Is the fix worth the performance loss? Has anyone seen benchmarks? My friend was telling me that gaming performance seemed to be unaffected in the benchmarks he's seen. I'm not well versed in security flaws or things of that nature so I really have a limited understanding of the repercussions of this issue.
edit: found the benchmarks https://www.techspot.com/article/1554-meltdown-flaw-cpu-performance-windows/
Is the fix worth the performance loss? Has anyone seen benchmarks? My friend was telling me that gaming performance seemed to be unaffected in the benchmarks he's seen. I'm not well versed in security flaws or things of that nature so I really have a limited understanding of the repercussions of this issue.
edit: found the benchmarks https://www.techspot.com/article/1554-meltdown-flaw-cpu-performance-windows/
From the few benchmarks i've seen i haven't noticed any big performance loss. I dont think the patch will affect games as much since they dont need to access the kernel as often
From the few benchmarks i've seen i haven't noticed any big performance loss. I dont think the patch will affect games as much since they dont need to access the kernel as often
#31
Meltdown means any website with javascript could read anything, including passwords, from your RAM. Any program could obviously do the same.
Basically
https://twitter.com/misc0110/status/948706387491786752
It shouldn't affect gaming much but either way are you in a position where you can tolerate the risk? Because that thing is going to be spammed since enough people will be dumb enough to not apply the patch.
#31
Meltdown means any website with javascript could read anything, including passwords, from your RAM. Any program could obviously do the same.
Basically
https://twitter.com/misc0110/status/948706387491786752
It shouldn't affect gaming much but either way are you in a position where you can tolerate the risk? Because that thing is going to be spammed since enough people will be dumb enough to not apply the patch.
https://imgur.com/a/zYRap
So this is the power of Intel...
https://imgur.com/a/zYRap
So this is the power of Intel...
SetsulSpectre isn't really fixable on an architectural level. Even in order cores are affected if the pipeline is long enough.
Ice Lake should have taped out by now.
What is your source?
I read an article that says otherwise = in order cores can't be abused. Or is it THIS special in order core that is immune?
[quote=Setsul]
Spectre isn't really fixable on an architectural level. Even in order cores are affected if the pipeline is long enough.
Ice Lake should have taped out by now.[/quote]
What is your source?
[url=https://www.google.fr/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&uact=8&ved=0ahUKEwjMjIHa2OLYAhVDWBQKHdwnA6oQFggoMAA&url=https%3A%2F%2Fwww.raspberrypi.org%2Fblog%2Fwhy-raspberry-pi-isnt-vulnerable-to-spectre-or-meltdown%2F&usg=AOvVaw15mhepZ7h9F0-s6Sq1p2TQ]I read an article that says otherwise[/url] = in order cores can't be abused. Or is it THIS special in order core that is immune?
Source is me. I mean you could search for it but if you understand those then you understand why it's possible.
Read again.
SetsulEven in order cores are affected if the pipeline is long enough.
5 is basically the minimum length for pipelining to work properly, the A53 got 8 stages. That does not qualify as long.
Assuming some standard 2-way superscalar you have the branch and the load issueing in the same cycle. Then load-to-use-latency an AND and then the load, but that just needs to make it into the LSU because it won't be canceled, only the writeback but no one cares about that.
So if you have some piece of shit like the IBM PPE with a 21-stage pipeline where branches even go into a different pipe that is delayed for 3 cycles you just need a fast enough L1 cache and early enough bypasses and then you can make bullshit happen.
Then there are things that are completely orthogonal to being in-order like runahead execution that give you a window just as long or even longer than out of order execution.
VLIW with load hoisting and intra cycle/bundle/whatever bypassing can also be happily in-order (and usually are) and still make it easy.
Of course there is a major difference in timing but that's basically irrelevant. Instead of forcing a miss to RAM and being able to take your sweet time the data already has to be in the L1 because you've only got a few cycles at best or need it to be cycle perfect at worst. But that doesn't matter because you can just run the code twice to pull the data into the L1 first and then access it.
Realistically though if you're using an in-order core it's some sort of embedded application or similar and you're only running your own code (you probably trust that) or it's some kind of big.LITTLE arrangement where another cluster is full of out-of-order cores and you need to apply the patches anyway.
And now we proudly present stage 2:
https://skyfallattack.com/
They're actually using James Bond movie names.
Source is me. I mean you could search for it but if you understand those then you understand why it's possible.
Read again.
[quote=Setsul]Even in order cores are affected if the pipeline is long enough.[/quote]
5 is basically the minimum length for pipelining to work properly, the A53 got 8 stages. That does not qualify as long.
Assuming some standard 2-way superscalar you have the branch and the load issueing in the same cycle. Then load-to-use-latency an AND and then the load, but that just needs to make it into the LSU because it won't be canceled, only the writeback but no one cares about that.
So if you have some piece of shit like the IBM PPE with a 21-stage pipeline where branches even go into a different pipe that is delayed for 3 cycles you just need a fast enough L1 cache and early enough bypasses and then you can make bullshit happen.
Then there are things that are completely orthogonal to being in-order like runahead execution that give you a window just as long or even longer than out of order execution.
VLIW with load hoisting and intra cycle/bundle/whatever bypassing can also be happily in-order (and usually are) and still make it easy.
Of course there is a major difference in timing but that's basically irrelevant. Instead of forcing a miss to RAM and being able to take your sweet time the data already has to be in the L1 because you've only got a few cycles at best or need it to be cycle perfect at worst. But that doesn't matter because you can just run the code twice to pull the data into the L1 first and then access it.
Realistically though if you're using an in-order core it's some sort of embedded application or similar and you're only running your own code (you probably trust that) or it's some kind of big.LITTLE arrangement where another cluster is full of out-of-order cores and you need to apply the patches anyway.
And now we proudly present stage 2:
https://skyfallattack.com/
They're actually using James Bond movie names.
Ok just in case you still don't believe me:
https://developer.arm.com/products/processors/cortex-a/cortex-a8
Key features
In-order pipeline
Superscalar 13+ stage pipeline.
https://developer.arm.com/support/security-update
Cortex-A8
(Variant 1) Yes (under review) (Variant 2) Yes
Because its pipeline is this monstrosity:
http://processors.wiki.ti.com/images/0/09/Cortex-A8Pipeline.png
Ok just in case you still don't believe me:
https://developer.arm.com/products/processors/cortex-a/cortex-a8
[quote]Key features
In-order pipeline
Superscalar 13+ stage pipeline.[/quote]
https://developer.arm.com/support/security-update
[quote]Cortex-A8
(Variant 1) Yes (under review) (Variant 2) Yes[/quote]
Because its pipeline is this monstrosity:
[img]http://processors.wiki.ti.com/images/0/09/Cortex-A8Pipeline.png[/img]
Damn... are you doing anything about this personally, Setsul? Besides applying the patches. Seems like there's nothing that can be done short of disabling all online banking, deleting all emails and living an offline life, but still feels pretty bad to think that all your banking data/passwords/bitcoin could be scooped up in theory.
Damn... are you doing anything about this personally, Setsul? Besides applying the patches. Seems like there's nothing that can be done short of disabling all online banking, deleting all emails and living an offline life, but still feels pretty bad to think that all your banking data/passwords/bitcoin could be scooped up in theory.
this video by vox is good it says exactly how things work for easy understanding
https://www.youtube.com/watch?v=d1BRw32nMqg
this video by vox is good it says exactly how things work for easy understanding
[youtube]https://www.youtube.com/watch?v=d1BRw32nMqg[/youtube]
#38
Not my circus, not my monkeys.
Meltdown is fixed and the patches should already be applied if you update regularly.
Spectre patches are difficult, might not be completely safe, might lead to crashes or might simply cause massive performance issues. But you have to keep in mind that the code still needs to be executed and it needs to run while you're accessing the sensitive data. So if you're not letting some shady website run javascript (praise noscript) while you're doing your online banking then it's not really possible to exploit it unless your pc is already compromised.
JS is also getting patched.
So yes, malware and JS got a lot scarier but the same rules and precautions as before apply: Don't run untrusted programs, be careful with javascript and apply the security updates.
It's not like you were safe before if you just hoped nothing would happen.
#39
Yeah that's more or less completely wrong.
Despite what Intel claims Meltdown is not an unavoidable side effect of a feature, that's why only Intel and a handful of other CPUs are affected.
Spectre v1 is and that can't be fixed in hardware, but can easily be fixed in software.*
Spectre v2 isn't and can be fixed in hardware**, but can't be easily fixed in software.
They just mashed all 3 together.
Maybe if I'm bored I'll explain how it actually works.
Spoiler: It's not simple. The simplified explanation is still pretty complicated, otherwise it wouldn't have happened.
*The problem is guarding against a whole new class of similar-but-not-quite-the-same attacks.
**Already difficult to exploit on some hardware.
#38
Not my circus, not my monkeys.
Meltdown is fixed and the patches should already be applied if you update regularly.
Spectre patches are difficult, might not be completely safe, might lead to crashes or might simply cause massive performance issues. But you have to keep in mind that the code still needs to be executed and it needs to run while you're accessing the sensitive data. So if you're not letting some shady website run javascript (praise noscript) while you're doing your online banking then it's not really possible to exploit it unless your pc is already compromised.
JS is also getting patched.
So yes, malware and JS got a lot scarier but the same rules and precautions as before apply: Don't run untrusted programs, be careful with javascript and apply the security updates.
It's not like you were safe before if you just hoped nothing would happen.
#39
Yeah that's more or less completely wrong.
Despite what Intel claims Meltdown is not an unavoidable side effect of a feature, that's why only Intel and a handful of other CPUs are affected.
Spectre v1 is and that can't be fixed in hardware, but can easily be fixed in software.*
Spectre v2 isn't and can be fixed in hardware**, but can't be easily fixed in software.
They just mashed all 3 together.
Maybe if I'm bored I'll explain how it actually works.
Spoiler: It's not simple. The simplified explanation is still pretty complicated, otherwise it wouldn't have happened.
*The problem is guarding against a whole new class of similar-but-not-quite-the-same attacks.
**Already difficult to exploit on some hardware.
Setsul I believe you, I know you master those things, but I have trouble understanding what you're talking about, and you're not really making it easier.
What I understood :
- speculation can't go without branch prediction
- a processor being in order/out of order is a different characteristic not related to speculation
- cortex A53 is vulnerable to Spectre attacks because the processor does speculation (and does not do out of order instructions)
- my source is wrong when they write :
The lack of speculation in the ARM1176, Cortex-A7, and Cortex-A53 cores used in Raspberry Pi render us immune to attacks of the sort.
-an in order cpu does speculation in order to keep his pipeline busy (somehow)
Is that correct?
Also nobody but you is an electronics engineer/expert here so how are we supposed to read the image you posted on #37?
Setsul I believe you, I know you master those things, but I have trouble understanding what you're talking about, and you're not really making it easier.
What I understood :
- speculation can't go without branch prediction
- a processor being in order/out of order is a different characteristic not related to speculation
- cortex A53 is vulnerable to Spectre attacks because the processor does speculation (and does not do out of order instructions)
- my source is wrong when they write :
[quote]The lack of speculation in the ARM1176, Cortex-A7, and Cortex-A53 cores used in Raspberry Pi render us immune to attacks of the sort.[/quote]
-an in order cpu does speculation in order to keep his pipeline busy (somehow)
Is that correct?
Also nobody but you is an electronics engineer/expert here so how are we supposed to read the image you posted on #37?
Well about the image: You can probably read where it says "13-Stage Integer Pipeline" and "10-Stage NEON Pipeline"?
And all the complicated looking stuff beneath that?
For comparision purposes the A7/A53 pipeline:
https://cdn.arstechnica.net/2011/10/20/arma7-a7pipeline-4ea040a-intro.png
I think you get the idea now.
About the rest:
-branch prediction also automatically means speculative execution (unless you built some really weird shit).
-correct
-yes, same reason for out of order, actual cause is the speculation depth.
-yes. OoO exists mostly to allow for deeper speculation so any OoO core should be affected while inO can be shallow enough to be safe, but doesn't have to be. ARM11, A7 and A53 are safe for that reason.
-yes, so do OoO CPUs.
I'm not sure how much you know about CPUs but I guess I'll make a post explaining how Spectre and Meltdown work and for that I need to explain how CPUs work on a basic level (grossly simplified wherever possible) anyway.
Well about the image: You can probably read where it says "13-Stage Integer Pipeline" and "10-Stage NEON Pipeline"?
And all the complicated looking stuff beneath that?
For comparision purposes the A7/A53 pipeline:
[img]https://cdn.arstechnica.net/2011/10/20/arma7-a7pipeline-4ea040a-intro.png[/img]
I think you get the idea now.
About the rest:
-branch prediction also automatically means speculative execution (unless you built some really weird shit).
-correct
-yes, same reason for out of order, actual cause is the speculation depth.
-yes. OoO exists mostly to allow for deeper speculation so any OoO core should be affected while inO can be shallow enough to be safe, but doesn't have to be. ARM11, A7 and A53 are safe for that reason.
-yes, so do OoO CPUs.
I'm not sure how much you know about CPUs but I guess I'll make a post explaining how Spectre and Meltdown work and for that I need to explain how CPUs work on a basic level (grossly simplified wherever possible) anyway.
Yeah lol I could read the actual text but i had no idea how the fuck the diagram is supposed to be understood.
I'm looking forward to reading your take on the attacks for laymen like me.
Yeah lol I could read the actual text but i had no idea how the fuck the diagram is supposed to be understood.
I'm looking forward to reading your take on the attacks for laymen like me.