• Apgrejdovali smo forum na XenForo 2.1.1, ukoliko imate predloga vezanih za izgled ili funkcionalnost foruma, ili ukoliko naletite na neki problem, javite nam OVDE

    DEFINISALI SMO PRAVILA FORUMA. Pročitajte ih, pojaviće se automatski kada krenete da čitate nešto!

Intelov "TLB"

Sam633

PCAXE Addicted
Učlanjen(a)
13.11.2012.
Poruka
1.285
Rezultat reagovanja
26
Moja konfiguracija

SlavenK

PCAXE Member
Učlanjen(a)
11.04.2012.
Poruka
896
Rezultat reagovanja
334
Moja konfiguracija
CPU & cooler:
Intel Core i7-8700k
Motherboard:
ASUS ROG-STRIX-B360-F-GAMING
RAM:
G.SKILL 16GB Trident Z DDR4 3000MHz
VGA & cooler:
GIGABYTE GTX 1070Ti 8G
Display:
DELL Alienware AW2518HF 240hz
HDD:
Samsung EVO 860 250gb, WDC WD3200AAJS-00L7A0, Seagate Expansion 1TB
Sound:
Microlab FC330/ HyperX Cloud Alpha Pro
Case:
NZXT H440 PURPLE&WHITE
PSU:
Cooler Master: V850
Optical drives:
/
Mice & keyboard:
Gladious Model O & HyperX Elite Alloy RGB
Internet:
Telekom Srbija 50/8
OS & Browser:
Windows 10 Pro 64bit, Google Chrome
Other:
PS4; Huawei P30 Pro;
Ne vredi, moram da pređem na amd
 

MasterBlaster

PCAXE Member
Učlanjen(a)
21.12.2015.
Poruka
238
Rezultat reagovanja
75
Moja konfiguracija
PC / Laptop Name:
Night Silence
CPU & cooler:
Ryzen 2600 / Lc cc 120 rgb
Motherboard:
Msi B450 Tomahawk
RAM:
G.SKILL 16GB Ripjaws V DDR4 3200MHz CL16
VGA & cooler:
Msi 1060 gaming x 6gb
Display:
lg/24mp59g-p
HDD:
SAMSUNG-860-EVO-500GB / wd blue 1tb
Case:
Ms Black Widow
PSU:
Seasonic Focus Plus Gold 550w
Mice & keyboard:
Bloody Combo
Internet:
12/2 uzas
OS & Browser:
Windows 10 Professional 64bit / Firefox
Da li neko zna da li ovaj bug utice na gaming performanse ? I da li utice na starije intel procesore ? Moj drug ima Intelov procesor pa ga zanima ? Nije novije generacije tako da... Ima li sanse da ga ovo zaobidje ? Posto ce sigurno da skine update kad ga budu izbacili ,nebi se igrao sa privatnoscu !
 

Sam633

PCAXE Addicted
Učlanjen(a)
13.11.2012.
Poruka
1.285
Rezultat reagovanja
26
Moja konfiguracija
LKML: Linus Torvalds: Re: Avoid speculative indirect calls in kernel

From Linus Torvalds <>
Date Wed, 3 Jan 2018 15:51:35 -0800
Subject Re: Avoid speculative indirect calls in kernel

On Wed, Jan 3, 2018 at 3:09 PM, Andi Kleen <[email protected]> wrote:
> This is a fix for Variant 2 in
> Project Zero: Reading privileged memory with a side-channel
>
> Any speculative indirect calls in the kernel can be tricked
> to execute any kernel code, which may allow side channel
> attacks that can leak arbitrary kernel data.

Why is this all done without any configuration options?

A *competent* CPU engineer would fix this by making sure speculation
doesn't happen across protection domains. Maybe even a L1 I$ that is
keyed by CPL.

I think somebody inside of Intel needs to really take a long hard look
at their CPU's, and actually admit that they have issues instead of
writing PR blurbs that say that everything works as designed.

.. and that really means that all these mitigation patches should be
written with "not all CPU's are crap" in mind.

Or is Intel basically saying "we are committed to selling you shit
forever and ever, and never fixing anything"?

Because if that's the case, maybe we should start looking towards the
ARM64 people more.

Please talk to management. Because I really see exactly two possibibilities:

- Intel never intends to fix anything

OR

- these workarounds should have a way to disable them.

Which of the two is it?

Linus
https://s21.q4cdn.com/600692695/files/doc_presentations/2018/Side-Channel-Analysis-Security.pdf

NOT a result of product errata; processors are operating to specification
Mitigations include updates to system software, firmware and future hardware
 

Sam633

PCAXE Addicted
Učlanjen(a)
13.11.2012.
Poruka
1.285
Rezultat reagovanja
26
Moja konfiguracija
Intel® Product Security Center INTEL-SA-00088

  • Intel® Core™ i3 processor (45nm and 32nm)
  • Intel® Core™ i5 processor (45nm and 32nm)
  • Intel® Core™ i7 processor (45nm and 32nm)
  • Intel® Core™ M processor family (45nm and 32nm)
  • 2nd generation Intel® Core™ processors
  • 3rd generation Intel® Core™ processors
  • 4th generation Intel® Core™ processors
  • 5th generation Intel® Core™ processors
  • 6th generation Intel® Core™ processors
  • 7th generation Intel® Core™ processors
  • 8th generation Intel® Core™ processors
  • Intel® Core™ X-series Processor Family for Intel® X99 platforms
  • Intel® Core™ X-series Processor Family for Intel® X299 platforms
  • Intel® Xeon® processor 3400 series
  • Intel® Xeon® processor 3600 series
  • Intel® Xeon® processor 5500 series
  • Intel® Xeon® processor 5600 series
  • Intel® Xeon® processor 6500 series
  • Intel® Xeon® processor 7500 series
  • Intel® Xeon® Processor E3 Family
  • Intel® Xeon® Processor E3 v2 Family
  • Intel® Xeon® Processor E3 v3 Family
  • Intel® Xeon® Processor E3 v4 Family
  • Intel® Xeon® Processor E3 v5 Family
  • Intel® Xeon® Processor E3 v6 Family
  • Intel® Xeon® Processor E5 Family
  • Intel® Xeon® Processor E5 v2 Family
  • Intel® Xeon® Processor E5 v3 Family
  • Intel® Xeon® Processor E5 v4 Family
  • Intel® Xeon® Processor E7 Family
  • Intel® Xeon® Processor E7 v2 Family
  • Intel® Xeon® Processor E7 v3 Family
  • Intel® Xeon® Processor E7 v4 Family
  • Intel® Xeon® Processor Scalable Family
  • Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
  • Intel® Atom™ Processor C Series
  • Intel® Atom™ Processor E Series
  • Intel® Atom™ Processor A Series
  • Intel® Atom™ Processor x3 Series
  • Intel® Atom™ Processor Z Series
  • Intel® Celeron® Processor J Series
  • Intel® Celeron® Processor N Series
  • Intel® Pentium® Processor J Series
  • Intel® Pentium® Processor N Series
 
Poslednja izmena:

ThePocetnik

Moderator
Učlanjen(a)
30.03.2009.
Poruka
5.084
Rezultat reagovanja
19
Moja konfiguracija
PC / Laptop Name:
HP Pavilion - 14-ce0008nm
CPU & cooler:
Intel Core i7 5820K feat NiC L32
Motherboard:
ASRock X99 WS
RAM:
4x8GB DDR4 2666MHz Kingston HyperX Fury
VGA & cooler:
Sapphire Pulse 580 4GB
Display:
Dell 2312HM i AOC G2460PF
HDD:
Seagate 3TB, WD Red 3TB, Samsung F3 1TB, Samsung 850 EVO 500GB, HP EX900 512GB, Intel M.2 SSD 6000p
Sound:
Asus Xonar U7 feat Logitech X-530 / Corsair Vengeance 1500 / Superlux HMC631
Case:
Corsair Carbide 500R
PSU:
EVGA SuperNova G3 750W
Optical drives:
LiteOn iHAS124 / ASUS SBW-06D2X-U
Mice & keyboard:
RedDragon Kala i A4Tech V7 Bloody
Internet:
SBB
OS & Browser:
Windows 10 Pro x64
Other:
PS3 Ultra slim 500GB / Shuttle XS35V4
A da li je toliko pad samo kada se instalira patch za Windows 10, posto se spominje da patch selektivno aktivira ono sto treba.
 

Edgeman

PCAXE Member
Učlanjen(a)
01.04.2009.
Poruka
269
Rezultat reagovanja
0
Moja konfiguracija
CPU & cooler:
Intel Core i5 6600 [email protected] cooled with LC Power Cosmo Cool 120
Motherboard:
ASUS Maximus VIII Hero / non-K OC BIOS 0001
RAM:
2x8GB DDR4 Kinston HyperX Fury Black [email protected]
VGA & cooler:
Sapphire R9 270X Dual-X
Display:
Dell U2312HM
HDD:
Samsung 830 SSD, Samsung F3 1TB, WD 2 TB Green
Sound:
ROG SupremeFX 2015 onboard
Case:
Cooler Master 690 II Adv.+ 5,25" 4x USB3.0 front panel
PSU:
Chieftec CFT-750-14CS
Optical drives:
LG GH24NSC0
Mice & keyboard:
Logitech K330
Internet:
SBB 50/3Mbps
OS & Browser:
Win 10 Pro x64
Other:
QNAP TS-251, 1GB RAM, 2x4TB WD Red, LC-35USB3 without hdd now
Koliko će efikasno da urade te patcheve. Intel je imao pola godine da smisli način kako ovo da zakrpi a da ne dođe do prevelikog pada u performansama.
Pitanje je da li su uspeli u tome.
Postavlja se pitanje ako CPU-u u cloud sistemimа udare u palfon onda će biti potrebno više takvih sistema za isti load. I koje je rešenje?
Isti ovi "topivi" procesori jer nema novih.

Avetinja na delu
Primer u C-u.
ErikAugust/spectre.c
 

Sam633

PCAXE Addicted
Učlanjen(a)
13.11.2012.
Poruka
1.285
Rezultat reagovanja
26
Moja konfiguracija
A da li je toliko pad samo kada se instalira patch za Windows 10, posto se spominje da patch selektivno aktivira ono sto treba.
Za sada, takozvani OS patch, donosi zakrpu za Meltdown i čini se da nije toliko pogubna za krajnjeg korisnika. Osim u pogledu velikih I/O poslova. Ista zakrpa služi i za Spectre, barem za jednu varijantu od dve, ako se ne varam. Ali OS zakrpa za Spectre ne radi, bez novog mikrokoda za CPU, koji opet verovatno donosi neko smanjenje performansi. I opet u pogledu I/O poslova.

Treba shvatiti da je sve ovo na samom začetku, bez obzira što su svi imali vremena.

Avetinja na delu
Primer u C-u.
ErikAugust/spectre.c
Upravo tako.

 

hedgehog

PCAXE Member
Učlanjen(a)
13.12.2014.
Poruka
794
Rezultat reagovanja
6
Moja konfiguracija
CPU & cooler:
AMD FX 4300 Black Edition & FX 8xxx Box poliran XD
Motherboard:
ASRock 970 Pro3 R2.0
RAM:
Exceleram Rippler 2x4GB @1600MHz CL9 1.5V
VGA & cooler:
XFX Radeon 5750 512MB
Display:
Dell P2417H
HDD:
WD Caviar Blue 500GB AAKS 16MB
Case:
Cooler Master Elite 334 Black
PSU:
Corsair VX450W
Optical drives:
Optiarc DVD RW AD-5240S
Mice & keyboard:
GIGABYTE GM-M6880 & CM Suppressor
Internet:
Telekom ADSL 10/1
OS & Browser:
Win7 x64 & Waterfox
Other:
Microsoft LifeCam HD-5000, Nexus 5

Sam633

PCAXE Addicted
Učlanjen(a)
13.11.2012.
Poruka
1.285
Rezultat reagovanja
26
Moja konfiguracija
Linux-Kernel Archive: Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation

Re: [RFC 09/10] x86/enter: Create macros to restrict/unrestrict Indirect Branch Speculation
From: Linus Torvalds
Date: Sun Jan 21 2018 - 16:36:05 EST


On Sun, Jan 21, 2018 at 12:28 PM, David Woodhouse <[email protected]> wrote:
> On Sun, 2018-01-21 at 11:34 -0800, Linus Torvalds wrote:
>> All of this is pure garbage.
>>
>> Is Intel really planning on making this shit architectural? Has
>> anybody talked to them and told them they are f*cking insane?
>>
>> Please, any Intel engineers here - talk to your managers.
>
> If the alternative was a two-decade product recall and giving everyone
> free CPUs, I'm not sure it was entirely insane.

You seem to have bought into the cool-aid. Please add a healthy dose
of critical thinking. Because this isn't the kind of cool-aid that
makes for a fun trip with pretty pictures. This is the kind that melts
your brain.

> Certainly it's a nasty hack, but hey â the world was on fire and in the
> end we didn't have to just turn the datacentres off and go back to goat
> farming, so it's not all bad.

It's not that it's a nasty hack. It's much worse than that.

> As a hack for existing CPUs, it's just about tolerable â as long as it
> can die entirely by the next generation.

That's part of the big problem here. The speculation control cpuid
stuff shows that Intel actually seems to plan on doing the right thing
for meltdown (the main question being _when_). Which is not a huge
surprise, since it should be easy to fix, and it's a really honking
big hole to drive through. Not doing the right thing for meltdown
would be completely unacceptable.

So the IBRS garbage implies that Intel is _not_ planning on doing the
right thing for the indirect branch speculation.

Honestly, that's completely unacceptable too.

> So the part is I think is odd is the IBRS_ALL feature, where a future
> CPU will advertise "I am able to be not broken" and then you have to
> set the IBRS bit once at boot time to *ask* it not to be broken. That
> part is weird, because it ought to have been treated like the RDCL_NO
> bit â just "you don't have to worry any more, it got better".

It's not "weird" at all. It's very much part of the whole "this is
complete garbage" issue.

The whole IBRS_ALL feature to me very clearly says "Intel is not
serious about this, we'll have a ugly hack that will be so expensive
that we don't want to enable it by default, because that would look
bad in benchmarks".

So instead they try to push the garbage down to us. And they are doing
it entirely wrong, even from a technical standpoint.

I'm sure there is some lawyer there who says "we'll have to go through
motions to protect against a lawsuit". But legal reasons do not make
for good technology, or good patches that I should apply.

> We do need the IBPB feature to complete the protection that retpoline
> gives us â it's that or rebuild all of userspace with retpoline.

BULLSHIT.

Have you _looked_ at the patches you are talking about? You should
have - several of them bear your name.

The patches do things like add the garbage MSR writes to the kernel
entry/exit points. That's insane. That says "we're trying to protect
the kernel". We already have retpoline there, with less overhead.

So somebody isn't telling the truth here. Somebody is pushing complete
garbage for unclear reasons. Sorry for having to point that out.

If this was about flushing the BTB at actual context switches between
different users, I'd believe you. But that's not at all what the
patches do.

As it is, the patches are COMPLETE AND UTTER GARBAGE.

They do literally insane things. They do things that do not make
sense. That makes all your arguments questionable and suspicious. The
patches do things that are not sane.

WHAT THE F*CK IS GOING ON?

And that's actually ignoring the much _worse_ issue, namely that the
whole hardware interface is literally mis-designed by morons.

It's mis-designed for two major reasons:

- the "the interface implies Intel will never fix it" reason.

See the difference between IBRS_ALL and RDCL_NO. One implies Intel
will fix something. The other does not.

Do you really think that is acceptable?

- the "there is no performance indicator".

The whole point of having cpuid and flags from the
microarchitecture is that we can use those to make decisions.

But since we already know that the IBRS overhead is huge on
existing hardware, all those hardware capability bits are just
complete and utter garbage. Nobody sane will use them, since the cost
is too damn high. So you end up having to look at "which CPU stepping
is this" anyway.

I think we need something better than this garbage.

Linus


 
Poslednja izmena:

drfedja

CPU Guru
Učlanjen(a)
01.04.2009.
Poruka
3.084
Rezultat reagovanja
14
Moja konfiguracija
PC / Laptop Name:
Dell n5010, Intel Core i3 370M 2.4 GHz, 4 GB DDR3 1333
CPU & cooler:
Intel Core i7 4790K @ 4.5 GHz
Motherboard:
Biostar Hi-Fi Z97WE
RAM:
16GB Kingston HyperX Beast 2400
VGA & cooler:
Sapphire AMD Radeon R9-280X
Display:
Viewsonic VA2342 23" LED, LG 25"Ultrawide, Samsung VA2342 23"
HDD:
Samsung SSD850 Evo 250GB, Kingston 120GB V300 SSD, 2x1GB WD Caviar black
Sound:
Altec Lansing 5100E
Case:
Cooler Master 690-III
PSU:
Cooler Master G650M modular
Optical drives:
N/A
Mice & keyboard:
Keyboard/Mouse Cooler Master Storm
Internet:
Cable
OS & Browser:
Windows 10 Pro 64-bit
Other:
iPhone 6S 64GB

Sam633

PCAXE Addicted
Učlanjen(a)
13.11.2012.
Poruka
1.285
Rezultat reagovanja
26
Moja konfiguracija
Intel: No Microcode Updates for some older CPUs

Lista procesora koji će izvisiti za (dalji) MCU (microcode update):

- Bloomfield
- Bloomfield Xeon
- Clarksfield
- Gulftown
- Harpertown Xeon C0
- Harpertown Xeon E0
- Jasper Forest
- Penryn/QC
- SoFIA 3GR
- Wolfdale C0
- Wolfdale M0
- Wolfdale E0
- Wolfdale R0
- Wolfdale Xeon C0
- Wolfdale Xeon E0
- Yorkfield
- Yorkfield Xeon
 
Vrh