Jump to content

Intel CPU hardware vulnerability

- - - - -

  • Please log in to reply
52 replies to this topic

#1
apianti

apianti

    I have dementia!

  • Developers
  • 773 posts
  • Gender:Not Telling

Hey guys and gals,
 
Just found this article about how the Linux team discovered a vulnerability in almost all Intel CPUs. Both Windows and Linux are rolling out an update that will decrease all Intel CPUs performance by at least 17% if not up to 25%. Unsure what the macOS timeline is. It has to do with being able to inject code from mundane places by exploiting the speculative instruction feature that attempts to guess what instructions will be coming next in the pipeline to gain access to the kernel memory. There is no security check when this happens apparently and seems like a pretty big deal as the problem appears not to be able to be fixed in hardware at all as Intel says the issue cannot be fixed with a microcode update.
 
https://www.theregis...pu_design_flaw/
 
EDIT: This is one of my favorite lines:

At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka F UCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.

 

EDIT2: The scale of this is immense, looks like half the worlds computers might have this vulnerability. They literally have to update the entire Azure, AWS, and GCE clouds because of this.
EDIT3: This can be used to cause a virtual machine to bypass the hypervisor mode of the CPU and gain access to the kernel mode of the host machine!!! OMG this is a very very bad vulnerability.
EDIT4: I also see reports that some older Intel CPUs may take a performance hit of 30% or more.

EDIT5: The performance hit depends on the IPC of the CPU, the presence of CPID feature, and the amount of instructions supported by the CPU since the more instructions, the more the speculative instruction feature includes exceptions/undocumented instructions that can be exploited.

EDIT6: For reference, IPC for specific CPUs models.



#2
magnifico

magnifico

    The Special One

  • Donators
  • 3,528 posts
  • Gender:Male

on mac ?



#3
Allan

Allan

    V.I.P. Member

  • Supervisors
  • 11,574 posts
  • Gender:Male

post-112217-0-77233100-1404913187.gif



#4
apianti

apianti

    I have dementia!

  • Developers
  • 773 posts
  • Gender:Not Telling

on mac ?

 

Yes. It is a vulnerability in Intel CPUs themselves. I've found other sources that have said almost every Intel CPU in the past 12 years has this vulnerability - across families and models. Although some newer generations have models that have a feature, PCID (Process-Context IDentifiers), that unintentionally mitigates this is partially so it won't take as much of a performance hit but still affected.



#5
maxb2000

maxb2000

    InsanelyMac Protégé

  • Members
  • PipPip
  • 68 posts
  • Gender:Male
  • Location:Romania

Yes. It is a vulnerability in Intel CPUs themselves. I've found other sources that have said almost every Intel CPU in the past 12 years has this vulnerability - across families and models. Although some newer generations have models that have a feature, PCID (Process-Context IDentifiers), that unintentionally mitigates this is partially so it won't take as much of a performance hit but still affected.

 

I was thinking about microcode patch but it seems that the patch needs to be done in the kernel. My question is: will Amazon, Google or Microsoft increase the prices for their VM or services for the reduced performance ?



#6
Gigamaxx

Gigamaxx

    InsanelyMac Legend

  • Donators
  • 1,038 posts
  • Gender:Male
I hope it doesn't kill our AMD kernel programs if they make it completely invisible. I wonder if they haven't known about this for awhile with the new immutable kernel in High Sierra prelinkedkernel folder?

#7
fabiosun

fabiosun

    InsanelyMac Deity

  • Members
  • PipPipPipPipPipPipPipPipPipPip
  • 1,709 posts
  • Gender:Male

Hi apianti.. I told you about something related to Intel Xeon V3 in clover general discussion

:-)

with a sort of microcode hack (deleting it) is it possible to unlock all turbo core in xeon...


https://forums.anand...-xeons.2496647/

 

http://www.xtremesys...to-unlock-Turbo



#8
magnifico

magnifico

    The Special One

  • Donators
  • 3,528 posts
  • Gender:Male

 

EDIT6: For reference, IPC for specific CPUs models.

and how can I tell if mine is in the black list too? :blowup:



#9
Hervé

Hervé

    InsanelyMacaholic

  • Members
  • PipPipPipPipPipPipPipPipPipPipPip
  • 3,216 posts
  • Gender:Male
  • Location:Rennes, BZH of course!

ARRGGGHHHH !!!!

 

An Intel vulnerability that's been on the go for a decade or more... and only reported now? 

 

My God, how horrific!!! I mean, it's a trillion times worse than Godzilla or World War Z !  :shock:

 

Are we all gonna die tomorrow? In the next hour?

What? Next minute?



#10
apianti

apianti

    I have dementia!

  • Developers
  • 773 posts
  • Gender:Not Telling

I was thinking about microcode patch but it seems that the patch needs to be done in the kernel.

 

I guess the problem goes deeper than a silicon chip based error or manufacturing defect. The actual algorithm that the entire core microarchitecture uses for speculating instruction is flawed and cannot be fixed in the hardware so no microcode update. The kernel has to be completely separated from all other memory space so it causes a slow down because of the overhead of the calling/switching contexts.

 

My question is: will Amazon, Google or Microsoft increase the prices for their VM or services for the reduced performance ?

 

Who knows what they will do, but based on the past, probably.

 

I hope it doesn't kill our AMD kernel programs if they make it completely invisible. I wonder if they haven't known about this for awhile with the new immutable kernel in High Sierra prelinkedkernel folder?

 

The vulnerability has been verified since October/November of 2017. Some random guy had been saying it for a number of years though. It was deemed so critically vulnerable that it was not publicly disclosed until there was a solution in place, there is still no actual release of the attack as it could literally ruin the whole world if used maliciously. The kernel should still be open source so I don't see why it wouldn't be able to adapted for an AMD CPU just the same. I guess that AMD does not have this problem particularly but it has an x86 mode you can enable that does have this problem, there's a proposal to disable it in linux but it was denied as a feature request or something.

 

Hi apianti.. I told you about something related to Intel Xeon V3 in clover general discussion

:-)

with a sort of microcode hack (deleting it) is it possible to unlock all turbo core in xeon...


https://forums.anand...-xeons.2496647/

 

http://www.xtremesys...to-unlock-Turbo

 

That was just using a microcode update to unlock CPU features, like turbo. This is a vulnerability in the design of Intel's core microarchitecture that allows for any ring privileged executable to gain ring 0 privilege by exploiting undocumented instructions and exceptions used for speculative instruction analysis, how the processor tries to make the best decision about what to do next before it can know what it needs to do next. Totally different.

 

 

and how can I tell if mine is in the black list too? 

 

I was linking that IPC list as an approximation of how much of a hit you will take with this new separated kernel and user memory space. The lower the IPC the higher the cost so the worse performance you'll have. If you have a core microarchitecture Intel CPU then this problem almost definitely affects you, that's almost every processor made by Intel in more than a decade.

 

 

ARRGGGHHHH !!!!

 

An Intel vulnerability that's been on the go for a decade or more... and only reported now? 

 

My God, how horrific!!! I mean, it's a trillion times worse than Godzilla or World War Z !  :shock:

 

Are we all gonna die tomorrow? In the next hour?

What? Next minute?

 

There's plenty of vulnerabilities that go unnoticed for very long periods of time. That is irrelevant, when it is discovered and can be exploited then it matters. It matters even more when it basically would allow any sort of executing code to gain the highest privilege level of the CPU and do whatever it wanted. Intel is not even releasing the actual details until after the patches have been released. This is very serious. And affects so many computers across the world that I don't think you realize just how devastating it could be if a virus that acted like wannacry was able to be modified to exploit this? The whole world could literally come to a grinding halt. I think you underestimate the extent of this vulnerability. You know how many computers run on core microarchitecture???



#11
Awesome Donkey

Awesome Donkey

    InsanelyMac Geek

  • Members
  • PipPipPip
  • 134 posts
  • Gender:Male
  • Location:United States

Looks like Apple already fixed this in macOS High Sierra 10.13.2 (with more coming in 10.13.3) via "Double Map" according to Alex Ionescu.

 

https://twitter.com/...610973987831809



#12
Allan

Allan

    V.I.P. Member

  • Supervisors
  • 11,574 posts
  • Gender:Male

And some of you (10.13.2 users) has notice if your CPU's performance are slow with this update?



#13
Awesome Donkey

Awesome Donkey

    InsanelyMac Geek

  • Members
  • PipPipPip
  • 134 posts
  • Gender:Male
  • Location:United States

I'd be interested in seeing benchmarks of 10.13.1 vs 10.13.2 and 10.13.3 beta.



#14
Allan

Allan

    V.I.P. Member

  • Supervisors
  • 11,574 posts
  • Gender:Male

I'd be interested in seeing benchmarks of 10.13.1 vs 10.13.2 and 10.13.3 beta.

Sure!  :yes: 

 

Post your geekbench results guys  :lol:



#15
maxb2000

maxb2000

    InsanelyMac Protégé

  • Members
  • PipPip
  • 68 posts
  • Gender:Male
  • Location:Romania

That's on my Pentium G3220 (Geekbench dual core scores) :

 

macOS 10.13.1: 5500

macOS 10.13.2: 5558



#16
bbmatias3

bbmatias3

    InsanelyMac Legend

  • Members
  • PipPipPipPipPipPipPip
  • 558 posts
  • Gender:Male
  • Location:united states
So ryzen hackintosh is the way to go lol

#17
apianti

apianti

    I have dementia!

  • Developers
  • 773 posts
  • Gender:Not Telling

That's on my Pentium G3220 (Geekbench dual core scores) :

 

macOS 10.13.1: 5500

macOS 10.13.2: 5558

 

This is not a very good representation because that is a haswell and has PCID, so it's going to take a much smaller hit. Probably around 5%, are you sure these numbers are not the opposite? What about a series of scores from each and getting the average/deviation, that's more accurate.

 

So ryzen hackintosh is the way to go lol

 

To do more work? This vulnerability is already patched in macOS, it just causes a slow down. I'm sure you can expect this slow down in AMD CPUs as well since there will still be separate kernel and user space entirely. The slow down comes from the extra overhead of having to completely change contexts for system calls.



#18
surfinchina

surfinchina

    InsanelyMac Sage

  • Members
  • PipPipPipPipPip
  • 260 posts
  • Gender:Male
  • Location:New Zealand
  • Interests:Architecture

This is not a very good representation because that is a haswell and has PCID, so it's going to take a much smaller hit. Probably around 5%, are you sure these numbers are not the opposite? What about a series of scores from each and getting the average/deviation, that's more accurate.

 

 

To do more work? This vulnerability is already patched in macOS, it just causes a slow down. I'm sure you can expect this slow down in AMD CPUs as well since there will still be separate kernel and user space entirely. The slow down comes from the extra overhead of having to completely change contexts for system calls.

 

My 7900x

40459 on 10.12

40713 on 10.13.3

The geekbenches have been getting slowly better on 10.13, so I'm expecting that if there was a slowdown it's more than offset by the OS using my CPU better.



#19
Hervé

Hervé

    InsanelyMacaholic

  • Members
  • PipPipPipPipPipPipPipPipPipPipPip
  • 3,216 posts
  • Gender:Male
  • Location:Rennes, BZH of course!

[...]
Intel is not even releasing the actual details until after the patches have been released. This is very serious. And affects so many computers across the world that I don't think you realize just how devastating it could be if a virus that acted like wannacry was able to be modified to exploit this? The whole world could literally come to a grinding halt. I think you underestimate the extent of this vulnerability. You know how many computers run on core microarchitecture???
[...]

As I said... disaster... end of the world indeed!

But, I guess we ain't dead yet, eh?  :P



#20
Nubira

Nubira

    InsanelyMac Geek

  • Members
  • PipPipPip
  • 109 posts
If you do not update your os how are they going to be able to change anything in your computer at all? Every hackmac owner have turned autoupdate of so we should be safe from this stunt. Till now computers have been working as expected and promised and it has been fairly unusual that criminals did break in to our systems. Have they seen or do they expect these activities to rise rapidly or whats the deal here. If someone breaks in on my property it is a case for the police not for the consumer to fix.

Till now I have only updated when it was necessary like when a program I wanted or needed demanded for a newer os this will stop now. And Apples endless update loop of os x should have stopped years ago. For every one of the versions there has been at least 8 more updates! Why the hell dont they just make the stuff ready before they release it that is just stupid like making a car and forgetting the steeringwheel.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

© 2017 InsanelyMac  |   News  |   Forum  |   Downloads  |   OSx86 Wiki  |   Designed by Ed Gain  |   Logo by irfan  |   Privacy Policy