be released to market by the end of 2018.
Source: Tom's Hardware
Add your own comment

47 Comments on Intel Processors to Have "In-silicon" Fixes to Meltdown and Spectre This Year

#26
bug
iO
Fixing it requires massive and fundamental changes which maybe has Sapphire Rapids but definitely not a Lake based arch.
Ah, this is where our views diverge.
Posted on Reply
#27
Cybrnook2002
Just let me know where to send my chips to have them swapped.
Posted on Reply
#28
theoneandonlymrk
iO
Former Intel employee on twitter:
[MEDIA=twitter]949370010652196864[/MEDIA]

It takes months and years of development, revisions, steppings, validations etc to make sure new hardware works as expected while not introducing new bugs or compatibility issues with existing code.

No way they are that fast putting something in sillicon while they cant get their "rather simple" micro code fix to work properly...
By in hardware i naturally read, with microcode pre loaded ,not all new architecture redesigned to be meltdown and spectre free personally.
Posted on Reply
#29
mab1376
They should offer a discount for anyone who bought a CPU in the last 5 years or so.

I just built my PC just under a year ago with skylake...
Posted on Reply
#30
efikkan
iO
Fixing it requires massive and fundamental changes which maybe has Sapphire Rapids but definitely not a Lake based arch.
It depends on what kind of changes are needed to handle the exploits. Some tweaks and adjustments can make it in by the end of 2018. A redesign of a module would require ~3 years or so. It would not be unlikely that Intel will include some kind of mitigations this year.
Posted on Reply
#31
mab1376
It would most likely require encryption of the l2 cache, or creating logical containers for each speculative execution to isolate something like malware from being able to pull specific data from the l2 cache.
Posted on Reply
#32
efikkan
mab1376
It would most likely require encryption of the l2 cache, or creating logical containers for each speculative execution to isolate something like malware from being able to pull specific data from the l2 cache.
No way, that's not relevant at this level.
It would involve creating enough safeguards, ensuring data can't be read until the branching is confirmed, and make sure everything is sanitized when it's not. This might result in slightly degraded performance for certain workloads.
Posted on Reply
#33
bug
efikkan
No way, that's not relevant at this level.
It would involve creating enough safeguards, ensuring data can't be read until the branching is confirmed, and make sure everything is sanitized when it's not. This might result in slightly degraded performance for certain workloads.
Probably this. Or perhaps delaying the cache write until branching is confirmed?
No matter, they have engineers that know this stuff better than me, I'm not worried :D
Posted on Reply
#34
efikkan
bug
Probably this. Or perhaps delaying the cache write until branching is confirmed?
No matter, they have engineers that know this stuff better than me, I'm not worried :D
Sure, it would probably be a combination of workarounds to ensure synchronization and sanitation. I would expect Intel to do workarounds for Ice Lake and Cascade Lake-X, and a proper redesign in the long run.
Posted on Reply
#35
CounterSpell
noob question:

what are those patches and fixes?

Because my Mobo manufacturer hasnt released any bios and windows 10 updates automatically. I mean, intel sad to dont apply any patches, but windows do it automatically. What now?
Posted on Reply
#36
Gasaraki
End of 2018? So if they are releasing new CPUs for the Z470 this year, they will still have the vulnerability? Are there no new cpus from Intel this year?
Posted on Reply
#37
lexluthermiester
R-T-B
The meltdown patch (where most of the performance was supposedly lost) was fine, at least as far as bugs are concerned. Their spectre microcode was pretty borked however, that is for certain.
^ This. AFAICT, It's just the Spectre type 2 patches that are being problematic.
Posted on Reply
#38
mcraygsx
So much for the resale value of current processors which is null at this point. And when organizations start to replace those vulnerable processors, ebay will be flooded with used CPU's. This proposed fix reminds me of saying ' Fix old bugs while replacing it with new ones'. And consumers will be made aware in a decade or two.
Posted on Reply
#39
renz496
So i should hold my 4.5Ghz 2500K a little while longer.....
Posted on Reply
#40
R-T-B
renz496
So i should hold my 4.5Ghz 2500K a little while longer.....
My bro is still 1080ping on a Westmere rig... so it's definitely an option.
Posted on Reply
#41
Legacy-ZA
R-T-B
When they can do a software fix? Why?

Meltdown has been fixed fine. It hurts performance but it works. Spectre effects all modern speculative CPUs. Are you seriously suggesting we recall all present high-performance CPUs?

When I buy a new car and it's advertised maximum speed was 200km/h, I don't want to hear later on "Oh our engine is kinda screwed, we can fix it, but you only get 160km/h, oops, sorry, thanks for your money though" No wonder the world has turned for the worse, too many people think like you do.
Posted on Reply
#42
R-T-B
Legacy-ZA
When I buy a new car and it's advertised maximum speed was 200km/h, I don't want to hear later on "Oh our engine is kinda screwed, we can fix it, but you only get 160km/h, oops, sorry, thanks for your money though" No wonder the world has turned for the worse, too many people think like you do.
It's more like a 10% penalty, but I'll run with your analogy, and say that if we had to recall every car on the road that wouldn't be practical either.
No wonder the world has turned for the worse, too many people think like you do.
Let's save the "you screwed up the world" blame for another day, eh?
Posted on Reply
#43
cyneater
So until intel swap me CPU -
Motherboard because I never would have bought it if I never bought the CPU
and RAM

With non borked products. Mabybe they should release a SR or spector rated processors :P like the old PR system

I will rag on them ... so pretty much for the rest of my life :P
So I wonder what else they missed.

Also the whole its going to take years.
Its Untel that have in comprehensible amounts of money.
If they wanted to do something they could.
Posted on Reply
#44
TheGuruStud
Cybrnook2002
Just let me know where to send my chips to have them swapped.
You're pretty funny.
Posted on Reply
#45
Vayra86
The resale value of these CPUs is fine. At least for consumer space they are, simply because the impact here is very low, both in a performance and security sense (if you patched).

The only reason this message comes out is so people can think Intel is ahead of the game and for Intel its a new selling point for another version of Core.
Posted on Reply
#46
bug
Vayra86
The resale value of these CPUs is fine. At least for consumer space they are, simply because the impact here is very low, both in a performance and security sense (if you patched).

The only reason this message comes out is so people can think Intel is ahead of the game and for Intel its a new selling point for another version of Core.
I sincerely hope Ice Lake will bring more compelling arguments to the table than Spectre and Meltdown immunity. And that this is just a reassuring message.
Posted on Reply
#47
lemonadesoda
Remember the CPU called Intel RapidCAD? It was a 486 chip in a 386 package. Easy upgrade for 386 mobos to 486 performance. There was also Cyrix and AMD's Socket-7 K6-2 to upgrade Pentium machines. Double or triple the performance for the fraction of the cost of a new computer.

There is no technological reason that Intel couldn't fab replacements to upgrade/replace older processors. The question is, where to draw the line? Considering the economics and the consumer goodwill, it would seem a no-brainer to make socket 1150/1151 swapables at a reasonable market price. The benefits? More modern fab process scaling, updated architecture, better performance, lower power/heat. Yes, I'd pay.

But is there a risk from class action lawsuits to make these swaps for free/cheap? Yes. Would Intel chipset partners be upset that the lifecycle of a computer is extended by another few years resulting in fewer new mobos/machines? Yes. Therefore Intel will go the microcode update path on your existing CPU, slow you down, and force you to buy again on a new platform for architectural improvements sooner than you had planned. It's the only way to recover the loss in share price! ;)

The 1990's was a better world for CPUs!
Posted on Reply
Add your own comment