Sam633
PCAXE Addicted
- Učlanjen(a)
- 13.11.2012.
- Poruka
- 1.286
- Rezultat reagovanja
- 26
Moja konfiguracija
This speculative execution can even do other things that wouldn't be allowed: for example, Intel processors allow speculative writes to be made to read-only memory, giving even more power to an attacker. This has some similarity to the Meltdown attack; Intel and certain ARM processors (though not AMD chips) will allow user-mode programs to speculatively read kernel-mode memory because of the way the processors defer checking whether the access is permitted. It turns out that they also defer checking whether a write is permitted, too.
We are updating the license now to address this and will have a new version available soon. As an active member of the open source community, we continue to welcome all feedback.Intel responded to our queries, stating:
VMware Performance Impact Statement for ‘L1 Terminal Fault - VMM’ (L1TF - VMM) mitigations: CVE-2018-3646 (55767)Two recently disclosed hardware bugs affected Intel cpus:
- TLBleed
- T1TF (the name "Foreshadow" refers to 1 of 3 aspects of this
bug, more aspects are surely on the way)
Solving these bugs requires new cpu microcode, a coding workaround,
*AND* the disabling of SMT / Hyperthreading.
SMT is fundamentally broken because it shares resources between the two
cpu instances and those shared resources lack security differentiators.
Some of these side channel attacks aren't trivial, but we can expect
most of them to eventually work and leak kernel or cross-VM memory in
common usage circumstances, even such as javascript directly in a
browser.
There will be more hardware bugs and artifacts disclosed. Due to the
way SMT interacts with speculative execution on Intel cpus, I expect SMT
to exacerbate most of the future problems.
Our tests showed that after enabling the ESXi Side-Channel-Aware Scheduler the maximum performance capacity of the host can diminish by as much as 30%, depending on the workloads, host utilization, and processors used within the host. It is important to note that this does not necessarily translate to a 30% reduction in application performance. On a host that is running below its maximum performance capacity, the enablement of the ESXi Side-Channel-Aware Scheduler might result in little or no loss of performance depending on how much spare capacity was available. A set of test results for common enterprise application workloads is included in the Performance Test Results section of this article.