Semi-OT: Meltdown-Spectre Confusion..
It’s been said that the Meltdown/Spectre flaws affect CPU’s as far back as 1995. Which in some opinions possibly could put some of the affected processors into the ‘vintage’ range. But I’ve yet to see a comprehensive list of all processors affected. Intel released a list, but that only goes back to around 2011 or so with the branding change to “Core” and others released in the time since. I’m curious about exactly what CPU devices, regardless of manufacturer, other than those listed, that are also affected. So including ARM processors, AMD, PowerPC?, G3/4/5? that may vulnerable to those flaws. And where they got the 1995 date from, because there’s a fair number of disused processors in that timeframe as well. Anyone have any insights on this? -- Normal Person: Hey, it seems that you know a lot. Geek: To be honest, it's due to all the surfing I do. Normal Person: So you go surfing? Normal Person: But I don't think that has anything to do with knowing a lot... Geek: I think that's wrong on a fundamental level. Normal Person: Huh? Huh? What?
These flaws can be *potentially* exploited on any processor that features speculative execution. No idea as to why there is no comprehensive list of affected CPUs as of yet. On Mon, Jan 8, 2018 at 8:02 AM, Joseph Oprysko via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
It’s been said that the Meltdown/Spectre flaws affect CPU’s as far back as 1995. Which in some opinions possibly could put some of the affected processors into the ‘vintage’ range. But I’ve yet to see a comprehensive list of all processors affected. Intel released a list, but that only goes back to around 2011 or so with the branding change to “Core” and others released in the time since.
I’m curious about exactly what CPU devices, regardless of manufacturer, other than those listed, that are also affected. So including ARM processors, AMD, PowerPC?, G3/4/5? that may vulnerable to those flaws. And where they got the 1995 date from, because there’s a fair number of disused processors in that timeframe as well.
Anyone have any insights on this? -- Normal Person: Hey, it seems that you know a lot. Geek: To be honest, it's due to all the surfing I do. Normal Person: So you go surfing? Normal Person: But I don't think that has anything to do with knowing a lot... Geek: I think that's wrong on a fundamental level. Normal Person: Huh? Huh? What?
It's a combo of the OS-patched vs non-OS-patched CPU. If you're still running a Windows 2003 server in production or you use Windows XP I'd say now is the time to upgrade. Modern CPU machines with modern OS versions are less likely to have issues. Perhaps Rasp Pis running DNS servers with specialty builds of Debian which are not patched and supported other than the snapshot they were taken and stuff like that are vulnerable. That's why for my PDP 8i I used the latest Debian rather than Wheezy that one could download from the PiDP8 web site image. The Pocket CHIP maybe vulnerable too, depending what you're running on it. As far as on-topic CPUs ... they're long-ago vulnerable to many things. Take a number. Bill On Mon, Jan 8, 2018 at 8:18 AM, Dean Notarnicola via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
These flaws can be *potentially* exploited on any processor that features speculative execution. No idea as to why there is no comprehensive list of affected CPUs as of yet.
On Mon, Jan 8, 2018 at 8:02 AM, Joseph Oprysko via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
It’s been said that the Meltdown/Spectre flaws affect CPU’s as far back as 1995. Which in some opinions possibly could put some of the affected processors into the ‘vintage’ range. But I’ve yet to see a comprehensive list of all processors affected. Intel released a list, but that only goes back to around 2011 or so with the branding change to “Core” and others released in the time since.
I’m curious about exactly what CPU devices, regardless of manufacturer, other than those listed, that are also affected. So including ARM processors, AMD, PowerPC?, G3/4/5? that may vulnerable to those flaws. And where they got the 1995 date from, because there’s a fair number of disused processors in that timeframe as well.
Anyone have any insights on this? -- Normal Person: Hey, it seems that you know a lot. Geek: To be honest, it's due to all the surfing I do. Normal Person: So you go surfing? Normal Person: But I don't think that has anything to do with knowing a lot... Geek: I think that's wrong on a fundamental level. Normal Person: Huh? Huh? What?
Bill, Spectre in particular is not something that can be patched in the OS easily. There are workarounds, like decreasing JavaScript engines' timer resolution to make the attack impractical from browser-based JS. Dave, I've read that Alpha and Itanium support per-entry tagging in the TLB which can help totally mitigate Spectre on those platforms, if the OS takes advantage of it. I suspect that since SPARC64 and MIPS can run with a software TLB manager, they can also be corrected. Thanks, Jonathan On Mon, Jan 8, 2018 at 8:33 AM, william degnan via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
It's a combo of the OS-patched vs non-OS-patched CPU. If you're still running a Windows 2003 server in production or you use Windows XP I'd say now is the time to upgrade. Modern CPU machines with modern OS versions are less likely to have issues. Perhaps Rasp Pis running DNS servers with specialty builds of Debian which are not patched and supported other than the snapshot they were taken and stuff like that are vulnerable. That's why for my PDP 8i I used the latest Debian rather than Wheezy that one could download from the PiDP8 web site image. The Pocket CHIP maybe vulnerable too, depending what you're running on it.
As far as on-topic CPUs ... they're long-ago vulnerable to many things. Take a number.
Bill
On Mon, Jan 8, 2018 at 8:18 AM, Dean Notarnicola via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
These flaws can be *potentially* exploited on any processor that features speculative execution. No idea as to why there is no comprehensive list of affected CPUs as of yet.
On Mon, Jan 8, 2018 at 8:02 AM, Joseph Oprysko via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
It’s been said that the Meltdown/Spectre flaws affect CPU’s as far back as 1995. Which in some opinions possibly could put some of the affected processors into the ‘vintage’ range. But I’ve yet to see a comprehensive list of all processors affected. Intel released a list, but that only goes back to around 2011 or so with the branding change to “Core” and others released in the time since.
I’m curious about exactly what CPU devices, regardless of manufacturer, other than those listed, that are also affected. So including ARM processors, AMD, PowerPC?, G3/4/5? that may vulnerable to those flaws. And where they got the 1995 date from, because there’s a fair number of disused processors in that timeframe as well.
Anyone have any insights on this? -- Normal Person: Hey, it seems that you know a lot. Geek: To be honest, it's due to all the surfing I do. Normal Person: So you go surfing? Normal Person: But I don't think that has anything to do with knowing a lot... Geek: I think that's wrong on a fundamental level. Normal Person: Huh? Huh? What?
I am generalizing "Specter/Meltdown" as a joined topic. Meltdown is what I was talking about. In fact was doing some testing with the servers I support following the various guidelines that I found out there. I was looking for a sample javascript to use for testing Spectre vulnerability in Firefox. Found one, then got side-tracked by a loss of heat this weekend here at home. Finally back to normal. Resuming my work this week. Patching browsers is key too, should have mentioned this, updating java, etc. I remember a different yet same thing came up a few years ago with java. Assume "we are all doomed" attitude when using the bigger website services is the conservative attitude to take. Also the days thinking Linux and Apple are safer than Microsoft is not really a good assumption to make anymore. On Mon, Jan 8, 2018 at 8:36 AM, systems_glitch via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
Bill,
Spectre in particular is not something that can be patched in the OS easily. There are workarounds, like decreasing JavaScript engines' timer resolution to make the attack impractical from browser-based JS.
Dave,
I've read that Alpha and Itanium support per-entry tagging in the TLB which can help totally mitigate Spectre on those platforms, if the OS takes advantage of it. I suspect that since SPARC64 and MIPS can run with a software TLB manager, they can also be corrected.
Thanks, Jonathan
On Mon, Jan 8, 2018 at 8:33 AM, william degnan via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
It's a combo of the OS-patched vs non-OS-patched CPU. If you're still running a Windows 2003 server in production or you use Windows XP I'd say now is the time to upgrade. Modern CPU machines with modern OS versions are less likely to have issues. Perhaps Rasp Pis running DNS servers with specialty builds of Debian which are not patched and supported other than the snapshot they were taken and stuff like that are vulnerable. That's why for my PDP 8i I used the latest Debian rather than Wheezy that one could download from the PiDP8 web site image. The Pocket CHIP maybe vulnerable too, depending what you're running on it.
As far as on-topic CPUs ... they're long-ago vulnerable to many things. Take a number.
Bill
On Mon, Jan 8, 2018 at 8:18 AM, Dean Notarnicola via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
These flaws can be *potentially* exploited on any processor that features speculative execution. No idea as to why there is no comprehensive list of affected CPUs as of yet.
On Mon, Jan 8, 2018 at 8:02 AM, Joseph Oprysko via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
It’s been said that the Meltdown/Spectre flaws affect CPU’s as far back as 1995. Which in some opinions possibly could put some of the affected processors into the ‘vintage’ range. But I’ve yet to see a comprehensive list of all processors affected. Intel released a list, but that only goes back to around 2011 or so with the branding change to “Core” and others released in the time since.
I’m curious about exactly what CPU devices, regardless of manufacturer, other than those listed, that are also affected. So including ARM processors, AMD, PowerPC?, G3/4/5? that may vulnerable to those flaws. And where they got the 1995 date from, because there’s a fair number of disused processors in that timeframe as well.
Anyone have any insights on this? -- Normal Person: Hey, it seems that you know a lot. Geek: To be honest, it's due to all the surfing I do. Normal Person: So you go surfing? Normal Person: But I don't think that has anything to do with knowing a lot... Geek: I think that's wrong on a fundamental level. Normal Person: Huh? Huh? What?
Read through the comments thread on this gist: https://gist.github.com/ErikAugust/724d4a969fb2c6ae1bbd7b2a9e3d4bb6 It's specifically testing Spectre, which has wider affects across CPUs and will be harder to fix. In the thread, there's someone who has it going on PowerPC. There are a number of older CPUs being tested in that thread, I think when I went through it yesterday someone had already tested a P2 or P3 and found it to be vulnerable. If I have time this week, I'll bring up a SPARC64 and an Alpha and see if I can get the PoC code running. Thanks, Jonathan On Mon, Jan 8, 2018 at 8:18 AM, Dean Notarnicola via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
These flaws can be *potentially* exploited on any processor that features speculative execution. No idea as to why there is no comprehensive list of affected CPUs as of yet.
On Mon, Jan 8, 2018 at 8:02 AM, Joseph Oprysko via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
It’s been said that the Meltdown/Spectre flaws affect CPU’s as far back as 1995. Which in some opinions possibly could put some of the affected processors into the ‘vintage’ range. But I’ve yet to see a comprehensive list of all processors affected. Intel released a list, but that only goes back to around 2011 or so with the branding change to “Core” and others released in the time since.
I’m curious about exactly what CPU devices, regardless of manufacturer, other than those listed, that are also affected. So including ARM processors, AMD, PowerPC?, G3/4/5? that may vulnerable to those flaws. And where they got the 1995 date from, because there’s a fair number of disused processors in that timeframe as well.
Anyone have any insights on this? -- Normal Person: Hey, it seems that you know a lot. Geek: To be honest, it's due to all the surfing I do. Normal Person: So you go surfing? Normal Person: But I don't think that has anything to do with knowing a lot... Geek: I think that's wrong on a fundamental level. Normal Person: Huh? Huh? What?
On Jan 8, 2018, at 08:18, Dean Notarnicola via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
These flaws can be *potentially* exploited on any processor that features speculative execution. No idea as to why there is no comprehensive list of affected CPUs as of yet.
Probably because a comprehensive list would be impossibly long. Anything that does speculative execution combined with caching is likely to be vulnerable. I misspoke a bit ago; branch prediction does not inherently imply speculative execution, but it does imply speculative prefetching. There's some interesting explanatory material on why the ARM11 and Cortex-A7/A53 as used in the Raspberry Pi series are not vulnerable, for example: https://www.raspberrypi.org/blog/why-raspberry-pi-isnt-vulnerable-to-spectre...
That's a great article, thanks for posting it. Interesting note: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
From this article, The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka FUCKWIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.
On Mon, Jan 8, 2018 at 9:28 AM, David Riley via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
On Jan 8, 2018, at 08:18, Dean Notarnicola via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
These flaws can be *potentially* exploited on any processor that features speculative execution. No idea as to why there is no comprehensive list
of
affected CPUs as of yet.
Probably because a comprehensive list would be impossibly long. Anything that does speculative execution combined with caching is likely to be vulnerable.
I misspoke a bit ago; branch prediction does not inherently imply speculative execution, but it does imply speculative prefetching. There's some interesting explanatory material on why the ARM11 and Cortex-A7/A53 as used in the Raspberry Pi series are not vulnerable, for example:
https://www.raspberrypi.org/blog/why-raspberry-pi-isnt- vulnerable-to-spectre-or-meltdown/
On Jan 8, 2018, at 08:02, Joseph Oprysko via vcf-midatlantic <vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
It’s been said that the Meltdown/Spectre flaws affect CPU’s as far back as 1995. Which in some opinions possibly could put some of the affected processors into the ‘vintage’ range. But I’ve yet to see a comprehensive list of all processors affected. Intel released a list, but that only goes back to around 2011 or so with the branding change to “Core” and others released in the time since.
I’m curious about exactly what CPU devices, regardless of manufacturer, other than those listed, that are also affected. So including ARM processors, AMD, PowerPC?, G3/4/5? that may vulnerable to those flaws. And where they got the 1995 date from, because there’s a fair number of disused processors in that timeframe as well.
Anyone have any insights on this?
On x86, it's P6 and later, which means back to the Pentium Pro. Not sure when AMD started doing speculative execution; would expect around the K6 or so. As for other architectures, I would expect the high end ones (SPARC, MIPS, Alpha and PPC) around that time to be included. Really, anything that performs branch prediction (which I know includes all PowerPCs) is by definition engaging in speculative execution, and I'd be quite surprised if any of them that far back were smart enough not to commit the speculatively fetched data to cache or TLBs, which is the main issue here. That's a lot of logic and buffer space on a CPU. - Dave
The P6 / Pentium Pro did indeed have speculative execution, but branch prediction was used on CPUs far earlier than this. The difference between branch and speculative is that speculative actually fully executes the alternative instruction, where branch prediction simply prepares the core for execution. IMO - Branch prediction alone shouldn't make a CPU vulnerable to meltdown. Now fair warning - I'm far from a CPU architect, so if someone has information to the contrary, I'd be very happy to hear the detail. Thanks, John On Mon, Jan 8, 2018 at 8:28 AM, David Riley via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
On x86, it's P6 and later, which means back to the Pentium Pro. Not sure when AMD started doing speculative execution; would expect around the K6 or so.
As for other architectures, I would expect the high end ones (SPARC, MIPS, Alpha and PPC) around that time to be included. Really, anything that performs branch prediction (which I know includes all PowerPCs) is by definition engaging in speculative execution, and I'd be quite surprised if any of them that far back were smart enough not to commit the speculatively fetched data to cache or TLBs, which is the main issue here. That's a lot of logic and buffer space on a CPU.
- Dave
On 1/14/2018 9:01 AM, John Heritage via vcf-midatlantic wrote:
The P6 / Pentium Pro did indeed have speculative execution, but branch prediction was used on CPUs far earlier than this. The difference between branch and speculative is that speculative actually fully executes the alternative instruction, where branch prediction simply prepares the core for execution.
IMO - Branch prediction alone shouldn't make a CPU vulnerable to meltdown.
Now fair warning - I'm far from a CPU architect, so if someone has information to the contrary, I'd be very happy to hear the detail.
Thanks, John
On Mon, Jan 8, 2018 at 8:28 AM, David Riley via vcf-midatlantic < vcf-midatlantic@lists.vintagecomputerfederation.org> wrote:
On x86, it's P6 and later, which means back to the Pentium Pro. Not sure when AMD started doing speculative execution; would expect around the K6 or so.
As for other architectures, I would expect the high end ones (SPARC, MIPS, Alpha and PPC) around that time to be included. Really, anything that performs branch prediction (which I know includes all PowerPCs) is by definition engaging in speculative execution, and I'd be quite surprised if any of them that far back were smart enough not to commit the speculatively fetched data to cache or TLBs, which is the main issue here. That's a lot of logic and buffer space on a CPU.
- Dave
IMO - Branch prediction alone shouldn't make a CPU vulnerable to meltdown. I'm no expert either but that makes sense to me too. From what I read its that the speculative execution doesn't apply all the protections that the unspeculative execution does.
participants (8)
-
David Riley -
Dean Notarnicola -
Douglas Crawford -
Drew Notarnicola -
John Heritage -
Joseph Oprysko -
systems_glitch -
william degnan