Meltdown - Intel CPU design flaw affecting all OS platforms

Sun For Miles · 2018-01-04 11:54:21

As you've probably heard, a massive scandal is happening right now regarding Intel about a fatal CPU design flaw which allows programs (or even websites) to read content of a private kernel memory.

Operating systems affected:

- Windows (updates are ready)
- Linux (updates are ready)
- MacOS (update was already in place on December 6th 2017)

OS performance hit after update varies depending on appliactions you (or a server) are using. The biggest slowdown will be for hosting companies where the cost is measured in electricity and harware converted to net gain (so far I have only a friend's report where he stated that big hosting platform running Postgres is hit by 17% slowdown).

Intel CEO sold $24mil of company's shares in November, and Google notified them they've found this flaw in June. Intel then alerted Apple, MS, Canonical, etc under NDA about this. It is expected that Intel will go public with this on January 9th.

Last edited by Sun For Miles (2018-01-04 12:00:54)

Sector11 · 2018-01-04 15:16:34

Hit the local news here this morning. I'm runnng AMD so that's cool - locally, but any service on line ...

Can't recall if then mentioned if it was an Intel problem though.

Last edited by Sector11 (2018-01-04 15:17:25)

vinzv · 2018-01-04 16:42:20

earlybird wrote:

Anyway, I wonder how big the impact on my laptop computer will be (I'm not thrilled by losing even 5% of performance because the device is already slowish). Unfortunately, in the laptop market, Intel is the only choice if you need great battery life (the pstate driver is very good (experience is limited to Haswell)). The solution is probably going to be to buy an i7 instead of i5 in order to compensate for the performance loss...

German tech website Computerbase ran some benchmarks with recent Kabylake CPUs: https://www.computerbase.de/2018-01/int … itsluecke/
They also took an Intel Core i7-4600U which gave no real loss on performance besides measurement inaccuracies.

In general the figures of "...30% loss on performance..." haunting through tech press have to be taken with a grain of salt as these are extreme examples. As long as there aren't any in-depth benchmarks I wouldn't rely on any thing circulating.

greystarr · 2018-01-04 18:43:53

Sector11 wrote:

Hit the local news here this morning. I'm runnng AMD so that's cool - locally, but any service on line ...
Can't recall if then mentioned if it was an Intel problem though.

AMD is effected, not all chips but a few I believe. The tested variants from Google are in the link below alongside a statement provided by AMD in regards to the flaw.

https://googleprojectzero.blogspot.com/
http://www.amd.com/en/corporate/speculative-execution

BLizgreat! · 2018-01-04 23:28:22

Been a rough one for Intel and a happy new year. All this has me thinking about going AMD only in future, first the Minix thing, which I view as mostly harmless anyway, now this. Far as I know, this old system/cpu isn't affected by this but 17% performance hit definitely qualifies as an ouchie for sys-admins. Intel step up your game !

vinzv · 2018-01-04 23:40:53

Imho Intel for way too long has been resting on their crown. But looking at AMD's driver code quality doesn't make me trust them too far.
As earlybird wrote: it's about time for some really dedicated vendor!

C#Coder4ever · 2018-01-05 03:39:45

While I'm glad to be on AMD (at least on the primary system), it seems ALL modern CPU's are affected by Spectre, though Meltdown appears to be an Intel-exclusive issue at the moment.

jr2 · 2018-01-05 03:48:30

(ninjad by C#)
It seems there are two CPU bugs just coming up.

Meltdown: Intel, fixes out but performance hit.

Spectre: Intel, AMD and ARM, fix will take time.

https://www.japantimes.co.jp/news/2018/ … ters-risk/

ector1935 · 2018-01-05 10:43:31

It seems that it is a very serious thing for all CPUs!
And the corrections seem to be different
https://www.tomshw.it/bug-microprocesso … ctre-90564

https://googleprojectzero.blogspot.it/2 … -side.html

Last edited by ector1935 (2018-01-05 10:53:57)

bigbenaugust · 2018-01-05 15:16:23

Time for a RPi port of BL?

Also, I see I have a new kernel update today... hmm... hang on while I reboot.

Sector11 · 2018-01-05 15:26:31

I'm going to hold off on those:

Fetched 164 MB in 1min 19s (2,059 kB/s)                                                                          
Retrieving bug reports... Done
Parsing Found/Fixed information... Done
critical bugs of linux-image-3.16.0-4-amd64 (3.16.43-2+deb8u5 → 3.16.51-3) <Outstanding>
 b1 - #884762 - linux-image-3.16.0-4-amd64: Kernel panic on boot (rest_init / build_sched_domains) make system unbootable
serious bugs of thunderbird (1:52.4.0-1~deb8u1 → 1:52.5.2-2~deb8u1) <Resolved in some Version>
 b2 - #885157 - thunderbird: Upgrading from 1:52.5.0-1 to 1:52.5.2-1 enforces the AppArmor profile (Fixed: thunderbird/1:52.5.2-2)
Summary:
 linux-image-3.16.0-4-amd64(1 bug), thunderbird(1 bug)
Are you sure you want to install/upgrade the above packages? [Y/n/?/...]

vinzv · 2018-01-05 16:03:56

bigbenaugust wrote:

Time for a RPi port of BL?

Haven't tried it myself yet but as there are BL packages for armhf available you could just take Raspbian Lite and run BL install script afterwards.

bigbenaugust · 2018-01-05 16:53:05

Sector11 wrote:

I'm going to hold off on those:

Fetched 164 MB in 1min 19s (2,059 kB/s)                                                                          
Retrieving bug reports... Done
Parsing Found/Fixed information... Done
critical bugs of linux-image-3.16.0-4-amd64 (3.16.43-2+deb8u5 → 3.16.51-3) <Outstanding>
 b1 - #884762 - linux-image-3.16.0-4-amd64: Kernel panic on boot (rest_init / build_sched_domains) make system unbootable
serious bugs of thunderbird (1:52.4.0-1~deb8u1 → 1:52.5.2-2~deb8u1) <Resolved in some Version>
 b2 - #885157 - thunderbird: Upgrading from 1:52.5.0-1 to 1:52.5.2-1 enforces the AppArmor profile (Fixed: thunderbird/1:52.5.2-2)
Summary:
 linux-image-3.16.0-4-amd64(1 bug), thunderbird(1 bug)
Are you sure you want to install/upgrade the above packages? [Y/n/?/...]

Oh, this is in my Helium box, so it's 4.9. I haven't checked my Deuterium box at home since last night... but that doesn't look good.

bigbenaugust · 2018-01-05 18:06:22

vinzv wrote:

Haven't tried it myself yet but as there are BL packages for armhf available you could just take Raspbian Lite and run BL install script afterwards.

Hmmm... shoot, I just upgraded it to Raspbian Stretch, too.

greystarr · 2018-01-05 18:46:21

C#Coder4ever wrote:

..it seems ALL modern CPU's are affected by Spectre, though Meltdown appears to be an Intel-exclusive issue at the moment.

I've been trying to explain this to everyone that I talk to, however, no one is in that much of a panic that I can see.

“Intel believes these exploits do not have the potential to corrupt, modify or delete data.” Indeed, the attacks and exploits reported so far can suck data out of the kernel, but not put any data back into kernel space.

https://nakedsecurity.sophos.com/2018/0 … s-patches/

At least that's what they believe. No big deal.. lol.

tknomanzr · 2018-01-05 19:33:17

vinzv wrote:

bigbenaugust wrote:
Time for a RPi port of BL?
Haven't tried it myself yet but as there are BL packages for armhf available you could just take Raspbian Lite and run BL install script afterwards.

This is something I would like to have the time to do.

dobl · 2018-01-05 19:46:25

C#Coder4ever wrote:

..it seems ALL modern CPU's are affected by Spectre, though Meltdown appears to be an Intel-exclusive issue at the moment.

no, not only macOS powered hardware but iOS too which means ARM cpu's by Apple have the same problems as Intel's.
As they advised: only S* processors are safe, be it actually design or watchOS feature.
"near zero risk" in AMD PR probably means that total block is much easier to execute by patching

Last edited by dobl (2018-01-05 20:03:18)

C#Coder4ever · 2018-01-05 20:10:06

dobl wrote:

C#Coder4ever wrote:
..it seems ALL modern CPU's are affected by Spectre, though Meltdown appears to be an Intel-exclusive issue at the moment.
no, not only macOS powered hardware but iOS too which means ARM cpu's by Apple have the same problems as Intel's.
As they advised: only S* processors are safe, be it actually design or watchOS feature
"near zero risk" in AMD PR probably means that total block is much easier to execute by patching

Umm that's what I said?

as for the second part, all my whats.

Last edited by C#Coder4ever (2018-01-05 20:10:58)

ector1935 · 2018-01-05 20:39:13

https://newsroom.intel.com/news-release … -exploits/

vinzv · 2018-01-05 22:41:32

tknomanzr wrote:

vinzv wrote:
bigbenaugust wrote:
Time for a RPi port of BL?
Haven't tried it myself yet but as there are BL packages for armhf available you could just take Raspbian Lite and run BL install script afterwards.
This is something I would like to have the time to do.

Similar here. At first I need to find time for digging after a RPi in my basement... *sighs*

#1 2018-01-04 11:54:21

Meltdown - Intel CPU design flaw affecting all OS platforms

#2 2018-01-04 15:16:34

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#3 2018-01-04 16:42:20

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#4 2018-01-04 18:43:53

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#5 2018-01-04 23:28:22

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#6 2018-01-04 23:40:53

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#7 2018-01-05 03:39:45

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#8 2018-01-05 03:48:30

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#9 2018-01-05 10:43:31

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#10 2018-01-05 15:16:23

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#11 2018-01-05 15:26:31

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#12 2018-01-05 16:03:56

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#13 2018-01-05 16:53:05

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#14 2018-01-05 18:06:22

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#15 2018-01-05 18:46:21

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#16 2018-01-05 19:33:17

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#17 2018-01-05 19:46:25

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#18 2018-01-05 20:10:06

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#19 2018-01-05 20:39:13

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

#20 2018-01-05 22:41:32

Re: Meltdown - Intel CPU design flaw affecting all OS platforms

Board footer