• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

New Vulnerability hits Intel processors - Lazy FP State Restore

LoadsaMoney

LoadsaMoney

LoadsaMoney

Caporegime
Joined
8 Jul 2003
Posts
30,063
Location
In a house
Yet another security vulnerability was found in Intel chips and affects the processor's speculative execution technology, much like Spectre and Meltdown. It can potentially be exploited to access sensitive information, including encryption related data.

The news was just posted at Intel, we'll follow the explanation from Red Hat though; Exploitation of lazy floating point restore could allow an attacker to obtain information about the activity of other applications, including encryption operations. The underlying vulnerability affects CPU speculative execution similar to other recent side-channel vulnerabilities. In this latest vulnerability, one process is able to read the floating point registers of other processes being lazily restored.

Root Cause - Lazy save/restore of FPU/SSE/AVX States:

Modern processors employ numerous techniques to improve system performance. One such technique is to defer save and restore of certain CPU context states on task switch. Today, processors come equipped with a dedicated Floating Point Unit (FPU) to perform high precision floating-point operations used in scientific, engineering and/or graphics applications. The FPU maintains its own context state in its data registers, status registers, as well as control and opcode registers.

A task/context switch occurs when a user application calls a kernel function or when a process is preempted to schedule the next one in the queue. Upon a task switch, the processor saves its current execution context (various registers, instruction and stack pointers, etc.) and loads the context of the new process. While doing so, it can defer restoring of FPU/SSE context state, because not all applications use the Floating Point Unit (FPU). If the newly scheduled process does not use Floating-Point (FP) instructions, it does not need to save/restore FPU context state. This can save precious execution cycles and improves performance.

Under the lazy restore scheme, during task switch, the first FP instruction executed by a process generates a “Device not Available (DNA)” exception; the DNA exception handler then saves the current FPU context into the old task’s state save area and loads the new FPU context for the current process. In other words, loading of the FPU state is deferred until an FP instruction is invoked by the current task - Lazy FPU restore.

Recent processors include processor extensions (“XSAVEOPT”) that implement FPU restore in hardware more efficiently, giving the performance benefits of lazy FPU without having to rely on the DNA exception. On these processors, Red Hat Enterprise Linux 7 is already using eager FPU restore, and is therefore not vulnerable.

Impact
A newly scheduled task can use the exploit described herein to infer the Floating Point register state of another task, which can be used to leak sensitive information.
Click to expand...

http://www.guru3d.com/news_story/new_vulnerability_hits_intel_processors_lazy_fp_state_restore.html
 
So annoying that older systems like mine will never be secure, makes you wonder how many vulnerabilities all our systems have that we don't even know about.
 
I remember reading in the WikiLeaks CIA stuff that they'd identified a bunch of flaws in industrial class switches etc and basically kept it to themselves so they'd have back door access to things, then they act all surprised when China hack the US Navy...

With the recent flood in security flaws I would guess the Trump administration take national security a lot more seriously.
 
Last edited:
mmj_uk said:
I remember reading in the WikiLeaks CIA stuff that they'd identified a bunch of flaws in industrial class switches etc and basically kept it to themselves so they'd have back door access to things, then they act all surprised when China hack the US Navy...
Click to expand...

Wouldn't surprise me if some of these security services have people hired into some of these companies towards these kind of ends :s

Doogles said:
So annoying that older systems like mine will never be secure, makes you wonder how many vulnerabilities all our systems have that we don't even know about.
Click to expand...

A lot of these recent exploits seem to stem out of trying to make one core architecture for processors perform well across the whole range of possible tasks - I wonder if down the road we will see more of a split between desktop, high end desktop, workstation and server CPUs with much more distinct performance profiles due to optimisations that focus on a specific area while minimising potential for vulnerabilities and penalising performance in other areas.
 
Here's one from yesterday https://www.zdnet.com/article/another-day-another-intel-cpu-security-hole-lazy-state/


Once upon a time, when we worried about security, we worried about our software. These days, it's our hardware, our CPUs, with problems like Meltdown and Spectre, which are out to get us. The latest Intel revelation, Lazy FP state restore, can theoretically pull data from your programs, including encryption software, from your computer regardless of your operating system.

Like its forebears, this is a speculative execution vulnerability. In an interview, Red Hat Computer Architect Jon Masters explained: "It affects Intel designs similar to variant 3-a of the previous stuff, but it's NOT Meltdown." Still, "it allows the floating point registers to be leaked from another process, but alas that means the same registers as used for crypto, etc." Lazy State does not affect AMD processors.
Click to expand...
 
You have to wonder if AMD's marketing director has a magic lamp or something... mining made Vega a commercial success and literally as Epyc and Threadripper get a major release Intel admit they are going to lose market share and then even more vulnerabilities surface.
 
Like Spectre and Meltdown though, no one will really care, it will be business as usual.

A few people may have ditched Intel over their "less secure" CPU's right now, especially as AMD are within a hairs whisker of overall performance for most day to day things and because AMD are cheaper, and again probably due to ageing systems (2500k era etc). But overall people are still gobbling up Intel CPU's, that much wont change for a long long time. Infact i expect Intel to address their vulnerabilities before they lose any significant market share in the desktop arena.

AMD will take share from Intel, that is a given fact, especially with the move to 7nm ahead of Intel, but i cant really see it being massive 30-40% market adoption, Intel purely has too much mindshare, even with these security flaws.

You wait til the 8 Core Intel CPU comes out, people will gobble it up, even if it means a new mobo, they will whine, but they will still pay out the money for it, regardless.
 
mmj_uk said:
I remember reading in the WikiLeaks CIA stuff that they'd identified a bunch of flaws in industrial class switches etc and basically kept it to themselves so they'd have back door access to things, then they act all surprised when China hack the US Navy...

With the recent flood in security flaws I would guess the Trump administration take national security a lot more seriously.
Click to expand...
What does Intel's bad times have to do with Trump etc? Or do you mean Trump's administration will be forced to take it seriously due to all the problems?
 
Meanwhile Intel admit AMD are winning mindshare, Intel say its their job to make sure AMD don't gain more than 15 to 20% share in Data Centre.

https://www.tomshardware.co.uk/intel-ceo-amd-server-market,news-58643.html

To me that just shows the mentality of Intel, instead of dealing with their products problems the most profound thing they say and do is to try and stop competition.
 
humbug said:
Meanwhile Intel admit AMD are winning mindshare, Intel say its their job to make sure AMD don't gain more than 15 to 20% share in Data Centre.
Click to expand...

Actually I heard a good one about that.

Apparently those numbers are higher than what AMD themselves are thinking of - single figure gains. So it could simply be CEO games of exaggerating AMD's strength so he can take credit if AMD fails to get the 20% share that he pulled out of his ***.
 
Hotwired said:
Actually I heard a good one about that.

Apparently those numbers are higher than what AMD themselves are thinking of - single figure gains. So it could simply be CEO games of exaggerating AMD's strength so he can take credit if AMD fails to get the 20% share that he pulled out of his ***.
Click to expand...

Could be.
 
I can't help myself, sowy....

yhYRahm.jpg.png
 
Perfect storm for both intel and amd.
Intel under fire for producing chips with faults and openings for years without pushing anything new on a process they struggle to make work, then they make foopars like the "sorry we forgot to mention it was overclocked" thing.
Meanwhile AMD are selling ever gpu they can make even though they are behind at the moment, there cpu line is strong and very well respected all while seeing 2019 as the year to really put the boot into intel with there process "advantage" and excellent multi chip strategy.
Nvidia meanwhile doesnt care about releasing anything as they are selling tons to car companies, server farms and scientists.

And to cap it all off memory costs are held artificially high, apple still makes overpriced crap and github is eaten by the devil.
Worlds gone mad.
 
Intel are in a world of hurt right now there's no doubt about it.

It will be interesting in 10 years or so, when the AMD Ryzen architecture has been around for a good while, if the people who find these exploits will find ways into that architecture. Because of course none of these companies intentionally build flaws into their CPU's but it doesn't stop people finding ways to get into them anyway.

I'm sure Intel will bounce back, it is just a case of how long will it take them to do so and how much can AMD gain while they do. Interesting times ahead for sure.:)
 
Armageus said:
And Spectre et al is the gift that keeps on giving.... possible exploit in SMT (hyperthreading etc) implementations:

http://www.theregister.co.uk/2018/06/20/openbsd_disables_intels_hyperthreading/
Click to expand...

Disagree with a few things in that article in respect to Hyper-threading - it often keeps things running smoothly with modern day programs/environment when a lot is going on even in cases where the overall performance increase is negligible and personally I see a fair gain from HT in a good spread of tasks.

I'm not sure AMD's SMT is immune to variations of this one though.
 
You must log in or register to reply here.
Back
Top Bottom