Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign | Pe

MC Hamster said:
As I understand it (and forgive me because it's been a long time since my Comp Sci days), it basically comes down to avoiding "wasted" CPU cycles.

Back in Ye Olden Dayes, when I was writing assembler code on SPARC boxes, you had two different registers you could send commands to be processed in the CPU. One was the command to be executed, the other was the next command to be executed. When it finished with one, it could flip them over and start working on the next while it got the other register loaded and ready to go.

The problem there arises when that next command relies on some output from the current. EG when you have "a+b=c", then "c+1=d". Assuming you know the values of a and b, then that first command is fine, but the second one is already loaded into the CPU as well, before 'c' has actually been resolved, so when it comes time to execute that, the variable is still unknown and you can't get a sensible result out of it.

Similarly, if you have some sort of control structure (eg a loop), you can inadvertently wind up pulling in the next line of code outside that loop before the system realises it needs to go back to an earlier instruction.

As a result, you need to fill your code with "nops" ('no operation') to make sure the CPU doesn't process a 'wrong' instruction.

In a multi-processor/multi-core system, that issue gets compounded, even when you're being all proper and multi-threading properly.

Out-of-order execution makes attempts to let you use some of those otherwise wasted cycles, by pulling in other instructions (that don't rely on unknown data) even if they're not really supposed to be getting calculated yet, and then re-assembling it all in the right order. This is the sort of stuff that gets stored in the processor cache.

My guess with this (and I haven't really delved right into it) is that the exploits target that cache to read registers that aren't necessarily 'owned' by the processes in question, resulting in data leaks.
Click to expand...

6gRCnAr.gif
 
Pretty sure google, amazon, etc are still going to get raped though.



At least until their lawsuits against Intel are settled.
 
o sweet pre-2013 atoms arent' affected so my tv computer won't run any shittier than it already does
 
I swear our HP Itanium servers at work are teflon dons. Just been dealing with Guard Bureau's inability to field a quality project team which they contracted out. The plan was to migrate HP U/X servers to Linux VMs along with Oracle database and WebLogic/Middleware on the application server side. Project keeps getting delayed because they underestimated Oracle's shadiness/pricing. Curious to see if this affects anything on top of it.
 
Last edited:
hard to join the contracting team with secret clearance when you're a pothead focker
 
convince the guys that can't get jobs on the quality project team that can't get fielded
 
You must log in or register to reply here.
Back
Top