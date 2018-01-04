Google Says CPU Patches Cause 'Negligible Impact On Performance' With New 'Retpoline' Technique (theverge.com) 66
In a post on Google's Online Security Blog, two engineers described a novel chip-level patch that has been deployed across the company's entire infrastructure, resulting in only minor declines in performance in most cases. "The company has also posted details of the new technique, called Retpoline, in the hopes that other companies will be able to follow the same technique," reports The Verge. "If the claims hold, it would mean Intel and others have avoided the catastrophic slowdowns that many had predicted." From the report: "There has been speculation that the deployment of KPTI causes significant performance slowdowns," the post reads, referring to the company's "Kernel Page Table Isolation" technique. "Performance can vary, as the impact of the KPTI mitigations depends on the rate of system calls made by an application. On most of our workloads, including our cloud infrastructure, we see negligible impact on performance." "Of course, Google recommends thorough testing in your environment before deployment," the post continues. "We cannot guarantee any particular performance or operational impact."
Notably, the new technique only applies to one of the three variants involved in the new attacks. However, it's the variant that is arguably the most difficult to address. The other two vulnerabilities -- "bounds check bypass" and "rogue data cache load" -- would be addressed at the program and operating system level, respectively, and are unlikely to result in the same system-wide slowdowns.
Geez... You make it sound like this is the first ever time someone has had to write a software patch to bypass a hardware flaw. Driver developers have had to come up with clever workarounds to hardware defects since the the dawn of computing.
These Intel firmware fixes are just going to become part of yet another security update that will be required to keep systems secure.
Based in the summary, this is a fix that dramatically reduces the impact of meltdown (too lazy to read up as it doesn't directly impact me), if they found a way to keep meltdown in the lower bound, they're doing alright.
Lower bound being about 5% (initial patch on a pcid supporting processor was 7% in an artificial postgress benchmark that was more prone to slowdown than real life), if they found a way to get ok'd chips to that point, and shave a little bit off their, it dramatically reduces the problem.
Sure, but it's kind of like the Intel Pentium F00F bug. The underlying hardware issue will always be there, but the OS kernel can prevent that instruction from being run on the system.
amd needs desktop level server chips / ipmi boards (Score:2)
amd needs desktop level server chips / ipmi boards. Like intel exon-e3
Ryzen PRO chips fully support ECC so we just need a few boards with IPMI
ThreadRipper is an nice workstation system.
Threadripper boards with IPMI will be nice as it has higher clocks with less cores then epyc chips.
an full eypc board is overkill for smaller site hosts.
time flies (Score:2)
Pentium 4.99989 disaster seems like yesterday.
Or just Buy AMD & get no slow down with more p (Score:4)
Or just Buy AMD & get no slow down with more pci-e lanes.
Re:Idiotic Moderation (Score:5, Insightful)
Re: (Score:3)
Because it doesn't make sense: Intel has a KNOWN UNFIXABLE FLAW in Meltdown. It cannot be fixed. You are saying "don't switch to AMD because they might have a major flaw too at some point". Meltdown is a much larger problem than Spectre is.
Except that I read the write-up by the team and it did NOT say that AMD was immune to Meltdown. It actually said that they were able to get AMD processors to execute the pipelines but were unable to read it before the cache was invalidated. They speculated that a more optimized attack may be able to read the cache but they did not know for sure if it was possible. Thus they were not able to use their existing attack against AMD but that does not mean that it is not possible. AMD claimed that those pipel
They're both full of bullet holes but AMD at least has less holes in short.
Is there a compelling reason to believe that AMD processors are less likely to be vulnerable in the future than Intel processors?
Right now only Intel is massively exposed on one security issue where other manufacturers are not. So yes - this makes it appear that AMD design philosophy values security over performance. Whether that is proved out remains to be seen.
If one manufacturer is cutting corners with the engineering and the other isn't, then there's a logical reason.
Intel seems to be the one cutting corners - for decades. You do remember the FDIV and FOOF bugs in early Pentiums? I don't recall other manufacturers having such severe problems (sure, mainly PR with FDIV) that a recall was required.
Otherwise, there isn't a logical basis for using that as a reason to change your behaviour in the future.
Intel cannot provide CPUs to retail witho
Some cpu generations will have both issues. Some one issue. Very few will not have any problem.
More lies (Score:2)
I definitely don't see how requiring you to replace GCC and recompile every single binary is "chip-level".
Re: (Score:3)
Exactly, you can't provide a general fix to chip-level security problems by changes to "programs". People can compile their own programs and have root access on VMs that they control.
However, Google controls the hypervisor and presumably, it's at this level that the attack can be blocked or mitigated.
Re: (Score:3)
Google's technique requires patching binaries/code (Score:3)
Google's technique
... has a small performance hit but much smaller than KPTI.
Keep in mind Google's technique (retpoline) is not an alternative to KPTI. Retpoline addresses Variant 2. KPTI addresses Variant 3. Both are required.
Summary not very helpful, here's my attempt. (Score:3)
Google has created "retpoline", a technique which allows an indirect branch (e.g. a vtable call) to occur in a way that effectively disables speculative execution by isolating branch target prediction into a safe effectless loop. This addresses Variant 2 (aka Spectre).
Retpoline does not depend on or assist a CPU or an OS patch: it is done purely at the software level, per-app, by a compiler. There is no simple OS-wide patch.
Google says a retpoline call has performance "within cycles" of a regular old mispredicted branch. The zero-cost predictions we're used to are a thing of the past, because it effectively forces misprediction. I'd be curious to see a benchmark of an indirection-heavy platform like .NET.
.NET.
This does not help address or optimize Variant 3, which is what the big kernel patches for Page Table Isolation are needed for. So, your I/O-dependent apps like databases are still going to take a big performance hit. Nor does it address Variant 1.
Google is connected to Intel at the hip (Score:3)
Google is dependant on Intel CPUs at the moment and has a vested interest in not saying well our cloud just got 5-30% percent slower.
Exactly the same as their competitors, including in-house data centers as well as other cloud providers.
Seriously misleading (Score:2)
Not only do they misspell the name of the mitigation technique, the "retpoline" technique only protects against the indirect branch variant of Spectre. The fix for Meltdown is still KPTI, with all the same overhead that involves. The "negligible inpact on performance" is on top of the KPTI changes.