apianti Posted January 3, 2018 Share Posted January 3, 2018 Hey guys and gals, Just found this article about how the Linux team discovered a vulnerability in almost all Intel CPUs. Both Windows and Linux are rolling out an update that will decrease all Intel CPUs performance by at least 17% if not up to 25%. Unsure what the macOS timeline is. It has to do with being able to inject code from mundane places by exploiting the speculative instruction feature that attempts to guess what instructions will be coming next in the pipeline to gain access to the kernel memory. There is no security check when this happens apparently and seems like a pretty big deal as the problem appears not to be able to be fixed in hardware at all as Intel says the issue cannot be fixed with a microcode update. https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ EDIT: This is one of my favorite lines: At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka F UCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers. EDIT2: The scale of this is immense, looks like half the worlds computers might have this vulnerability. They literally have to update the entire Azure, AWS, and GCE clouds because of this.EDIT3: This can be used to cause a virtual machine to bypass the hypervisor mode of the CPU and gain access to the kernel mode of the host machine!!! OMG this is a very very bad vulnerability.EDIT4: I also see reports that some older Intel CPUs may take a performance hit of 30% or more. EDIT5: The performance hit depends on the IPC of the CPU, the presence of CPID feature, and the amount of instructions supported by the CPU since the more instructions, the more the speculative instruction feature includes exceptions/undocumented instructions that can be exploited. EDIT6: For reference, IPC for specific CPUs models. 12 Link to comment Share on other sites More sharing options...
magnifico Posted January 3, 2018 Share Posted January 3, 2018 on mac ? 1 Link to comment Share on other sites More sharing options...
Allan Posted January 3, 2018 Share Posted January 3, 2018 3 Link to comment Share on other sites More sharing options...
apianti Posted January 3, 2018 Author Share Posted January 3, 2018 on mac ? Yes. It is a vulnerability in Intel CPUs themselves. I've found other sources that have said almost every Intel CPU in the past 12 years has this vulnerability - across families and models. Although some newer generations have models that have a feature, PCID (Process-Context IDentifiers), that unintentionally mitigates this is partially so it won't take as much of a performance hit but still affected. Link to comment Share on other sites More sharing options...
maxb2000 Posted January 3, 2018 Share Posted January 3, 2018 Yes. It is a vulnerability in Intel CPUs themselves. I've found other sources that have said almost every Intel CPU in the past 12 years has this vulnerability - across families and models. Although some newer generations have models that have a feature, PCID (Process-Context IDentifiers), that unintentionally mitigates this is partially so it won't take as much of a performance hit but still affected. I was thinking about microcode patch but it seems that the patch needs to be done in the kernel. My question is: will Amazon, Google or Microsoft increase the prices for their VM or services for the reduced performance ? Link to comment Share on other sites More sharing options...
Gigamaxx Posted January 3, 2018 Share Posted January 3, 2018 I hope it doesn't kill our AMD kernel programs if they make it completely invisible. I wonder if they haven't known about this for awhile with the new immutable kernel in High Sierra prelinkedkernel folder? 1 Link to comment Share on other sites More sharing options...
Guest Posted January 3, 2018 Share Posted January 3, 2018 Hi apianti.. I told you about something related to Intel Xeon V3 in clover general discussion :-) with a sort of microcode hack (deleting it) is it possible to unlock all turbo core in xeon... https://forums.anandtech.com/threads/what-controls-turbo-core-in-xeons.2496647/ http://www.xtremesystems.org/forums/showthread.php?293290-Various-Overclocker-discovers-Xeon-E5-V3-Errata-Engineers-exploit-to-unlock-Turbo Link to comment Share on other sites More sharing options...
magnifico Posted January 3, 2018 Share Posted January 3, 2018 EDIT6: For reference, IPC for specific CPUs models. and how can I tell if mine is in the black list too? Link to comment Share on other sites More sharing options...
apianti Posted January 3, 2018 Author Share Posted January 3, 2018 I was thinking about microcode patch but it seems that the patch needs to be done in the kernel. I guess the problem goes deeper than a silicon chip based error or manufacturing defect. The actual algorithm that the entire core microarchitecture uses for speculating instruction is flawed and cannot be fixed in the hardware so no microcode update. The kernel has to be completely separated from all other memory space so it causes a slow down because of the overhead of the calling/switching contexts. My question is: will Amazon, Google or Microsoft increase the prices for their VM or services for the reduced performance ? Who knows what they will do, but based on the past, probably. I hope it doesn't kill our AMD kernel programs if they make it completely invisible. I wonder if they haven't known about this for awhile with the new immutable kernel in High Sierra prelinkedkernel folder? The vulnerability has been verified since October/November of 2017. Some random guy had been saying it for a number of years though. It was deemed so critically vulnerable that it was not publicly disclosed until there was a solution in place, there is still no actual release of the attack as it could literally ruin the whole world if used maliciously. The kernel should still be open source so I don't see why it wouldn't be able to adapted for an AMD CPU just the same. I guess that AMD does not have this problem particularly but it has an x86 mode you can enable that does have this problem, there's a proposal to disable it in linux but it was denied as a feature request or something. Hi apianti.. I told you about something related to Intel Xeon V3 in clover general discussion :-) with a sort of microcode hack (deleting it) is it possible to unlock all turbo core in xeon... https://forums.anandtech.com/threads/what-controls-turbo-core-in-xeons.2496647/ http://www.xtremesystems.org/forums/showthread.php?293290-Various-Overclocker-discovers-Xeon-E5-V3-Errata-Engineers-exploit-to-unlock-Turbo That was just using a microcode update to unlock CPU features, like turbo. This is a vulnerability in the design of Intel's core microarchitecture that allows for any ring privileged executable to gain ring 0 privilege by exploiting undocumented instructions and exceptions used for speculative instruction analysis, how the processor tries to make the best decision about what to do next before it can know what it needs to do next. Totally different. and how can I tell if mine is in the black list too? I was linking that IPC list as an approximation of how much of a hit you will take with this new separated kernel and user memory space. The lower the IPC the higher the cost so the worse performance you'll have. If you have a core microarchitecture Intel CPU then this problem almost definitely affects you, that's almost every processor made by Intel in more than a decade. ARRGGGHHHH !!!! An Intel vulnerability that's been on the go for a decade or more... and only reported now? My God, how horrific!!! I mean, it's a trillion times worse than Godzilla or World War Z ! Are we all gonna die tomorrow? In the next hour? What? Next minute? There's plenty of vulnerabilities that go unnoticed for very long periods of time. That is irrelevant, when it is discovered and can be exploited then it matters. It matters even more when it basically would allow any sort of executing code to gain the highest privilege level of the CPU and do whatever it wanted. Intel is not even releasing the actual details until after the patches have been released. This is very serious. And affects so many computers across the world that I don't think you realize just how devastating it could be if a virus that acted like wannacry was able to be modified to exploit this? The whole world could literally come to a grinding halt. I think you underestimate the extent of this vulnerability. You know how many computers run on core microarchitecture??? 1 Link to comment Share on other sites More sharing options...
Awesome Donkey Posted January 3, 2018 Share Posted January 3, 2018 Looks like Apple already fixed this in macOS High Sierra 10.13.2 (with more coming in 10.13.3) via "Double Map" according to Alex Ionescu. https://twitter.com/aionescu/status/948610973987831809 4 Link to comment Share on other sites More sharing options...
Allan Posted January 3, 2018 Share Posted January 3, 2018 And some of you (10.13.2 users) has notice if your CPU's performance are slow with this update? Link to comment Share on other sites More sharing options...
Awesome Donkey Posted January 3, 2018 Share Posted January 3, 2018 I'd be interested in seeing benchmarks of 10.13.1 vs 10.13.2 and 10.13.3 beta. 1 Link to comment Share on other sites More sharing options...
Allan Posted January 3, 2018 Share Posted January 3, 2018 I'd be interested in seeing benchmarks of 10.13.1 vs 10.13.2 and 10.13.3 beta. Sure! Post your geekbench results guys Link to comment Share on other sites More sharing options...
maxb2000 Posted January 3, 2018 Share Posted January 3, 2018 That's on my Pentium G3220 (Geekbench dual core scores) : macOS 10.13.1: 5500 macOS 10.13.2: 5558 2 Link to comment Share on other sites More sharing options...
bbmatias3 Posted January 4, 2018 Share Posted January 4, 2018 So ryzen hackintosh is the way to go lol 2 Link to comment Share on other sites More sharing options...
apianti Posted January 4, 2018 Author Share Posted January 4, 2018 That's on my Pentium G3220 (Geekbench dual core scores) : macOS 10.13.1: 5500 macOS 10.13.2: 5558 This is not a very good representation because that is a haswell and has PCID, so it's going to take a much smaller hit. Probably around 5%, are you sure these numbers are not the opposite? What about a series of scores from each and getting the average/deviation, that's more accurate. So ryzen hackintosh is the way to go lol To do more work? This vulnerability is already patched in macOS, it just causes a slow down. I'm sure you can expect this slow down in AMD CPUs as well since there will still be separate kernel and user space entirely. The slow down comes from the extra overhead of having to completely change contexts for system calls. Link to comment Share on other sites More sharing options...
surfinchina Posted January 4, 2018 Share Posted January 4, 2018 This is not a very good representation because that is a haswell and has PCID, so it's going to take a much smaller hit. Probably around 5%, are you sure these numbers are not the opposite? What about a series of scores from each and getting the average/deviation, that's more accurate. To do more work? This vulnerability is already patched in macOS, it just causes a slow down. I'm sure you can expect this slow down in AMD CPUs as well since there will still be separate kernel and user space entirely. The slow down comes from the extra overhead of having to completely change contexts for system calls. My 7900x 40459 on 10.12 40713 on 10.13.3 The geekbenches have been getting slowly better on 10.13, so I'm expecting that if there was a slowdown it's more than offset by the OS using my CPU better. Link to comment Share on other sites More sharing options...
Nubira Posted January 4, 2018 Share Posted January 4, 2018 If you do not update your os how are they going to be able to change anything in your computer at all? Every hackmac owner have turned autoupdate of so we should be safe from this stunt. Till now computers have been working as expected and promised and it has been fairly unusual that criminals did break in to our systems. Have they seen or do they expect these activities to rise rapidly or whats the deal here. If someone breaks in on my property it is a case for the police not for the consumer to fix. Till now I have only updated when it was necessary like when a program I wanted or needed demanded for a newer os this will stop now. And Apples endless update loop of os x should have stopped years ago. For every one of the versions there has been at least 8 more updates! Why the hell dont they just make the stuff ready before they release it that is just stupid like making a car and forgetting the steeringwheel. Link to comment Share on other sites More sharing options...
apianti Posted January 4, 2018 Author Share Posted January 4, 2018 If you do not update your os how are they going to be able to change anything in your computer at all? Every hackmac owner have turned autoupdate of so we should be safe from this stunt. Till now computers have been working as expected and promised and it has been fairly unusual that criminals did break in to our systems. Have they seen or do they expect these activities to rise rapidly or whats the deal here. If someone breaks in on my property it is a case for the police not for the consumer to fix. Till now I have only updated when it was necessary like when a program I wanted or needed demanded for a newer os this will stop now. And Apples endless update loop of os x should have stopped years ago. For every one of the versions there has been at least 8 more updates! Why the hell dont they just make the stuff ready before they release it that is just stupid like making a car and forgetting the steeringwheel. I think you have the wrong impression here, this is a vulnerability in the every core microarchitecture Intel CPU going back for at least a decade if not more. It allows ANY executing code to gain access to the kernel privilege ring and execute though. It even allows a virtual machine to escape hypervisor mode and get the ring 0. You definitely want to update all your OSes, this is a potentially could gain control of your entire computer, and possibly every computer that it's networked with that is also an Intel CPU. Link to comment Share on other sites More sharing options...
Nubira Posted January 4, 2018 Share Posted January 4, 2018 I think you have the wrong impression here, this is a vulnerability in the every core microarchitecture Intel CPU going back for at least a decade if not more. It allows ANY executing code to gain access to the kernel privilege ring and execute though. It even allows a virtual machine to escape hypervisor mode and get the ring 0. You definitely want to update all your OSes, this is a potentially could gain control of your entire computer, and possibly every computer that it's networked with that is also an Intel CPU. Yes and all this time everything worked and only a few % of consumers worldwide ever had any problems at all from this. So what changed so rapidly? And the question still remains why should consumers end up with the bill for something they should have known from the start and why are we the consumers responsible for criminal activities. We have a police force for that in pretty much every country in the world that we pay for via income tax so this is not our problem. Link to comment Share on other sites More sharing options...
Awesome Donkey Posted January 4, 2018 Share Posted January 4, 2018 I think you have the wrong impression here, this is a vulnerability in the every core microarchitecture Intel CPU going back for at least a decade if not more. Looks like nearly every Intel CPU since 1995, so give-or-take 23 years. Link to comment Share on other sites More sharing options...
MacNB Posted January 4, 2018 Share Posted January 4, 2018 I think you have the wrong impression here, this is a vulnerability in the every core microarchitecture Intel CPU going back for at least a decade if not more. It allows ANY executing code to gain access to the kernel privilege ring and execute though. It even allows a virtual machine to escape hypervisor mode and get the ring 0. You definitely want to update all your OSes, this is a potentially could gain control of your entire computer, and possibly every computer that it's networked with that is also an Intel CPU. Not just related to Intel but to AMD and ARM too (though AMD seems to be in denial). There are two issues: "Meltdown" and "Spectre". Meltdown is more related to Intel platforms and Spectre affects ALL architectures. Spectre is hardest to fix. More details here: https://meltdownattack.com Personally, I think it was irresponsible of the register to publish a fairly inaccurate story BEFORE the Intel, AMD, ARM, MSFT, GOOG, ETC had the fixes in place - like any responsible organisation. But then again, they've always been a rogue hack and true to their nature. I wonder if they sold their Intel shares before publishing and bought them back after publishing at 6% gain ? 1 Link to comment Share on other sites More sharing options...
Awesome Donkey Posted January 4, 2018 Share Posted January 4, 2018 Meltdown affects Intel CPUs only - it's the vulnerability that everyone has been talking about for days now. Spectre, on the other hand, does affect Intel, ARM and AMD CPUs though AMD has released a press release saying they're not vulnerable. There seems to be some confusion there but maybe it's Ryzen and above only they're talking about? I say wait for trustworthy third-party verifications on that claim before jumping to conclusions. In general it looks like applications will have to add patches for Spectre mitigation. Anyone with a AMD Hackintosh and running 10.13.2 and above will likely be subject to KAISER/KPTI/Double Map and will experience the performance hit regardless. But it looks like the Linux kernel accepted the patch exempting AMD CPUs from KPTI. Link to comment Share on other sites More sharing options...
MacNB Posted January 4, 2018 Share Posted January 4, 2018 Meltdown affects Intel CPUs only - it's the vulnerability that everyone has been talking about for days now. I say wait for trustworthy third-party verifications on that claim before jumping to conclusions. The researchers who discovered the Two issues say: "Which systems are affected by Meltdown? Desktop, Laptop, and Cloud computers may be affected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). We successfully tested Meltdown on Intel processor generations released as early as 2011. Currently, we have only verified Meltdown on Intel processors. At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown." The key point is that "it is unclear whether ARM and AMD processors are also affected by meltdown". That research was done by trustworthy third-party. Link to comment Share on other sites More sharing options...
Nightf4ll Posted January 4, 2018 Share Posted January 4, 2018 Is this thread going anywhere? sure, I'm on 10.13.2, gonna do a benchmark then update to 10.13.3 and check if there is any performance improvement and post here (since, where else would one discuss it).. Link to comment Share on other sites More sharing options...
Recommended Posts