by DoomHotel on 4/30/21, 10:53 PM with 189 comments
by akersten on 5/1/21, 12:48 AM
I don't know what that spells for cloud hosting providers - maybe they have to buy a lot more CPUs so every client can have their own, or commission a special "shared" SKU of CPU that doesn't have any speculative execution - but I know for me, if I have untrusted code running on my CPU, I've already lost. I could then care less about information leakage between threads.
We're going to wind up undoing the last 20 years of performance gains in the name of 'security', and it scares me.
by tester756 on 4/30/21, 11:09 PM
>"In the case of the previous Spectre attacks, developers have come up with a relatively easy way to prevent any sort of attack without a major performance penalty" for computing, Moody said. "The difference with this attack is you take a much greater performance penalty than those previous attacks."
>"Patches that disable the micro-op cache or halt speculative execution on legacy hardware would effectively roll back critical performance innovations in most modern Intel and AMD processors, and this just isn't feasible," Ren, the lead student author, said.
by londons_explore on 4/30/21, 11:10 PM
Which for old hardware will translate to "flush the micro op cache every time the address space changes".
I would guess that can be done with a microcode update and that the performance hit wont be too massive.
by CalChris on 5/1/21, 4:29 AM
I See Dead µops: Leaking Secrets via Intel/AMD Micro-Op Caches
by amluto on 5/1/21, 7:12 PM
I don’t think any new mitigations are needed.
by floatingatoll on 4/30/21, 11:20 PM
by baybal2 on 5/1/21, 12:53 AM
And you don't need to.
There is really very few uses for real multi-system vs multi-process shared systems.
Take a look on that whole "cloud" thing.
All people I knew who worked in cloud hosting tell that most system are ridiculously overprovisioned, effectively nullifying any economic justification for a shared system
by totallyabstract on 4/30/21, 11:18 PM
by iam-TJ on 4/30/21, 11:45 PM
by dataflow on 5/1/21, 12:37 AM
by ForOldHack on 5/1/21, 8:21 PM
by Causality1 on 5/1/21, 6:09 AM
by PopePompus on 4/30/21, 11:22 PM
by anthk on 5/1/21, 1:53 AM
OpenBSD disabled HT by default.
by spacemanmatt on 4/30/21, 11:20 PM
by 1cvmask on 5/1/21, 2:49 AM
"Intel's suggested defense against Spectre, which is called LFENCE, places sensitive code in a waiting area until the security checks are executed, and only then is the sensitive code allowed to execute," Venkat said. "But it turns out the walls of this waiting area have ears, which our attack exploits. We show how an attacker can smuggle secrets through the micro-op cache by using it as a covert channel."
by SG2000 on 5/14/21, 8:05 PM
If true, wouldn’t this also imply that an Intel Skylake CPU mitigates against such attempted attacks by one user against another in a shared CPU/ISP/cloud environment, whereas an AMD CPU theoretically would not? If true, this would be a key point that the authors failed to mention in their concluding remarks.
Anyone else read it this way? Or am I missing something?
by failwhaleshark on 5/1/21, 7:54 AM
The morphing of data into code pages with JITs like JS should also be subject to similar restrictions.
by ineedasername on 5/1/21, 2:54 PM
Why is this at all a thing? Why would you ever leave something out there like that without documenting its existence?
by smasher164 on 5/1/21, 4:28 AM
[1] https://en.wikipedia.org/wiki/Explicitly_parallel_instructio...
by juancn on 5/2/21, 6:05 AM
Maybe it’s time to make clocks a privileged op as a mitigation. Even making execution time non predictable on untrusted code, such as JavaScript?
If precise time keeping is unavailable these become harder to do.
by vmception on 5/3/21, 11:07 AM
And therefore M1 seems so much more faster than it otherwise would?
by Woodi on 5/1/21, 5:55 AM
by druud62 on 5/1/21, 10:21 AM