Microsoft releases update to reverse problematic Spectre patch

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Jan 29, 2018.

Page 2 of 2
  1. JamesSneed

    JamesSneed Ancient Guru

    Messages:
    1,681
    Likes Received:
    952
    GPU:
    GTX 1070
    Disagree on your analogy. Net neutrality may be trying to fix something that doesn't exist but many of the issues will exist, it's not an IF its just WHEN since so many ISP's have consolidated over the last decade. We all have seen it over and over companies consolidate to a point they can no longer buy the other guy since all that is left is a few giant companies. So they try to find ways for growth since stockholders demand it and bam you start seeing all sorts of shenanigans.
     
    JamesSneed, Jan 29, 2018
    #21
    carnivore likes this.
  2. tsunami231

    tsunami231 Ancient Guru

    Messages:
    13,902
    Likes Received:
    1,486
    GPU:
    EVGA 1070Ti Black
    Been saying this since day one , that this is one huge mess the way this info about these flaws was released into public was bad, and they way the CPU makers MS and everyone else supposed to be fixing and pluging the issue, is being handled is just as bad., they all seem to opt of the option mean the less work

    Either way this "update" disable something i have installed but not enable cause i need microcode.

    Like it be said by others, maybe MS just do retpoline, which seems to have no performance hit and will solve everyone problem with update? cause microcode updates arnt the way to go protect everyone, cause of the nature of how there need to be done majority of people will never do it.

    MS need do pick solution that will protect the most people, there current solution isnt not it.
     
    Last edited: Jan 29, 2018
    tsunami231, Jan 29, 2018
    #22
  3. tsunami231

    tsunami231 Ancient Guru

    Messages:
    13,902
    Likes Received:
    1,486
    GPU:
    EVGA 1070Ti Black
    arg stupid dbl posts
     
    tsunami231, Jan 29, 2018
    #23
  4. Berke53

    Berke53 Active Member

    Messages:
    65
    Likes Received:
    13
    GPU:
    2x ASUS GTX 1080 Strix OC
    Thank you for this helpfull reply!
     
    Berke53, Jan 29, 2018
    #24

  5. fOrTy_7

    fOrTy_7 Master Guru

    Messages:
    345
    Likes Received:
    36
    GPU:
    N/A
    Hi,
    Microsoft implemented Reptoline for 1809 and later builds and recommeds to enable Spectre v2 warrant mitigation.

    https://support.microsoft.com/en-gb/help/4494441/windows-10-update-kb4494441


    I used recommended settings from this site to disable Spectre v2 warrant mitigation in the past.

    FeatureSettingsOverride = 0x1

    FeatureSettingsOverrideMask = 0x1


    Can someone explain the role of FeatureSettingsOverrideMask?

    FeatureSettingsOverride is pretty straight forward.

    01b - Spectre v2 disabled

    10b - Meltdown disabled

    11b - Both Disabled


    FeatureSettingsOverrideMask

    01b - masking / checking setting Spectre v2 e.g. 01b & 01b
    ===> What happens here for Meltdown mitigation? Is it disabed due to being masked out by using 0x1 as parameter OR FeatureSettingsOverride override setting is ignored for Meltdown and it uses operating system defaults e.g default ON for client systems.

    10b - masking / checking settings Meltdown e.g. 01b & 10b

    11b - masking / checking both settings Spectre v2 and Meltdown, 01b & 11b



    https://support.microsoft.com/en-us...e-execution-side-channel-vulnerabilities-prot


    FeatureSettingsOverride represents a bitmap that overrides the default setting and controls which mitigations will be disabled. Bit 0 controls the mitigation that corresponds to CVE-2017-5715. Bit 1 controls the mitigation that corresponds to CVE-2017-5754. The bits are set to 0 to enable the mitigation and to 1 to disable the mitigation.

    FeatureSettingsOverrideMask represents a bitmap mask that's used together with FeatureSettingsOverride. In this situation, we use the value 3 (represented as 11 in the binary numeral or base-2 numeral system) to indicate the first two bits that correspond to the available mitigations. This registry key is set to 3 both to enable or to disable the mitigations.
     
    Last edited: May 23, 2019
    fOrTy_7, May 23, 2019
    #25
  6. fOrTy_7

    fOrTy_7 Master Guru

    Messages:
    345
    Likes Received:
    36
    GPU:
    N/A
    It's hard to say how this freaking mask works since if you enable all mitigations, they still use mask 0x3 (11b).

    And it looks like they re-purposed meaning of set bit for bits 3 and higher in FeatureSettingsOverride registry setting.
    Now 1b means the mitigation is enabled. What the actual frack, Microsoft? You can't keep own convention here?


    To enable mitigations for Microarchitectural Data Sampling (CVE-2018-11091, CVE-2018-12126, CVE-2018-12127, CVE-2018-12130) along with Spectre [ CVE-2017-5753 & CVE-2017-5715 ] and Meltdown [ CVE-2017-5754 ] variants, including Speculative Store Bypass Disable (SSBD) [ CVE-2018-3639 ] as well as L1 Terminal Fault (L1TF) [ CVE-2018-3615, CVE-2018-3620, and CVE-2018-3646 ] with Hyper-Threading disabled:

    reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverride /t REG_DWORD /d 8264 /f

    reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /v FeatureSettingsOverrideMask /t REG_DWORD /d 3 /f


    I found this app, was shown somewhere on guru3d some time ago.
    It looks like Meltdown is still enabled with settings

    FeatureSettingsOverride = 0x1

    FeatureSettingsOverrideMask = 0x1


    https://www.grc.com/inspectre.htm
    https://i.**********/tgcW4Q1R/spectre.png
     
    Last edited: May 23, 2019
    fOrTy_7, May 23, 2019
    #26
Page 2 of 2

Share This Page