Hardware Intel Silicon Vulnrability

Giodude

GBAtemp's official rock
OP
Member
Joined
May 17, 2015
Messages
5,093
Trophies
1
Age
22
Location
New York
XP
2,721
Country
United States
Just a PSA about the new security flaw in Intel cpus. Apparently it let's most programs and websites to access the cpu's kernel memory, essentially leaking important info to whoever wants it. A patch is apparently coming soon, but it will be far from ideal. It will most likely slow down most computers from 5-30 percent depending on the program, which is a staggering number. This article goes more in depth about it, but I wanted people to be aware. Comment if I should reword this in any way.

Article: https://www.google.com/amp/s/gizmod...cessors-made-in-the-last-decade-mi-1821728240
 
  • Like
Reactions: NutymcNuty

gudenau

Largely ignored
Member
Joined
Jul 7, 2010
Messages
3,834
Trophies
2
Location
/dev/random
Website
www.gudenau.net
XP
4,273
Country
United States
Recently a ten year old bug in Intel CPUs has been discovered. It is major enough that Linux, Windows and Mac OSX will need to change how they work to fix it, this fix will also slow the computers down by an estimated 20%.

malware_45656768.jpg

What do we know now?
  • All Intel modern Intel CPUs effected
  • Appears to allow arbitrary memory reads
  • Microcode updates can not fix it
  • AMD and ARM have similar issues! (They all work on the dame principals)

How does this work?
As far as I can tell this allows you to read an arbitrary address in the virtual memory map with a broken Intel pipeline optimization. It reads some memory and does not check the permissions correctly. This allows for an attacker to read any address in the current address space, in theory anything from a webpage to a assembly program could abuse this. This is bad because it would allow for Kernel Address Space Layout Randomization (KASLR) to be bypassed. With this you could then attack the kernel, read sensitive data like passwords and cached data you should not be able to access like read protected files in the worst case.​

How is this fixed in software?
The kernels need to be redesigned to use Forcefully Unmap Complete Kernel With Interrupt Trampolines (FUCKWIT). This means that every time you need to call into the kernel; this means things like file operations, network operations, talking with devices, creating processes, memory management, etc., the address space needs to be changed. This has a lot of overhead, it requires the kernel to be in two parts. The first is the kernel proper; basically how it is now, and a version that gets mapped into userland that switches to the kernel memory map. This causes more interrupts and more memory access, as well as potentially flushing important data out of the CPU cache.​

Sources:

I welcome corrections and additions!
 
Last edited by gudenau,

_v3

Well-Known Member
Member
Joined
Oct 12, 2013
Messages
692
Trophies
0
Age
29
XP
2,242
Country
Croatia
I read this up this morning, AMD is probably popping champagne bottles open right about now.

EDIT: Non-gaming performance is expected to drop anywhere between 20 to 60% when the patch is rolled out
 
Last edited by _v3,

gudenau

Largely ignored
Member
Joined
Jul 7, 2010
Messages
3,834
Trophies
2
Location
/dev/random
Website
www.gudenau.net
XP
4,273
Country
United States
I read this up this morning, AMD is probably popping champagne bottles open right about now.

EDIT: Non-gaming performance is expected to drop anywhere between 20 to 60% when the patch is rolled out

I don't see why games would be uneffected, they need to call into the kernel a lot for GPU access.

--------------------- MERGED ---------------------------

There's NO way "FUCKWIT" is a real acronym.

Someone in the engineering department needs to be fired
It's an annoying thing to implement and it degrades performance. Sounds like a valid computer science acronym to me.
 
  • Like
Reactions: TotalInsanity4

Tom Bombadildo

Dick, With Balls
Editorial Team
Joined
Jul 11, 2009
Messages
14,440
Trophies
2
Age
28
Location
I forgot
Website
POCKET.LIKEITS
XP
18,235
Country
United States
The actual performance hit for the average consumer isn't as high as a lot of people are making it out to be, it's only for things that make a ton of syscalls, which is more pure mass calculation based processing (something no "normal" consumer does)than some web browsing and PC gaming.

For the average consumer, the performance hit will be more than likely 5-6%, which isn't as bad and probably won't be as noticeable, but still pretty shitty.

I don't see why games would be uneffected, they need to call into the kernel a lot for GPU access.
Gaming appears to be nearly completely unaffected, as noted by benchmarking tests with various games on Linux.
 
Last edited by Tom Bombadildo,

gudenau

Largely ignored
Member
Joined
Jul 7, 2010
Messages
3,834
Trophies
2
Location
/dev/random
Website
www.gudenau.net
XP
4,273
Country
United States
The actual performance hit for the average consumer isn't as high as a lot of people are making it out to be, it's only for things that make a ton of syscalls, which is more pure mass calculation based processing (something no "normal" consumer does)than some web browsing and PC gaming.

For the average consumer, the performance hit will be more than likely 5-6%, which isn't as bad and probably won't be as noticeable, but still pretty shitty.


Gaming appears to be nearly completely unaffected, as noted by benchmarking tests with various games on Linux.

That's crazy, probably better to wait for Windows numbers because that's what most people use.

--------------------- MERGED ---------------------------

I was just about to buy an i7-7700k... looks like I may go the amd route instead.
It looks like the kernels will use FUCKWIT on AMD as well.
 

fille

Well-Known Member
Member
Joined
Mar 28, 2014
Messages
471
Trophies
0
Age
46
Location
somewhere
XP
526
Country
Belgium
i'm not happy with it.
I buyed an intel cpu with the performance i needed after reading test and reviews.
Now 1.5 year later it seems they have a big problem,and my cpu degrades after the patch in performance,REALLY???
I don't care for their explanation,i have a cpu that looses much performance because of them.
 

Tom Bombadildo

Dick, With Balls
Editorial Team
Joined
Jul 11, 2009
Messages
14,440
Trophies
2
Age
28
Location
I forgot
Website
POCKET.LIKEITS
XP
18,235
Country
United States
That's crazy, probably better to wait for Windows numbers because that's what most people use.
True, however I don't expect there to be any significant difference with Windows vs Linux. People kinda forget that, for a majority of PC gaming, the CPU isn't being used anywhere near enough to their full potential for there to be a significant performance hit with an issue like this. This really will only affect things like hardcore networking, high end compression, science models/simulations, various media editing things that actually require a huge amount of CPU power, but not so much gaming.

Some newer emulators, on the other hand, I'm not so sure about. RPCS3 and Cemu might see a worse hit performance wise than any actual PC game, but I still don't expect it to be anywhere near as high as the 20-30% expected decrease, if anything it'll still be in the single digits, or maybe low 10s
 

gudenau

Largely ignored
Member
Joined
Jul 7, 2010
Messages
3,834
Trophies
2
Location
/dev/random
Website
www.gudenau.net
XP
4,273
Country
United States
i'm not happy with it.
I buyed an intel cpu with the performance i needed after reading test and reviews.
Now 1.5 year later it seems they have a big problem,and my cpu degrades after the patch in performance,REALLY???
I don't care for their explanation,i have a cpu that looses much performance because of them.
The CPU has the same performance, the kernel has more overhead which slows things down.

--------------------- MERGED ---------------------------

True, however I don't expect there to be any significant difference with Windows vs Linux. People kinda forget that, for a majority of PC gaming, the CPU isn't being used anywhere near enough to their full potential for there to be a significant performance hit with an issue like this. This really will only affect things like hardcore networking, high end compression, science models/simulations, various media editing things that actually require a huge amount of CPU power, but not so much gaming.

Some newer emulators, on the other hand, I'm not so sure about. RPCS3 and Cemu might see a worse hit performance wise than any actual PC game, but I still don't expect it to be anywhere near as high as the 20-30% expected decrease, if anything it'll still be in the single digits, or maybe low 10s

When I play video games my CPU is hit pretty hard.

Might be because of my mods, but the CPU is the bottleneck in my computer.

--------------------- MERGED ---------------------------

Okay, how did @Giodude post before the OP? 0.o
 
  • Like
Reactions: Giodude

Giodude

GBAtemp's official rock
OP
Member
Joined
May 17, 2015
Messages
5,093
Trophies
1
Age
22
Location
New York
XP
2,721
Country
United States
The CPU has the same performance, the kernel has more overhead which slows things down.

--------------------- MERGED ---------------------------



When I play video games my CPU is hit pretty hard.

Might be because of my mods, but the CPU is the bottleneck in my computer.

--------------------- MERGED ---------------------------

Okay, how did @Giodude post before the OP? 0.o
I am the OP. The thread was changed to fit more up to date info.
 

Giodude

GBAtemp's official rock
OP
Member
Joined
May 17, 2015
Messages
5,093
Trophies
1
Age
22
Location
New York
XP
2,721
Country
United States
But I am the OP, I made the thread a half hour ago. I am confused.
Odd. I made a thread that was called something along the lines of "intel cpus have a major exploit" or something like that. It went a tad bit in depth but not as much as your description. Next thing i know the thread is renamed intel-silicon-vulnrability, it's in the computer hardware section vs the general discussion, and your post is directly under mine. Im still labeled OP on my screen though. Are you still the OP on your end? Maybe they were combined?
 
Last edited by Giodude,

Tom Bombadildo

Dick, With Balls
Editorial Team
Joined
Jul 11, 2009
Messages
14,440
Trophies
2
Age
28
Location
I forgot
Website
POCKET.LIKEITS
XP
18,235
Country
United States
When I play video games my CPU is hit pretty hard.

Might be because of my mods, but the CPU is the bottleneck in my computer.
And what CPU do you have? I can almost guarantee your CPU isn't even remotely being used at it's max performance. Remember, most games are using at max maybe 2, 3 cores for actual performance (assuming the game was developed in the last 5 years), they're not exactly "super insane hardcore CPU intensive" programs, not even remotely close to things like video encoding, 3D models and simulations, etc etc.

But I am the OP, I made the thread a half hour ago. I am confused.
The thread was merged, likely by the mods.
 
  • Like
Reactions: Giodude

gudenau

Largely ignored
Member
Joined
Jul 7, 2010
Messages
3,834
Trophies
2
Location
/dev/random
Website
www.gudenau.net
XP
4,273
Country
United States
Odd. I made a thread that was called something along the lines of "intel cpus have a major exploit" or something like that. It went a tad bit in depth but not as much as your description. Next thing i know the thread is renamed intel-silicon-vulnrability and your post is directly under mine. Im still labeled OP on my screen though. Are you still the OP on your end?
Not anymore...

Guess I just can not have anything nice on here.
 

gudenau

Largely ignored
Member
Joined
Jul 7, 2010
Messages
3,834
Trophies
2
Location
/dev/random
Website
www.gudenau.net
XP
4,273
Country
United States
And what CPU do you have? I can almost guarantee your CPU isn't even remotely being used at it's max performance. Remember, most games are using at max maybe 2, 3 cores for actual performance (assuming the game was developed in the last 5 years), they're not exactly "super insane hardcore CPU intensive" programs, not even remotely close to things like video encoding, 3D models and simulations, etc etc.


The thread was merged, likely by the mods.

Some quad core that I set to be like 4GHz IIRC, five years old. But I only just get 60FPS in Minecraft when I make a new world on a GTX 960.

Edit:
Sucks that this is basically not my thread now. :-/
 

You may also like...

General chit-chat
Help Users
  • No one is chatting at the moment.
  • Shape @ Shape:
    Neither do the mechs of mech warrior 2. Much better game.
  • K3N1 @ K3N1:
    People would say different if cod Gundam was a thing
    +1
  • Shape @ Shape:
    Omg do you know how much money I would spend if that was a thing? Especially if you get to assemble the gundams somewhat like those old model toy kits. The answer is zero dollars. I would spend zero dollars. It would still be so good, though.
  • K3N1 @ K3N1:
    Liar
    +1
  • Shape @ Shape:
    $118.49
  • x65943 @ x65943:
    I bought 1-2 switch, imagine my pain
    +2
  • x65943 @ x65943:
    for full price at launch
    +2
  • Shape @ Shape:
    Full price at launch for full exploitability without modchips. Or so I hear.
    +1
  • K3N1 @ K3N1:
    You should like buy a 3rd one and ship it to my address
  • x65943 @ x65943:
    No no lads, the game called 1-2 switch
    +1
  • x65943 @ x65943:
    Where you feel the controller vibrate and guess how many virtual ice cubes are inside of it
    +2
  • K3N1 @ K3N1:
    You should still buy me a switch so I don't have to pay for it
  • The Real Jdbye @ The Real Jdbye:
    best game on the switch amirite
  • The Real Jdbye @ The Real Jdbye:
    i just saw a video yesterday that mentioned how it's a good thing 1-2-switch wasn't a pack in title because it would've made everyone lose faith in the switch immediately and they might have a point
    +1
  • Sonic Angel Knight @ Sonic Angel Knight:
    It was this one, The "video" Jdbye watched this one. :P
  • K3N1 @ K3N1:
    What no The Real video Jdbye?
  • M4x1mumReZ @ M4x1mumReZ:
    @Shape, Quake is great.
    +1
  • Sonic Angel Knight @ Sonic Angel Knight:
    QUAKER OATS! :P
    +1
  • K3N1 @ K3N1:
    Remember to eat your oats
    +1
  • Shape @ Shape:
    I prefer to nuke my oats. At quake.
    +1
  • M4x1mumReZ @ M4x1mumReZ:
    @K3N1, Remember to also eat your greens.
    M4x1mumReZ @ M4x1mumReZ: @K3N1, Remember to also eat your greens.