Slashdot Mirror
NVIDIA GPUs Weren't Immune To Spectre Security Flaws Either (engadget.com)
Nvidia has became the latest chipmaker to release software patches for the Spectre microchip security threat, indicating that the chipset flaw was affecting graphic processors as well as CPUs. From a report: To that end, NVIDIA has detailed how its GPUs are affected by the speculative execution attacks and has started releasing updated drivers that tackle the issue. All its GeForce, Quadro, NVS, Tesla and GRID chips appear to be safe from Meltdown (aka variant 3 of the attacks), but are definitely susceptible to at least one version of Spectre (variant 1) and "potentially affected" by the other (variant 2). The new software mitigates the first Spectre flaw, but NVIDIA is promising future mitigations as well as eventual updates to address the second. Most of the updates are available now, although Tesla and GRID users will have to wait until late January.
NVIDIA GPUs do not do speculative execution. They do not have access to kernel memory. They are not susceptible to these flaws. These are patches in their drivers to account for CPU (not GPU) exploits. I.E. Intel and AMD flaws. I bet NVIDIA releases a clarification soon.
Holy shit this is bad reporting. Nowhere on the Nvidia page does it say that GPUs are actually affected by Spectre or Meltdown. It's in fact impossible since GPUs don't perform speculative execution. On top of that, GPUs don't run kernel code (so cannot leak it), don't run an OS, have a completely different architecture to begin with and so on.
So what's this announcement about? It's a driver update to mitigate Spectre/Meltdown which could potentially affect the driver's CPU code. This has also been confirmed by Nvidia many days ago.
Shameful reporting by Engadget, not that I'm surprised considering they barely qualify as "tech" reporting.
GP is right. Some tech journalist made a flawed deduction and the resulting entirely false story spread virally, even to slashdot. According to their official statement, Nvidia is simply updating its GPU drivers to help mitigate the CPU security issue, a normal and expected move that will be followed by many software vendors since spectre (specifically CVE-2017-5753) actually represents a new class of security vulnerabilities - like "buffer over-read" but different.
In answer to your post, while GPUs do support branching, they don't engage in branch prediction, which makes them immune. In simple terms, superscalar CPUs process data in a "scalar" fashion, but use all kinds of tricks (like speculative execution) to perform more ops per cycle than would be possible for an equivalent scalar design (hence "super"). While superscalar designs fulfill strong market pressure for high per-thread performance, they comes at the cost of using a lot of silicon (and power). Also, one of these "superscalar tricks" just now has turned out too tricky for its own good.
In contrast, GPUs take a whole different approach in getting around the inherent bottleneck of a scalar design: they perform simple operations on a whole array worth of data at once, and can be seen as a cluster of hundreds of simplified scalar CPUs running in parallel (to give an example of "simplified": they commonly share instruction decoding logic to some extent). The advantage of this approach is that you can use silicon for actual computations that would otherwise be "wasted" on "superscalar tricks", which is why GPUs have such phenomenal computational throughput per unit of power consumption compared to CPUs. The disadvantage is that your workload needs to be optimized for this design, which isn't always possible, leave alone easy. They're great for graphic rendering, though. ;)
Anyhow, given the above, you can see that some would argue that going superscalar would defeat the whole point of a GPU living alongside a CPU in the same box...