'Kernel Memory Leaking' Intel Processor Design Flaw Forces Linux, Windows Redesign

According to The Register, "A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug." From the report: Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in this month's Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December. Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features -- specifically, PCID -- to reduce the performance hit. Similar operating systems, such as Apple's 64-bit macOS, will also need to be updated -- the flaw is in the Intel x86 hardware, and it appears a microcode update can't address it. It has to be fixed in software at the OS level, or buy a new processor without the design blunder. Details of the vulnerability within Intel's silicon are under wraps: an embargo on the specifics is due to lift early this month, perhaps in time for Microsoft's Patch Tuesday next week. Indeed, patches for the Linux kernel are available for all to see but comments in the source code have been redacted to obfuscate the issue. The report goes on to share some details of the flaw that have surfaced. "It is understood the bug is present in modern Intel processors produced in the past decade," reports The Register. "It allows normal user programs -- from database applications to JavaScript in web browsers -- to discern to some extent the contents of protected kernel memory. The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI."

FOOF

[OverlordQ]

About par for Intel's course. Make it fast at the expense of horrible bugs.

In all fairness...

Intel guys are doing the bulk of the work for the linux kernel changes, and I'm sure to be fair they'll equally cripple all processors with the changes not just their own.

Re:In all fairness...

[sjames]

That bolster's AC's point. It looks like the Intel guys were going to cripple performance for everyone until the patch from AMD removed the unnecessary crippling from AMD processors.

Re:In all fairness...

[sexconker]

Well, I'm guessing the approach was more along the lines of "an abundance of caution with the X86 ISA" as opposed to deliberate malice towards AMD.

Hi. Have you met Intel?

Re: In all fairness...

[viperidaenz]

They didn't explicitly create a patch for AMD CPU's. They made changes that patch ALL x86 CPU's, regardless of vendor.
AMD submitted a vendor check to disable the patch for AMD CPU's

Re:How could this be abused?

[OverlordQ]

You're running in EC2 on shared hardware. Your instance can read the memory of other instances running on the same physical hardware.

Re:tanenbaum's revenge?

[mikael]

And this comment. Someone could feel the storm coming.

KAISER: hiding the kernel from user space

Posted Nov 16, 2017 7:21 UTC (Thu) by alkbyby (subscriber, #61687) [Link]
Looks like something bad is coming. Such as mega-hole maybe in hardware that can be mitigated by hiding kernel addresses.

Otherwise I cannot see why simply hiding kernel addresses better, suddenly becomes important enough to spend massive amount of cpu on it.

- This isn't the first time. There was a problem a decade ago with Intel CPU's, when separate process threads could access each others data through cache memory.

Re:five to 30 per cent slow down

[LinuxIsGarbage]

If the choice is a 30% slowdown or a massive highly dangerous security flaw, the developers will pick the 30% slowdown.

As it is it seems a lot of developers choose "30% slowdown" over "spend some time to write not shit code".

"Premature optimization is the root of all evil" gets turned to "Do no optimization whatsoever, have no understanding of underlying hardware, and pick the latest trendiest framework that runs on top of 5 layers of framework to provide 6502 performance from an i7."

Re:five to 30 per cent slow down

[sjames]

They don't have a choice. The cost is quite believable since the workaround involves mapping the kernel in and out of the process space for every system call. Keeping it mapped in and keeping the page tables hot in the cache helps performance a lot.

The real fix involves new silicon.

TO BIG TO FAIL

No slowdown caused by Intel because they will SELL you a new CPU.
And no slowdown on your iPhone because Apple will SELL you a new battery,
          In both cases: THESE ARE DEFECTIVE PRODUCTS.
In both cases you must pay a 2nd time for performance you already paid for.
Silicon Valley and American Quality have reached a new low.
          What a joke!!!
It's not just the banks that are TO BIG TO FAIL.

Re:How could this be abused?

[Mad+Merlin]

When you cheap out, you lose.

You're assuming that the cloud works out cheaper. Sometimes it does, but for many cases it does not (and it's not even close).

Re:FUCKWIT

[Waffle+Iron]

I'm not in the habit of running random binaries downloaded from the Internet

As TFS implies, given that Javascript required to do almost anything on the web, you are most likely downloading and running random code from the internet that could potentially exploit this bug hundreds of times every day.