• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Major Intel CPU Hardware Vulnerability Found

Status
Not open for further replies.
Last edited:
Last edited:
Last edited:
Your right @P4-630 I assumed it was a i7-6700 as reported.
 
I smell a class action suit for misrepresenting and allowing a flawed product line to be pushed on users since 2007.
 
cdawall said:
As technically advanced as modern cpus are I am astonished more like this isn't found from both sides. AMD had an errata with zen already that they managed to fix right before release this popping up makes me curious if they actually fixed it.
Click to expand...
Yes they have: they fixed many things in the microcode and any faulty processors were replaced I believe (for the linux bug). AMD made a mistake and fixed it IMMEDIATELY, whereas Intel can and will not!!!! Ten years worth of processors will have to be replaced to fix this!

EDIT: not all gamers will be affected it seems. https://www.phoronix.com/scan.php?page=news_item&px=x86-PTI-Initial-Gaming-Tests
Maybe coffee lake has a fix or maybe vega just doesn't rely on the cpu enough The comment section is really interesting. If the 6700k is affected though, I'll hazard a guess the 7700k is too and only the newest CPU's aren't affected too much if at all. That would make the lawsuits much more interesting, since that would mean Intel figured out there was a major flaw and NEVER told anyone!
 
Last edited by a moderator:
Solaris17 said:
This guy gets it.

Same, from what I'v seen this might be close-ish to the AMB TLB bug back in the day. I dont remember anyone crying over there FX CPU performance back then and that software workaround IIRC is in windows to this day.
Click to expand...
I thought the problem was not the slowdown, or what the vulnerability did, but the end result is a patch that will reduce processor speeds under load by 5%-30%?
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.

Whenever a running program needs to do anything useful – such as write to a file or open a network connection – it has to temporarily hand control of the processor to the kernel to carry out the job. To make the transition from user mode to kernel mode and back to user mode as fast and efficient as possible, the kernel is present in all processes' virtual memory address spaces, although it is invisible to these programs. When the kernel is needed, the program makes a system call, the processor switches to kernel mode and enters the kernel. When it is done, the CPU is told to switch back to user mode, and reenter the process. While in user mode, the kernel's code and data remains out of sight but present in the process's page tables.

Think of the kernel as God sitting on a cloud, looking down on Earth. It's there, and no normal being can see it, yet they can pray to it.

These KPTI patches move the kernel into a completely separate address space, so it's not just invisible to a running process, it's not even there at all. Really, this shouldn't be needed, but clearly there is a flaw in Intel's silicon that allows kernel access protections to be bypassed in some way.

The downside to this separation is that it is relatively expensive, time wise, to keep switching between two separate address spaces for every system call and for every interrupt from the hardware. These context switches do not happen instantly, and they force the processor to dump cached data and reload information from memory. This increases the kernel's overhead, and slows down the computer.
 
Dont cry that much people, the solution is around the corner Ice lake;)
 
Ahhzz said:
I thought the problem was not the slowdown, or what the vulnerability did, but the end result is a patch that will reduce processor speeds under load by 5%-30%?
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.

Whenever a running program needs to do anything useful – such as write to a file or open a network connection – it has to temporarily hand control of the processor to the kernel to carry out the job. To make the transition from user mode to kernel mode and back to user mode as fast and efficient as possible, the kernel is present in all processes' virtual memory address spaces, although it is invisible to these programs. When the kernel is needed, the program makes a system call, the processor switches to kernel mode and enters the kernel. When it is done, the CPU is told to switch back to user mode, and reenter the process. While in user mode, the kernel's code and data remains out of sight but present in the process's page tables.

Think of the kernel as God sitting on a cloud, looking down on Earth. It's there, and no normal being can see it, yet they can pray to it.

These KPTI patches move the kernel into a completely separate address space, so it's not just invisible to a running process, it's not even there at all. Really, this shouldn't be needed, but clearly there is a flaw in Intel's silicon that allows kernel access protections to be bypassed in some way.

The downside to this separation is that it is relatively expensive, time wise, to keep switching between two separate address spaces for every system call and for every interrupt from the hardware. These context switches do not happen instantly, and they force the processor to dump cached data and reload information from memory. This increases the kernel's overhead, and slows down the computer.
Click to expand...

Thats the slow down we are talking about. The increased time in transactions.
 
So let me guess this straight. Intel has known about this since November according to this article https://www.techspot.com/news/72550...und-almost-all-intel-cpus.html#commentsOffset

Intel cashes out on Coffee Lake.

CEO's sale stock of Intel at end/beginning of new year.

and Windows 10, Intel, Nvidia, all have DRM dibs on HDR for Netflix. that monopoly sure is yummy.


I am going Vega 2 and Ryzen 2 this year. Enough is enough. HDR can suck it. AMD just announced a new hotfix will fix older SAGE DX9 games to working again despite all the uproar about it. AMD is for gamers and always has been, they just struggle with the cash flow. I'm fine with taking a performance hit, screw this crap Intel is pulling. Nvidia isn't so bad, but eh the telemetry increase in their drivers for the last 6 months is a little more than iffy imo.
 
lynx29 said:
So let me guess this straight. Intel has known about this since November according to this article https://www.techspot.com/news/72550...und-almost-all-intel-cpus.html#commentsOffset

Intel cashes out on Coffee Lake.

CEO's sale stock of Intel at end/beginning of new year.

and Windows 10, Intel, Nvidia, all have DRM dibs on HDR for Netflix. that monopoly sure is yummy.


I am going Vega 2 and Ryzen 2 this year. Enough is enough. HDR can suck it. AMD just announced a new hotfix will fix older SAGE DX9 games to working again despite all the uproar about it. AMD is for gamers and always has been, they just struggle with the cash flow. I'm fine with taking a performance hit, screw this crap Intel is pulling. Nvidia isn't so bad, but eh the telemetry increase in their drivers for the last 6 months is a little more than iffy imo.
Click to expand...
Intel's known about this longer, the patchwork for Linux started around that time or even earlier. There's lots of rotten fishes in this mess, hope they get caught though.
By Jonathan Corbet
November 15, 2017

All told, KAISER has the look of a patch set that has been put onto the fast track. It emerged nearly fully formed and has immediately seen a lot of attention from a number of core kernel developers. Linus Torvalds is clearly in support of the idea, though he naturally has pointed out a number of things that, in his opinion, could be improved. Nobody has talked publicly about time frames for merging this code, but 4.15 might not be entirely out of the question.
Click to expand...
https://lwn.net/Articles/738975/
 
cdawall said:
Sounds like a bunch of people will be screaming how great amd is here shortly, for a bug that affects basically no one on the forum. Lol
Click to expand...
Yeah, that's bad enough - there are already posters claiming nefarious motives by Intel here. :rolleyes: :( :kookoo:

Others are criticizing Intel for being secretive about this. Of course they are be secretive. In any security situation (not just computer security) you don't go blabber-mouthing your vulnerabilities to the world letting the bad guys know your weaknesses.

But forum posters are not the ones I am really worried about. It is the wannabe "journalists" - cough cough, choke choke - in the IT press (and their parrot followers) who will blow it all out of proportion with exaggerated or even false claims. Look at that The Register article from posts #13 and #20 above. They claim the flaw "has forced a significant redesign of the Linux and Windows kernels".

Significant redesign? Come on! There are over 30 million lines of code in Windows. Fixing bugs often takes a little as flipping one "bit" (once that bit is found - often a challenge in itself). It is the testing after that is significant!

Are there any, even one report this bug has been exploited? I don't think so.

So I say lets wait and see what happens before passing judgement on a topic we (1) likely don't have the expertise to fully understand and (2) don't yet have the full details of the vulnerabilities (and how they affect us) or the fix.
 
cdawall said:
Sounds like a bunch of people will be screaming how great amd is here shortly,
Click to expand...

That wont never happen even if they cut a 50% of performance from my Chip:p
 
Knoxx29 said:
That wont never happen even if they cut a 50% of performance from my Chip:p
Click to expand...

We all know Knoxx that you'd still buy intel even if they took you to potato-pc levels...
 
R-T-B said:
We all know Knoxx that you'd still buy intel even if they took you to potato-pc levels...
Click to expand...

You got it right Bro
 
I'd like to think that I've got a fix but... after these 3 suspension marks I leave it to your imagination; funny story ends.
 
....not the way to start the year off...blue team cant catch a break.
 
I hope they won't nerf older generations that aren't broken as well with the "patch" just so they could shill the 9th generation of CPU's that has the flaw fixed. If they do this I don't think I'll ever buy anything from Intel ever again.
 
Hugh Mungus said:
Yes they have: they fixed many things in the microcode and any faulty processors were replaced I believe (for the linux bug).
Click to expand...

Don't be so optimistic.

Most of the Ryzen non-TR processors running around and even some still for sale suffer from the linux bug.

It's actually rare to see one without it. Usually, if you got one, it's because it's hot off the line, or you complained like me, and likely had no pc for 2-weeks/months

RejZoR said:
I hope they won't nerf older generations that aren't broken as well with the "patch" just so they could shill the 9th generation of CPU's that has the flaw fixed. If they do this I don't think I'll ever buy anything from Intel ever again.
Click to expand...

It goes back to Core Duo series man...
 
Solaris17 said:
This guy gets it.

Same, from what I'v seen this might be close-ish to the AMB TLB bug back in the day. I dont remember anyone crying over there FX CPU performance back then and that software workaround IIRC is in windows to this day.
Click to expand...
It wasn't FX but the first Phenom series such as Phenom X4 9500.
R-T-B said:
It goes back to Core Duo series man...
Click to expand...
Some are suggesting it goes all the way back to the Pentium Pro?
 
Bill_Bright said:
Others are criticizing Intel for being secretive about this. Of course they are be secretive. In any security situation (not just computer security) you don't go blabber-mouthing your vulnerabilities to the world letting the bad guys know your weaknesses.
Click to expand...

So you wait whilst doing nothing until the whole thing just can't be kept under the rug anymore even though the "bad guys" would already know about it ? Of course , I suppose.
 
Have you read the offical statement from Intel yet?

I am not sure what to make of it, this is probably the most interesting part:

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Intel is committed to product and customer security and is working closely with many other technology companies, including AMD, ARM Holdings and several operating system vendors, to develop an industry-wide approach to resolve this issue promptly and constructively.
Click to expand...
 
Status
Not open for further replies.
Back
Top