Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign

Discussion in 'Frontpage news' started by zero_cool, Jan 2, 2018.

  1. Elder III

    Elder III Ancient Guru

    Messages:
    3,716
    Likes Received:
    326
    GPU:
    6900 XT Nitro+ 16GB
    Well I had an automatic Windows Update overnight on this Ryzen based desktop. It is the patch that has been mentioned several times in this thread -
    KB4056892

    I have not benchmarked my SSD recently, but I always used to get ~1000 or close to it in AS SSD benchmark. Today I only get ~730 in that same benchmark. This is the same SSD (OCZ Vertex 460A that was part of the Guru3D 2 year SSD test group), same OS, less then 60% full etc... :(
     
  2. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,622
    Likes Received:
    620
    GPU:
    MSI 2070S X-Trio
    Just found .17 is the fix :)

    info here :- https://www.wilderssecurity.com/threads/bork-tuesday-any-problems-yet.370217/page-147#post-2728947

    Can also check here, on which ones are compatible

    https://docs.google.com/spreadsheet...iuirADzf3cL42FQ/htmlview?usp=sharing&sle=true (constantly being updated)

    Provided by :- https://twitter.com/GossiTheDog

    Will get the fix whacked on tomorrow, and it is the KB4056897
     
    Last edited: Jan 4, 2018
  3. AsiJu

    AsiJu Ancient Guru

    Messages:
    6,718
    Likes Received:
    1,805
    GPU:
    MSI RTX 2070 Armor
    Seems Ryzen setups are hit harder than Intel ones, you're not the only one.

    Fix for especially Intel flaw gimps AMD performance. Great, just great. Thanks a f-in million!

    Based on Hilbert's tests Intel setups are almost unaffected.
     
  4. chispy

    chispy Ancient Guru

    Messages:
    8,932
    Likes Received:
    1,135
    GPU:
    RX 6900xt / RTX3090
    After going thru many other forums and asking some of my friends with Ryzen systems to do performance test on their SSDs and we all came down with the same conclusion , Ryzen systems seems to have taken a bigger hit on performance than Intel. You just confirmed the same thing , dude , this degradation in performance sucks big time for us AM4 Ryzen users.:(
     

  5. D3M1G0D

    D3M1G0D Ancient Guru

    Messages:
    2,068
    Likes Received:
    1,340
    GPU:
    2 x GeForce 1080 Ti
    chispy likes this.
  6. AsiJu

    AsiJu Ancient Guru

    Messages:
    6,718
    Likes Received:
    1,805
    GPU:
    MSI RTX 2070 Armor
    WU doesn't push the update yet for me and for some reason I can't access it via WU catalog either (probably some connection error).

    Just as well...
     
  7. chispy

    chispy Ancient Guru

    Messages:
    8,932
    Likes Received:
    1,135
    GPU:
    RX 6900xt / RTX3090
    List of affected Intel Products: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr

    Affected products:



    For non-Intel based systems please contact your system manufacturer or microprocessor vendor (AMD, ARM, Qualcomm, etc.) for updates.

    The following Intel-based platforms are impacted by this issue. Intel may modify this list at a later time. Please check with your system vendor or equipment manufacturer for more information regarding updates for your system.

    • Intel® Core™ i3 processor (45nm and 32nm)
    • Intel® Core™ i5 processor (45nm and 32nm)
    • Intel® Core™ i7 processor (45nm and 32nm)
    • Intel® Core™ M processor family (45nm and 32nm)
    • 2nd generation Intel® Core™ processors
    • 3rd generation Intel® Core™ processors
    • 4th generation Intel® Core™ processors
    • 5th generation Intel® Core™ processors
    • 6th generation Intel® Core™ processors
    • 7th generation Intel® Core™ processors
    • 8th generation Intel® Core™ processors
    • Intel® Core™ X-series Processor Family for Intel® X99 platforms
    • Intel® Core™ X-series Processor Family for Intel® X299 platforms
    • Intel® Xeon® processor 3400 series
    • Intel® Xeon® processor 3600 series
    • Intel® Xeon® processor 5500 series
    • Intel® Xeon® processor 5600 series
    • Intel® Xeon® processor 6500 series
    • Intel® Xeon® processor 7500 series
    • Intel® Xeon® Processor E3 Family
    • Intel® Xeon® Processor E3 v2 Family
    • Intel® Xeon® Processor E3 v3 Family
    • Intel® Xeon® Processor E3 v4 Family
    • Intel® Xeon® Processor E3 v5 Family
    • Intel® Xeon® Processor E3 v6 Family
    • Intel® Xeon® Processor E5 Family
    • Intel® Xeon® Processor E5 v2 Family
    • Intel® Xeon® Processor E5 v3 Family
    • Intel® Xeon® Processor E5 v4 Family
    • Intel® Xeon® Processor E7 Family
    • Intel® Xeon® Processor E7 v2 Family
    • Intel® Xeon® Processor E7 v3 Family
    • Intel® Xeon® Processor E7 v4 Family
    • Intel® Xeon® Processor Scalable Family
    • Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
    • Intel® Atom™ Processor C Series
    • Intel® Atom™ Processor E Series
    • Intel® Atom™ Processor A Series
    • Intel® Atom™ Processor x3 Series
    • Intel® Atom™ Processor Z Series
    • Intel® Celeron® Processor J Series
    • Intel® Celeron® Processor N Series
    • Intel® Pentium® Processor J Series
    • Intel® Pentium® Processor N Series
     
    AsiJu likes this.
  8. Elder III

    Elder III Ancient Guru

    Messages:
    3,716
    Likes Received:
    326
    GPU:
    6900 XT Nitro+ 16GB
    My guess is that M$oft didn't bother to exclude AMD from the "fix", similar to how the initial Linux patch didn't exclude AMD yesterday.
     
    __hollywood|meo, AsiJu and chispy like this.
  9. AsiJu

    AsiJu Ancient Guru

    Messages:
    6,718
    Likes Received:
    1,805
    GPU:
    MSI RTX 2070 Armor
    So basically the entire Core i lineup as suspected.

    "Intel may modify this list at a later time."

    Yes of course! Because "fixed". Lolz!

    (sorry, I'm at this mood now... grrr!)
     
    chispy likes this.
  10. chispy

    chispy Ancient Guru

    Messages:
    8,932
    Likes Received:
    1,135
    GPU:
    RX 6900xt / RTX3090
    Yes , the entire Core line up +
     

  11. Turanis

    Turanis Ancient Guru

    Messages:
    1,747
    Likes Received:
    434
    GPU:
    Gigabyte RX500
    From Linus Torvalds (creator of Linux OS):

    Subject Re: Avoid speculative indirect calls in kernel

    On Wed, Jan 3, 2018 at 3:09 PM, Andi Kleen <andi@firstfloor.org> wrote:
    > This is a fix for Variant 2 in
    > https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
    >
    > Any speculative indirect calls in the kernel can be tricked
    > to execute any kernel code, which may allow side channel
    > attacks that can leak arbitrary kernel data.

    Why is this all done without any configuration options?

    A *competent* CPU engineer would fix this by making sure speculation
    doesn't happen across protection domains. Maybe even a L1 I$ that is
    keyed by CPL.

    I think somebody inside of Intel needs to really take a long hard look
    at their CPU's, and actually admit that they have issues instead of
    writing PR blurbs that say that everything works as designed.

    .. and that really means that all these mitigation patches should be
    written with "not all CPU's are crap" in mind.

    Or is Intel basically saying "we are committed to selling you crap
    forever and ever, and never fixing anything"
    ?

    Because if that's the case, maybe we should start looking towards the
    ARM64 people more.


    Please talk to management. Because I really see exactly two possibibilities:

    - Intel never intends to fix anything

    OR

    - these workarounds should have a way to disable them.

    Which of the two is it?

    Linus.

    https://lkml.org/lkml/2018/1/3/797


    [​IMG]
     
    Last edited: Jan 5, 2018
  12. user1

    user1 Ancient Guru

    Messages:
    1,620
    Likes Received:
    549
    GPU:
    hd 6870
    thats pretty dirty, considering the linux kernel has already accepted a patch to exclude amd processors from the meltdown workaround, I hope microsoft revises the patches soon, if they don`t i guess its just one more reason to ditch windows altogether, we`re getting pretty darn close to the point where you can actually do that without sacrificing anything.
     
  13. Alessio1989

    Alessio1989 Ancient Guru

    Messages:
    1,910
    Likes Received:
    526
    GPU:
    .
    The bound-check violation works like a charm on Intel, AMD, ARM (from v7 and beyond) and probably many other CPUs architectures(SPARC and PowerPC anyone?). The branch injection actually still not runned on AMD CPUs due different implementations.
    I still consider more dangerous Metldown which gives access to kernel memory then Spectre that "unbox" a single application address area.
     
  14. Alessio1989

    Alessio1989 Ancient Guru

    Messages:
    1,910
    Likes Received:
    526
    GPU:
    .
    nevermind.
     
    Last edited: Jan 5, 2018
  15. Sergio

    Sergio Master Guru

    Messages:
    254
    Likes Received:
    7
    GPU:
    Asus 760 DirectCU II OC
    On my Win764 machine, windows update was not giving me latest KB4056894. I read somewhere that installing Microsoft security essentials for win7 may help. Installed Microsoft security essentials, uninstalled Malwarebytes anti-malware (it was updated to "Database Update 1.0.3624" as it says here >>> https://forums.malwarebytes.com/topic/217734-meltdown-mitigation/?tab=comments#comment-1196773 ), HitmanPro, Spywareblaster and WinPatrol.
    And finaly KB4056894 showed up. I checked QualityCompat key on regedit and it was there. (previously it was not there) . Hope this helps some of you.

    Edit: Forgot to add... I was told not to manualy install patches. So i have to revert them and let windows update install them.
    https://www.reddit.com/r/intel/comments/7o5hbi/psa_windows_update_doesnt_automatically_activate/
    https://support.microsoft.com/en-us...ive-execution-side-channel-vulnerabilities-in

    Script that checks for vulnrability from spectre and meldown >>> https://github.com/ionescu007/SpecuCheck
    https://github.com/ionescu007/SpecuCheck/releases

    [​IMG]
     
    Last edited: Jan 5, 2018
    sverek likes this.

  16. Rich_Guy

    Rich_Guy Ancient Guru

    Messages:
    12,622
    Likes Received:
    620
    GPU:
    MSI 2070S X-Trio
    Well its in, and she booted, so thats a good sign :p

    Going to whack a game on now, see if owt happens :D

    EDIT:

    Well nowt happened, no issues.
     
    Last edited: Jan 5, 2018
  17. JulioCesarSF

    JulioCesarSF Active Member

    Messages:
    98
    Likes Received:
    0
    GPU:
    SLI GTX 780 Ti
    So x79(4930k) is safe for now?
     
  18. GREGIX

    GREGIX Master Guru

    Messages:
    691
    Likes Received:
    116
    GPU:
    6800XT Merc
    Julio u cant read? Few posts above....
     
  19. swISS

    swISS Master Guru

    Messages:
    395
    Likes Received:
    6
    GPU:
    Nvidia GTX980 Ti
    @Sergio My bad if this is a dumb question, but the screenshots you applied is that what it should look like if the "Update" from Windows has been correctly applied?
     
  20. sykozis

    sykozis Ancient Guru

    Messages:
    21,791
    Likes Received:
    1,052
    GPU:
    MSI RX5700
    Your processor is on the list of affected processors..... You need to install the security patch and BIOS/UEFI update as soon as they become available.
     

Share This Page