Tuesday, October 9th 2018

Intel Fixes Spectre & Meltdown on New Desktop Processors, Core-X Will Have to Wait

The new 9th generation Intel Core processors arrived yesterday with a series of improvements made to entice gamers and content creators. These improvements, however, join others that go beyond pure performance. Intel has introduced several architectural changes to fix the infamous Spectre & Meltdown vulnerabilities, and the new processors mitigate most of the variants of these attacks through a combination of hardware, firmware and OS fixes.

The big changes come to two of the six variants of those vulnerabilities. In both "Rogue Data Cache Load" (Meltdown, variant 3) and "L1 Terminal Fault" (Meltdown, Variant 5) vulnerabilities these new processors have hardware fixes that are new and not present on the rest of the current portfolio of Intel chips. This includes the new Xeon W-3175X (Core-X Skylake-X Refresh), which still depend on firmware fixes to mitigate those problems.
The "Bounds Check Bypass" (Spectre's Variant 1) will still need to be mitigated by software for the time being, due to the need for deeper architectural changes. With that said, the current hardware fixes that have been implemented improve not only security, but also the performance of these chips. This is thanks to said hardware fixes having practically no impact on performance according to Intel, though we'll have to confirm this on future reviews of the new desktop processors. Source: AnandTech
Add your own comment

31 Comments on Intel Fixes Spectre & Meltdown on New Desktop Processors, Core-X Will Have to Wait

#1
mouacyk
Benchmarks! Benchmarks! Benchmarks!
Posted on Reply
#3
hat
Enthusiast
Didn't the news post yesterday say that the new hedt chips had these hardware fixes? Damn Intel is getting (more) confusing.
Posted on Reply
#4
R0H1T
"hat said:
Didn't the news post yesterday say that the new hedt chips had these hardware fixes? Damn Intel is getting (more) confusing.
Nope, if it was reported as such then it was inaccurate ~
Posted on Reply
#5
dwade
Even more reason to preorder the fastest gaming CPU in the universe.
Posted on Reply
#7
Salty_sandwich
"dwade said:
Even more reason to preorder the fastest gaming CPU in the universe.
it will be really great :)
Posted on Reply
#8
HimymCZe
"dwade said:
Even more reason to preorder the fastest gaming CPU in the universe.
Is Intel the new Apple? that kids are lining up to spend $1000 for 5% utilization they can't achieve.
Posted on Reply
#9
WikiFM
So Core X 9th generation is exactly the same at silicon level as the 7th gen? No thanks...

The news title needs fixing since just Meltdown is fixed, not Spectre.
Posted on Reply
#10
StrayKAT
"WikiFM said:
So Core X 9th generation is exactly the same at silicon level as the 7th gen? No thanks...
It's always been that way. Mainstream is the cutting edge, and HEDT a refined version of previous cutting edge. It's not going to fundamentally stop being "Skylake" until the next gen of HEDT.
Posted on Reply
#11
cucker tarlson
2 things will happen now
Intel will press reviewers to bench 8700k with fix on and AMD fans will say ryzen gained IPC with time compared to CL 1st gen :laugh:
Posted on Reply
#12
R0H1T
"WikiFM said:
So Core X 9th generation is exactly the same at silicon level as the 7th gen? No thanks...

The news title needs fixing since just Meltdown is fixed, not Spectre.
They're soldered aren't they, have better clocks as well? That's marginally better than the sham called Devil's Canyon aka 4790k which was supposedly shipping with better TIM IIRC.
Posted on Reply
#13
WikiFM
"R0H1T said:
They're soldered aren't they, have better clocks as well? That's marginally better than the sham called Devil's Canyon aka 4790k which was supposedly shipping with better TIM IIRC.
But now we are jumping not 1 but 2 generations for just STIM and higher clocks (like 100-200 Mhz).
Posted on Reply
#14
Vayra86
"HimymCZe said:
Is Intel the new Apple? that kids are lining up to spend $1000 for 5% utilization they can't achieve.
Fools and money are parted, I don't see the problem here honestly. There will always be a group that buys into hype, and they are also likely the most vocal about it.
Posted on Reply
#15
bug
I must have missed it, but why are people so hyped over hardware fixes for Spectre/Meltdown?
Posted on Reply
#16
R0H1T
"bug said:
I must have missed it, but why are people so hyped over hardware fixes for Spectre/Meltdown?
Well for one none has any idea how "smeltdown" affects real world applications long term, including but not limited to DC, cloud, HPC et al. The internal data they have will not be published IMO, though the vast majority of them have felt the brunt of it. The impact is non negligible to enormous, Reddit has some data but there's not much transparency about the impact from either the use nor the chip vendors.
Posted on Reply
#17
bug
"R0H1T said:
Well for one none has any idea how "smeltdown" affects real world applications long term, including but not limited to DC, cloud, HPC et al. The internal data they have will not be published IMO, though the vast majority of them have felt the brunt of it0. The impact is non negligible to enormous, Reddit has some data but there's not much transparency about the impact from either the use nor the chip vendors.
That doesn't make sense. Whether you have the fixes in hardware or in firmware, your statements are still true. So the question remains: why prefer the hardware solution?
Posted on Reply
#18
R0H1T
"bug said:
That doesn't make sense. Whether you have the fixes in hardware or in firmware, your statements are still true. So the question remains: why prefer the hardware solution?
The assumption is that hardware fixes will result in lower performance penalty, that's what most think/hope will happen. However there's no benchmarks to gauge the validity of the statement. I also believe personally that hardware fixes may not be the best solution, however Intel & their customers cannot take security for granted so regardless of the silicon version ~ they'll have to incorporate it via software or hardware. None of the big players can afford a security breach knowing what's out in the public domain, likewise Intel (or AMD for spectre) cannot hide in this day & age just because they have hardware to sell.
Posted on Reply
#19
bug
"R0H1T said:
The assumption is that hardware fixes will result in lower performance penalty, that's what most think/hope will happen. However there's no benchmarks to gauge the validity of the statement. I also believe personally that hardware fixes may not be the best solution, however Intel & their customers cannot take security for granted so regardless of the silicon version ~ they'll have to incorporate it via software or hardware. None of the big players can afford a security breach knowing what's out in the public domain, likewise Intel (or AMD for spectre) cannot hide in this day & age just because they have hardware to sell.
Well, since the vulnerability is in fetched data, the only fix is not to fetch the data. The performance impact would be the same.
A hardware fix is the best solution, however its only advantage over a firmware fix is that you know it's always there. That's why I don't fret over it being in hardware.

As for security breaches and stuff, I'm not particularly worried. You can't reliably read data using these vulnerabilities, you can only glimpse at bits and pieces. Still need to be plugged, but for the time being I'm ok knowing there are fixes and they'll eventually be set in stone/silicon.
Posted on Reply
#20
R0H1T
"bug said:
Well, since the vulnerability is in fetched data, the only fix is not to fetch the data. The performance impact would be the same.
A hardware fix is the best solution, however its only advantage over a firmware fix is that you know it's always there. That's why I don't fret over it being in hardware.

As for security breaches and stuff, I'm not particularly worried. You can't reliably read data using these vulnerabilities, you can only glimpse at bits and pieces. Still need to be plugged, but for the time being I'm ok knowing there are fixes and they'll eventually be set in stone/silicon.
That is indeed a good solution, however not the best one. For instance the original spectre & meltdown discoveries have lead to a dozen+ similar findings. Now when the hardware fix is introduced, it brings another variable to the equation, an unknown element & the results of which can only be observed & evaluated in due course of time.

The hardware fix may resolve the vulnerabilities completely, or it may not, however your point of it being always there is more pertinent. The fix could also open up other avenues for "smeltdown" & this is why we can't IMO fully "fix" the current uarches.
Posted on Reply
#21
bug
Well, if the fix is "stop fetching data eagerly", it can't possibly open up new attack vectors.
Anyway... we all know this is a cat and mouse game that will not come to any conclusion during our lifetimes.
Posted on Reply
#22
londiste
So, with the possible exception of 3a, Intel's new processors are now on par with AMD's when it comes to these Spectre/Meltdown issues?
Posted on Reply
#23
Slizzo
"WikiFM said:
So Core X 9th generation is exactly the same at silicon level as the 7th gen? No thanks...

The news title needs fixing since just Meltdown is fixed, not Spectre.
Mostly the same. Except these Skylake X Refresh parts are on the 14nm++ process instead of the older 14nm+ that the previous Skylake X chips are on.
Posted on Reply
#24
mouacyk
"Slizzo said:
Mostly the same. Except these Skylake X Refresh parts are on the 14nm++ process instead of the older 14nm+ that the previous Skylake X chips are on.
Hold on. Where are the benchmarks? I/O was hit the hardest.
Posted on Reply
#25
Xx Tek Tip xX
I wonder how the performance improvement is in this refresh, my x299 board is getting curious : )
Posted on Reply
Add your own comment