Slashdot Mirror
Google Says CPU Patches Cause 'Negligible Impact On Performance' With New 'Retpoline' Technique (theverge.com)
In a post on Google's Online Security Blog, two engineers described a novel chip-level patch that has been deployed across the company's entire infrastructure, resulting in only minor declines in performance in most cases. "The company has also posted details of the new technique, called Retpoline, in the hopes that other companies will be able to follow the same technique," reports The Verge. "If the claims hold, it would mean Intel and others have avoided the catastrophic slowdowns that many had predicted." From the report: "There has been speculation that the deployment of KPTI causes significant performance slowdowns," the post reads, referring to the company's "Kernel Page Table Isolation" technique. "Performance can vary, as the impact of the KPTI mitigations depends on the rate of system calls made by an application. On most of our workloads, including our cloud infrastructure, we see negligible impact on performance." "Of course, Google recommends thorough testing in your environment before deployment," the post continues. "We cannot guarantee any particular performance or operational impact."
Notably, the new technique only applies to one of the three variants involved in the new attacks. However, it's the variant that is arguably the most difficult to address. The other two vulnerabilities -- "bounds check bypass" and "rogue data cache load" -- would be addressed at the program and operating system level, respectively, and are unlikely to result in the same system-wide slowdowns.
Notably, the new technique only applies to one of the three variants involved in the new attacks. However, it's the variant that is arguably the most difficult to address. The other two vulnerabilities -- "bounds check bypass" and "rogue data cache load" -- would be addressed at the program and operating system level, respectively, and are unlikely to result in the same system-wide slowdowns.
Penis
This is a hardware level problem. This will be continued to be exploited pretty much indefinitely. In my estimation this is the single biggest security problem ever created. My advice? Mortgage your house, cash out the retirement fund, and dump it all into AMD. Because Intel is going to be destroyed by lawsuit after lawsuit.
From https://www.pcworld.com/article/3245810/security/how-to-protect-your-pc-meltdown-spectre-cpu-flaws.html
Microsoft updated Edge and Internet Explorer alongside Windows 10. Firefox 57 also wraps in some Spectre safeguards. Chrome 63 made “Site Isolation” an optional experimental feature. You can activate it right now by entering chrome://flags/#enable-site-per-process into your URL bar, then clicking Enable next to “Strict site isolation.” Chrome 64 will have more protections in place when it launches on January 23.
the propaganda. Do it for the eCONomy.
Pentium 4.99989 disaster seems like yesterday.
I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
Or just Buy AMD & get no slow down with more pci-e lanes.
This isn't a "chip-level" patch. The spin control here is admirable.
This probably offers a false sense of security. It's very possible that there are bugs lurking in AMD hardware that are just as severe. Just because AMD processors aren't susceptible to Meltdown doesn't mean there aren't other vulnerabilities unique to AMD processors.
ae911truth dot org
Google's technique is to patch binaries so that branches/calls don't use the branch prediction mechanism of the CPU, which has a small performance hit but much smaller than KPTI. I suppose the presumption is that harmful code which uses the technique would have to compile it into their binary since most OS's prevent the self-modification of code segments/TLB entries once they've been placed into memory by the OS loader. But what about code segments generated entirely at runtime, including from interpreters and libraries like libjit?
amd needs desktop level server chips / ipmi boards. Like intel exon-e3
Ryzen PRO chips fully support ECC so we just need a few boards with IPMI
ThreadRipper is an nice workstation system.
Threadripper boards with IPMI will be nice as it has higher clocks with less cores then epyc chips.
an full eypc board is overkill for smaller site hosts.
...is your micropenis.
How is patching software a 'chip-level patch?' Is the summary that wrong?
It works for Google because they run everything on their own infrastructure and have full control over it. They don't run it on someone elses "cloud". Rather ironic.
and more shills!
The parent should not be at -1. Someone needs to lose moderator access.
Switching to AMD processors is not protection from the Spectre vulnerability. Why would you assume there aren't any other serious vulnerabilities in AMD hardware? While AMD processors aren't vulnerable to the Meltdown bug, the OP is still advice of dubious value.
The two posts in this article from the poster of the original comment both appear to be AMD astroturfing. It would appear that another AMD shill has mod points.
Stop with the off-topic AMD spam. And yes, your post is spam, and completely irrelevant to the thread. AMD is also susceptible to the Spectre bug, and it's not a stretch at all to suspect there may be additional bugs in AMD hardware. Stop astroturfing.
This incident highlights the importance of maintaining vendor diversity in data centers. Modern processors are complex enough that it is not unlikely that any given design has problems waiting to be discovered. It would seem wise for large-scale clients to hedge their bets by having a mix of devices carrying their workload. Imagine the damage if someone discovered a means of bricking Intel processors and added the payload to one of the better viruses.
AMD's Trustzone based equivalent of Intel ME/TPM/DRM which you STILL DON'T CONTROL THE SIGNING KEY TO.
Plus they were marketing Secure Processor as one of Vega's new features over Polaris, so why you would touch current generation AMD, Intel, or Nvidia hardware if you didn't have to is beyond me.
VIA is apparently getting back in the game, but unless they got pressured to be the most openest company ever in order to carve away american x86 marketshare, they are going to fumble this attempt just like their last half dozen: By having an ok but slightly expensive batch of hardware and a complete and total refusal to disclose the hardware documentation necessary to make it actually work anywhere, probably even including under windows!
More Intel spin. Spectre and Meltdown are different flaws. Meltdown is severe and unfixable and only affects Intel.
Meltdown patch (KPTI) will still hurt applications with lots of syscalls, or lots of userspace->kernel context switches.
True, but few have been this big in scope.
Google has created "retpoline", a technique which allows an indirect branch (e.g. a vtable call) to occur in a way that effectively disables speculative execution by isolating branch target prediction into a safe effectless loop. This addresses Variant 2 (aka Spectre).
Retpoline does not depend on or assist a CPU or an OS patch: it is done purely at the software level, per-app, by a compiler. There is no simple OS-wide patch.
Google says a retpoline call has performance "within cycles" of a regular old mispredicted branch. The zero-cost predictions we're used to are a thing of the past, because it effectively forces misprediction. I'd be curious to see a benchmark of an indirection-heavy platform like .NET.
This does not help address or optimize Variant 3, which is what the big kernel patches for Page Table Isolation are needed for. So, your I/O-dependent apps like databases are still going to take a big performance hit. Nor does it address Variant 1.
Google is dependant on Intel CPUs at the moment and has a vested interest in not saying well our cloud just got 5-30% percent slower.
These three exploits are instances, not three different principles. The principle is the same, and there is no reason to suspect that there won't be more instances that follow that principle. CPUs speculatively execute code and load cache lines based on that execution. Intel CPUs can furthermore access privileged memory when unprivileged code is executed speculatively. That's the principle. The way the speculatively executed code is guarded and the speculative window is widened differs between the three exploits, but if you only protect against these three attacks, you leave the fundamental principle available to different exploitation. KPTI prevents privileged memory accesses from userland code no matter how the CPU is coaxed into making these speculative accesses. It does have a performance impact, but at least it addresses all as yet unknown ways of exploiting speculative execution.
Google's technique ... has a small performance hit but much smaller than KPTI.
Keep in mind Google's technique (retpoline) is not an alternative to KPTI. Retpoline addresses Variant 2. KPTI addresses Variant 3. Both are required.
Not only do they misspell the name of the mitigation technique, the "retpoline" technique only protects against the indirect branch variant of Spectre. The fix for Meltdown is still KPTI, with all the same overhead that involves. The "negligible inpact on performance" is on top of the KPTI changes.
Why do a performance downgrade patch on a closed ecosystem farm? If you are not going to run outside code why would you bother patching?
I made sure that damn Microsoft/intel patch was uninstalled and hidden from my updates. I run AMD processors, so take your FUD elsewhere.. This is an Intel problem!
Everyone rightly talks about the 3-4 variants and what CPUs were hit.
However, for those of use looking for a fix for what hardware we have, are there any tables listing by OS and OS version the earliest (and thus downstream likely) are patched?
Especially for Android, since that's a cluster?uck. Besides the various versions, there are various manufacturers that stopped applying software updates. There are people that root their devices to run mods that are patched, derived from the latest updated versions from Google. It'd be nice to see when Google patched what and when so people can determine what they are running is likely patched or not. If Goole knew about these sort of vulnerabilities, did they update KitKat and Lollipop? When was, assuming, Marshmallow and Nougat updated?
Is anyone running their cloud on AMD?
This probably offers a false sense of security. It's very possible that there are bugs lurking in AMD hardware that are just as severe. Just because AMD processors aren't susceptible to Meltdown doesn't mean there aren't other vulnerabilities unique to AMD processors.
And sticking with Intel even after this patch probably offers a false sense of security. It's very possible that there are more bugs lurking in Intel hardware that are just as severe. Just because Intel processors have been patched for Meltdown doesn't mean there aren't other vulnerabilities unique to Intel processors.
Think of the problem as a Venn diagram and the two CPU "vulnerabilities" as lists of CPU's within the diagram.
Some cpu generations will have both issues. Some one issue. Very few will not have any problem.
Domestic spying is now "Benign Information Gathering"
It also applies to ARM.
There was no competition to Intel for high end , data centre CPU, AMD did leave the high end market for like five years and only recently came back with the Ryzen, Arm64 is raw and not even close in performance, and multicore architecture like PEZY lacks software (just like intel KNL). Intel was pretty much the only choice if you cared for performance.
slashdot takes a GIANT payoff from Intel, and publishes this POS.
The articlke refers to an Intel (partial) fix for the irrelevant SPECTRE bug- a bug that has no known real-world problem case on AMD- but a bug that is no different from a pile of earlier security issues that have had microcode/Bios/OS patches with minimal performance impact.
Intel's REAL FLAW is MELTDOWN- one of the flaws this lyiong article stated does not matter. Meltdown CANNOT be fixed in the Intel chip itself, and requires constant flushing and state resets of all core memory subsystems for every system and IO call. In the worst REAL-WORLD case, all Intel CPUs are slowed down by more than 50%- you read that right >50%.
So Slashdot has taken a bung to write about Intel partially fixing a problem no-one cares about- to imply Intel has fixed Meltdown- which Intel CANNOT do.
Meltdown describes the NSA backdoor built into all Intel CPUs- a backdoor that grants NSA user code access to ring-0 data. AMD has a comnpletely different memory architecture that does not allow this.
PS note all the usual mainstream zionist outlets, like the BBC, CNN, NYT etc, have been going to bat for 'jewish' Intel- publishing thier standard fake news about how the security issue is 'overblown' and anyway it also affects AMD. The same jewish control that has eliminated any proper coverage of Israeli atrocities against 'non-jews' this Xmas is also saturating outlets with pro-Intel FUD.
little or no hit to passmark performance. I haven't got any games installed to test at the moment but passmark's GPU/CPU usually give me a good idea where I'd wind up. My VMs are running fine too.
Hi! I make Firefox Plug-ins. Check 'em out @ https://addons.mozilla.org/en-US/firefox/addon/youtube-mp3-podcaster/
How does the RETPOLINE mitigation applied to binaries deal with dynamically (JIT) de-compressed or unencrypted code? The ability for speculative pre-fetching to gather data that's normally off-limits to a process seems like a huge can of worms for code that can be pre-processed by the mitigation.
/unrelated/ I'm not up-to-speed on webasm, but I can see how a vuln might be crafted from an instruction stream since the assembly generator is (presumably) following a recipe.
The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
It also applies to ARM.
No it fucking doesn't. Spectre, the lesser, affects AMD, Intel, and ARM, but Meltdown is *intel specific*.
Sorry, but ARM says it does apply to some of the ARM models. Variant 3: rogue data cache load (CVE-2017-5754) is Meltdown.
https://developer.arm.com/support/security-update
For AMD's sake, I hope their assessment about Ryzen's different architecture is 100% correct. If someone should come up with a POC working on these, AMD would be completely screwed.
"Lesser" is subjective. It appears that Meltdown can be mitigated if not negated by the KAISER patches to operating systems but Spectre needs to have software (and not only kernels) recompiled or partially rewritten.
CAPTCHA: surgeons
Intel folks are out in force. It's so obvious, it's pointless... obfuscate, comflate and try and muddy the waters.
Read the actual papers, marketing spin is just marketing spin.
It would be good to have speculative execution protection as a compiler option rather than as a patch to binaries. This could tune the protection to what is necessary for each specific processor.
I think this would make sense if you had the vendors at rough sales parity and the virtualization vendors had healthy experience on both platforms so all the gotchas of moving live workloads between CPU vendors were understood and mitigated.
It might actually not work well or require heterogeneous vendor-specific clusters to avoid CPU feature masking that dumbed both vendor platforms to some lowest common denominator.
No. Meltdown affects Intel & ARM. AMD is not affected.
Spectre affects Intel, ARM, & AMD.
All in-order cores are safe from the issue, which likely also means Intel In-Order cores are as well (IE Intel Atoms before the switch to out of order processing!)
Besides that, most of the Big Endian processors already kept seperate cache lines/page tables for kernel vs user space and are apparently not affected as a result, even if they do speculative execution on out of order processors.
Well, but ARM have been able to push fixes for the KPTI themselves, without even waiting for 'Google' to save the day - or not
Google, Microsoft, and Amazon dwarf Intel. They should not be waiting around for sales parity. They should be creating vendors if the vendors they need aren't there.
In past industries, powerful industries would foster competition amongst their suppliers even if it involved significant loss. It is a necessary business expense that leads to many benefits including competition, diversity in supply (we are vulnerable to terrorists taking out foundries and countries cutting chip supplies today), and diversity in design that helps with problems like the one we just encountered.
I'm not sure why tech operations don't concern themselves as much with this though perhaps they are starting to. It may be a maturity thing. There seem to be more cases of manufacturers using multiple suppliers cropping up lately. Apple intentionally uses both Intel and Qualcomm in phones. Samsung is using both a Qualcomm processor and one of their own design in the S9 generation.
In the data center arena we may be at a threshold. There is renewed competition from AMD and long-shot entries like Qualcomm's 48-core ARM chip. There are also efforts such as Google's TPU to make huge efficiency gains with custom silicone. Those efforts could spread to asking themselves whether they could create a better processor or offload other computation loads onto custom silicone. They can afford to spend a lot of dough to save power or protect their business.
Hopefully, this problem will end up being the catalyst for the big data center operators to do whatever it takes to foster competitors. Such a critical market should have at least three viable suppliers with very different designs and diverse manufacturing centers.
My guess is that the broadest explanation is that Google, Microsoft and Amazon largely want x86 compatibility because of the efficiencies associated with the network effect of a widely adopted processor, both in terms of software availability and in terms of platform stability.
As AMD (and failed competitors) have shown, a competing platform to Intel's CPUs isn't easy to pull off. Google, et al, could pay a subsidy to AMD to produce a competing product but there's no guarantee they would get one and they would probably rather spend that money investigating a competitive product they alone would benefit from (like a custom ARM design for their own data center use).
No thanks, I don't need another heater operating next to my feet.