Intel Replaces its Buggy Fix for Skylake PCs (zdnet.com)

← Back to Stories (view on slashdot.org)

Intel Replaces its Buggy Fix for Skylake PCs (zdnet.com)

Posted by msmash on Thursday February 8, 2018 @04:40AM from the better-late-than-ever dept.

Intel has released new microcode to address the stability and reboot issues on systems after installing its initial mitigations for Variant 2 of the Meltdown and Spectre attacks. From a report: The stability issues caused by Intel's microcode updates resulted in Lenovo, HP, and Dell halting their deployment of BIOS updates last month as Intel worked to resolve the problems. Intel initially said unexpected reboots were only seen on Broadwell and Haswell chips, but later admitted newer Skylake architecture chips were also affected. Microsoft also said it had also seen Intel's updates cause data loss or corruption in some cases.

32 of 57 comments (clear)

Min score:

Reason:

Sort:

Re:it's to bad that they locked out nvidia from ch by drinkypoo · 2018-02-08 04:51 · Score: 1

At least with AMD you don't even need an chipset
What?

--
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
So wait a minute... by ckatko · 2018-02-08 04:54 · Score: 5, Funny

...Intel releases a fix to fix the fix that fixed what it was supposed to fix, but broke more stuff.
Is that right?
1. Re:So wait a minute... by jwhyche · 2018-02-08 04:56 · Score: 4, Informative
  
  Sounds spot on.
  
  --
  I read at +2. If your post doesn't reach that level I will not see or respond to it.
2. Re:So wait a minute... by TheDarkMaster · 2018-02-08 05:10 · Score: 1
  
  Almost. I think you forgot two or three fixes on your fixchain. :^)
  
  --
  Religion: The greatest weapon of mass destruction of all time
3. Re:So wait a minute... by Anonymous Coward · 2018-02-08 05:12 · Score: 1
  
  ...Intel releases a fix to fix the fix that fixed what it was supposed to fix, but broke more stuff.
  Is that right?
  Yes and no. You wording is ambiguous as to which of the fixes "broke more stuff". The previous fix broke more stuff. This latest fix does not (or at least not that we know of yet).
4. Re:So wait a minute... by Opportunist · 2018-02-08 05:20 · Score: 1
  
  Yup, that's the gist of it.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
5. Re:So wait a minute... by AmiMoJo · 2018-02-08 07:16 · Score: 1
  
  Doesn't fix the performance issues though.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
6. Re: So wait a minute... by Brockmire · 2018-02-08 10:47 · Score: 1
  
  Microcode is not a kernel patch. Sounds like you don't know what the fuck you're talking about.
7. Re:So wait a minute... by EETech1 · 2018-02-08 13:32 · Score: 1
  
  https://xkcd.com/1739/
  Heard that one before!
Cure is worse than the disease by JoeyRox · 2018-02-08 04:57 · Score: 5, Interesting

It seems to me the best way for Intel to pevent Meltdown exploits is by disabling Intel's TSX functionality (which I believe microcode can do), along with OS logic to terminate processes which generate an excessive number of protection exceptions for the same portion of code. The TSX change will force an exploit to throw exceptions for the indirect-memory access loop that probes for data values, and the OS change will then identify processes incurring these repeated exceptions inside a single block of code and then terminating it.
1. Re:Cure is worse than the disease by JoeyRox · 2018-02-08 08:57 · Score: 1
  
  GREAT IDEA!!! So how many is "excessive"?
  
  Since Meltdown exploits require an enormous number of exceptions to walk all of kernel memory the threshold could be set high to avoid false-positives, maybe a thousand exceptions. After that the OS UI could pop up a warning, giving the user the option to either terminate and/or black-list the app. Or white-list it so that future exceptions would be allowed/ignored.
2. Re:Cure is worse than the disease by amorsen · 2018-02-08 09:52 · Score: 1
  
  So you do 500 tests before you spawn a new process...
  Even if this pseudo-fix actually worked, it would only fix Meltdown and not Spectre.
  
  --
  Finally! A year of moderation! Ready for 2019?
3. Re:Cure is worse than the disease by JoeyRox · 2018-02-08 10:00 · Score: 1
  
  So you do 500 tests before you spawn a new process...
  
  Which the OS could alert the user to as well. It doesn't have to be confined to the number of exceptions for a single process.
  
  Even if this pseudo-fix actually worked, it would only fix Meltdown and not Spectre.
  
  It's only meant to address Meltdown, and without the performance penalty of moving the kernel out of the user process's address table.
4. Re:Cure is worse than the disease by cfalcon · 2018-02-08 10:02 · Score: 3, Interesting
  
  > is by disabling Intel's TSX functionality
  fucking AGAIN? Really????
  > (which I believe microcode can do)
  Yes, it can definitely disable TSX functionality. Like when TSX launched with Haswell, but it was fucked up, so they disabled it with microcode.
  Or when they fixed the Haswell problem and launched it with Broadwell, but it was fucked up, so they disabled with microcode.
  Skylake, of course, fixed the Broadewell problem...
  But now you're saying that TSX is the issue again? And that it needs to be disabled AGAIN? How many fucking chip generations do we have to go through before transactional fucking memory doesn't get patched out because OOPS it crashes the box or OOPS it gives double-super-ultra-root to enemy spies?
  Are you SURE that TSX is the issue? I didn't see anything in the article about TSX being the problem, but I'm not really read up on this.
5. Re:Cure is worse than the disease by JoeyRox · 2018-02-08 10:11 · Score: 2
  
  Are you SURE that TSX is the issue? I didn't see anything in the article about TSX being the problem, but I'm not really read up on this.
  
  TSX is what allows a Meltdown exploit to do its indirect probing of kernel space without generating exceptions the OS can detect. This allows it to execute much faster, and also avoid detection if the OS added the type of logic I suggested in my post.
6. Re:Cure is worse than the disease by Agripa · 2018-02-10 12:57 · Score: 1
  
  It seems to me the best way for Intel to pevent Meltdown exploits is by disabling Intel's TSX functionality (which I believe microcode can do), along with OS logic to terminate processes which generate an excessive number of protection exceptions for the same portion of code. The TSX change will force an exploit to throw exceptions for the indirect-memory access loop that probes for data values, and the OS change will then identify processes incurring these repeated exceptions inside a single block of code and then terminating it.
  Since the protection exceptions only happen in the speculated code which is never retired, they are not protection exceptions and the OS knows nothing about them.
7. Re:Cure is worse than the disease by JoeyRox · 2018-02-10 14:41 · Score: 1
  
  Since the protection exceptions only happen in the speculated code which is never retired, they are not protection exceptions and the OS knows nothing about them.
  
  That's incorrect. The exceptions occur, at least in the current working examples of the exploit. The Meltdown paper speculates about a possible technique of avoiding the exception by having the kernel-memory access logic within a conditional block that only gets executed speculatively by a trained branch-prediction path but I haven't seen any samples of that actually working.
Thank you Intel by 110010001000 · 2018-02-08 04:59 · Score: 1

I am now fully protected. Right?
1. Re:Thank you Intel by Anonymous Coward · 2018-02-08 05:08 · Score: 1
  
  er no, likely after this many cock ups the "fix" is anything but
  Wait a few months, patch, things SHOULD be okay...
  Who am I kidding, that is wonderland wishful thinking and I might as well live in reality.
  Intel will keep putting out shoddy shit until we all just stop talking about it and think its good enough, however based on this performance they haven't been doing anything very good for many many years.
  If there were more competition in the market, we would see crappy shops like intel start to get squeezed for their arrogance and incompetence.
2. Re:Thank you Intel by Opportunist · 2018-02-08 05:24 · Score: 3, Funny
  
  Well, at least your computer is now fixed the same way our dog is.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
3. Re:Thank you Intel by jwhyche · 2018-02-08 06:23 · Score: 4, Funny
  
  Well, at least your computer is now fixed the same way our dog is
  Speaking of. Have you ever noticed the difference between getting a dog and a cat fixed. A dog will wake up, go to lick its balls, and think "hey something is missing." But once you get them to the park with a ball, all if forgiven.
  Cats on the other, hand will sit across from you, staring at you going "where are they?"
  I think this fix is going to be something like a cat. It will just haunt you and haunt you....
  
  --
  I read at +2. If your post doesn't reach that level I will not see or respond to it.
4. Re:Thank you Intel by Opportunist · 2018-02-08 21:53 · Score: 1
  
  Found the cat.
  
  --
  We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Re:Exploited thru JavaScript by Anonymous Coward · 2018-02-08 05:57 · Score: 2, Informative

No. JavaScript is a programming language, and can a browser's JavaScript can exploit a PC/Mac/Linux machine, just like any other executable. Firefox has recently issued a fix to partially mitigate of these attacks. I've heard that the hackers are seeking technical blogs on WordPress and other easily hacked CMSs, just so they can install coin mining and other more nefarious JS hacks. I've heard of at least one JS hack that uses Spectre to scan a target devices memory.

TL;DR Browsers are just as vulnerable to Spectre and Meltdown as executable code. Visiting untrusted sites is almost on the same level as running random executables from the internet.
Re:it's to bad that they locked out nvidia from ch by Aquaseafoam · 2018-02-08 06:02 · Score: 1

Ryzens incorporate most of their chipset on the die. Hes not 100% correct, there still are some functions being done on the motherboard though.

--
09-F9-11-02-9D-74-E3-5B-D8-41-56-C5-63-56-88-C0
Re:Exploited thru JavaScript by F.Ultra · 2018-02-08 06:07 · Score: 1

You must improve on your google-fu: https://react-etc.net/entry/ja...
Re:Exploited thru JavaScript by Gavagai80 · 2018-02-08 07:19 · Score: 1

Spectre and Meldown essentially make existing vulnerabilities more dangerous. If you run into a javascript exploit -- any past or future javascript exploit that your web browser hasn't patched -- then this allows the exploit to potentially own your whole system instead of just the browser or just the browser's sandbox for that tab. If your browser has no javascript vulnerabilities then it's not in danger... but of course it's inevitable that there will be more javascript vulnerabilities discovered in the future.

--
This space intentionally left blank
Re:Exploited thru JavaScript by aliquis · 2018-02-08 07:32 · Score: 1

AFAIU both were exploitable through java-script too. It's all about timing I suppose.
In the case of Chrome though I assume Google may have put in their retpoline solution and hence if you tried even on a non-patched hardware system I assume it will no longer work.
Re:it's to bad that they locked out nvidia from ch by FudRucker · 2018-02-08 08:47 · Score: 1

i think he used his grammar sort of like this
https://i.imgur.com/HvNWEuM.jp...

--
Politics is Treachery, Religion is Brainwashing
a hardware mod would be cool by FudRucker · 2018-02-08 08:50 · Score: 3, Funny

find out if you can grind down a couple of pins on the CPU and the feature that became a vulnerable bug is just taken permanently out of the picture without ever needing a firmware/software fix

--
Politics is Treachery, Religion is Brainwashing
Re:Exploited thru JavaScript by mcl630 · 2018-02-08 11:24 · Score: 1

All major browsers have already been patched to prevent the JS variants.
Re:does ubuntu update microcode/BIOS automatically by mcl630 · 2018-02-08 11:28 · Score: 1

Assuming you didn't uninstall the Intel microcode update package, it should get updated.
Re:Exploited thru JavaScript by F.Ultra · 2018-02-09 07:43 · Score: 1

It says that your machine is safe since you access it with a new version of Firefox/Chrome that is patched for this. Try using an older browser, also there are links to actual javascript on that page so if you know Javascript you can probably write your own "dump sensitive RAM" code.