[Beowulf] Intel CPU design bug & security flaw - kernel fix imposes performance penalty

John Hearns hearnsj at googlemail.com
Wed Jan 3 00:46:52 PST 2018


Thanks Chris.  In the past there have been Intel CPU 'bugs' trumpeted, but
generally these are fixed with a microcode update.
This looks different, as it is a fundamental part of the chips architecture.
However the Register article says: "It allows normal user programs – to
discern to some extent the layout or contents of protected kernel memory
areas"

I guess the phrase "to some extent" is the vital one here. Are there any
security exploits which use this information? I guess it is inevitable that
one will be engineered now that this is known about. The question I am
really asking is should we worry about this for real world systems. And I
guess tha answer is that if the kernel developers are worried enough then
yes we should be too. Comments please.




On 3 January 2018 at 06:56, Greg Lindahl <lindahl at pbm.com> wrote:

> On Wed, Jan 03, 2018 at 02:46:07PM +1100, Christopher Samuel wrote:
>
> > There appears to be no microcode fix possible and the kernel fix will
> > incur a significant performance penalty, people are talking about in the
> > range of 5%-30% depending on the generation of the CPU. :-(
>
> The performance hit (at least for the current patches) is related to
> system calls, which HPC programs using networking gear like OmniPath
> or Infiniband don't do much of.
>
> -- greg
>
>
> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
> To change your subscription (digest mode or unsubscribe) visit
> http://www.beowulf.org/mailman/listinfo/beowulf
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.beowulf.org/pipermail/beowulf/attachments/20180103/90c561c7/attachment.html>


More information about the Beowulf mailing list