Aggiornamenti firmware / microcodice Intel che rendono i processori "immuni" sia da Spectre che da Meltdown?

Question

Aggiornamenti firmware / microcodice Intel che rendono i processori "immuni" sia da Spectre che da Meltdown?

#1 da (5 voti)

8

Recentemente Intel ha affermato quanto segue in un comunicato stampa (corsivo aggiunto):

SANTA CLARA, Calif., Jan. 4, 2018 — Intel has developed and is rapidly issuing updates for all types of Intel-based computer systems — including personal computers and servers — that render those systems immune from both exploits (referred to as “Spectre” and “Meltdown”) reported by Google Project Zero. Intel and its partners have made significant progress in deploying updates as both software patches and firmware updates.

Intel has already issued updates for the majority of processor products introduced within the past five years. By the end of next week, Intel expects to have issued updates for more than 90 percent of processor products introduced within the past five years. In addition, many operating system vendors, public cloud service providers, device manufacturers and others have indicated that they have already updated their products and services.

Un altro comunicato stampa più recente ha ribadito questo (enfasi aggiunta):

In early December we began distributing Intel firmware updates to our OEM partners. For Intel CPUs introduced in the past five years, we expect to issue updates for more than 90 percent of them within a week, and the remainder by the end of January. We will continue to issue updates for other products thereafter. We are pleased with this progress, but recognize there is much more work to do to support our customers.

Sembra che stiano sostenendo di aver sviluppato aggiornamenti firmware per i loro processori che in qualche modo impediscono il funzionamento degli attacchi Meltdown e Spectre, e vengono distribuiti attraverso diversi fornitori.

Tuttavia trovo questa affermazione vaga e poco convincente.

Ci sono aggiornamenti del firmware / microcodice della CPU Intel che, parzialmente o completamente, impediscono il verificarsi di Meltdown e Spectre? In tal caso, in che modo ottengono ciò e in che modo influisce sulle prestazioni?

ULTERIORI INFORMAZIONI:

Dopo ulteriori ricerche, sembra che l'aggiornamento del "firmware" possa riferirsi a un aggiornamento del microcodice. Ancora nessun dettaglio reale su ciò che questo aggiornamento riesce comunque.

Da Registri dei rapporti sui bug di Debian: intel-microcode: aggiornamenti in arrivo per fusione / spettro :

It's been rumored that Intel will be releasing microcode updates to (partially?) mitigate some of the effects of meltdown and spectre.

Intel has released several updates already, but not all of them AFAIK.

These microcode updates are of little impact until the kernel changes to activate the new MSRs are deployed. But they do mess with conditional jumps and LFENCE.

Anyway, uploading a partial, unofficial set of updates to unstable to close the bug. Several processors are still missing. I expect an official release from Intel soon, hopefully with updates for everything.

Everyone should look for firmware updates, the usual good vendors already have them out, or will have them out by the end of the next week.

hardware cpu intel meltdown spectre

posta Alexander O'Mara 09.01.2018 - 16:44

fonte

1 risposta

Leggi altre domande sui tag hardware cpu intel meltdown spectre

Confusione sull'effimero Diffie-Hellman Il modo migliore per impostare in modo sicuro un cookie di sessione su un altro dominio

score 5 · Answer 1

Intel rilascerà patch per tutti i processori che non hanno più di 5 anni. La maggior parte di questi patch verrà fornita entro la prossima settimana, il resto fino alla fine di gennaio 2018.

Hanno anche rilasciato questo pdf e questo dovrebbe rispondere a tutte le ulteriori domande riguardanti queste patch.

TL; DR:

Attenuazione per:

Limita controllo Bypass (= Spettro ): modifiche del software
Branch Target Injection (= Spectre ): modifiche al software e aggiornamento del microcode
Carico di Rogue Data Cache (= Meltdown ): per ora i sistemi operativi devono essere aggiornati, ma i processori più recenti avranno "supporto hardware" per la mitigazione.

Segue una citazione abbreviata dal whitepaper. Ho sottolineato le parti, che riguardano la tua domanda:

Bounds Check Bypass Mitigation

For the bounds check bypass method, Intel’s mitigation strategy is focused on software modifications. The software mitigation that Intel recommends is to insert a barrier to stop speculation in appropriate places. In particular, the use of an LFENCE instruction is recommended for this purpose. Serializing instructions, as well as the LFENCE instruction, will stop younger instructions from executing, even speculatively, before older instructions have retired but LFENCE is a better performance solution than other serializing instructions. An LFENCE instruction inserted after a bounds check will prevent younger operations from executing before the bound check retires. Note that the insertion of LFENCE must be done judiciously; if it is used too liberally, performance may be significantly compromised.

Intel’s analysis of the Linux kernel for example has only found a handful of places where LFENCE insertion is required, resulting in minimal performance impact.^{No comment on Windows/MacOS}

Branch Target Injection Mitigation

For the branch target injection method, two mitigation techniques have been developed. This allows a software ecosystem to select the approach that works for their security, performance and compatibility goals. The first technique introduces a new interface between the processor and system software. This interface provides mechanisms that allow system software to prevent an attacker from controlling the victim’s indirect branch predictions, such as flushing the indirect branch predictors at the appropriate time to mitigate such attacks. [...] This mitigation strategy requires both updated system software as well as a microcode update to be loaded to support the new interface for many existing processors.

The second technique introduces the concept of a “return trampoline”, also known as “retpoline”. Essentially, software replaces indirect near jump and call instructions with a code sequence that includes pushing the target of the branch in question onto the stack and then executing a Return (RET) instruction to jump to that location, as Return instructions can generally be protected using this method. This technique may perform better than the first technique for certain workloads on many current Intel processors. [...] For Intel® Core™ processors of the Broadwell generation and later, this retpoline mitigation strategy also requires a microcode update to be applied for the mitigation to be fully effective.

Rogue Data Cache Load Mitigation

For the rogue data cache load method, the operating system software may ensure that privileged pages are not mapped when executing user code in order to protect against user mode access to privileged pages.

This basic dual-page-table approach was previously proposed as a mitigation for side channel attacks on Kernel Address Space Layout Randomization (KASLR) in the “KASLR is Dead: Long Live KASLR1” paper and was called KAISER. This approach also mitigates Rogue Data Cache Load. Intel has worked with various OS vendors to enable a dual-page-table approach in their operating systems. An OS implementing this dual-page-table mitigation may wish to take advantage of the Process Context Identifier (PCID) feature on processors which support it. PCID can greatly reduce the performance cost of TLB flushes caused by frequent reloading of CR3 during user/supervisor mode transitions.

Future Intel processors will also have hardware support for mitigating Rogue Data Cache Load.

Anche il CEO di Intel, Brian Krzanich, a quanto pare ha parlato di questo durante il suo keynote del CES 2018.

link

Che cosa significa per me come utente finale?

La tua macchina ha un processore Intel?
1. No? Ricevi aggiornamenti per il tuo sistema operativo / VM e il tuo browser. Cerca patch AMD o ARM. Se non ne hai neanche uno, tieni gli occhi aperti, se il tuo fornitore compare nell'elenco "è anche interessato".
2. Sì! Ottieni le patch da fonti ufficiali. Aggiorna anche il tuo sistema operativo. Dovresti stare bene allora. Forse questo può essere fatto in un unico passaggio. Fallo appena le patch saranno disponibili, domani potrebbe apparire un nuovo WannaCry.