> A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.
> Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down.
> A spokesperson for Intel was not available for comment
Weren't they now.
Also, another *Very* good reason to use bare metal whenever possible.
> There were rumors of a severe hypervisor bug – possibly in Xen – doing the rounds at the end of 2017. It may be that this hardware flaw is that rumored bug: that hypervisors can be attacked via this kernel memory access cockup, and thus need to be patched, forcing a mass restart of guest virtual machines.
If in an argument I told someone last month "what if there was a bug in the processor design", I would be laughed out the room.
Well. There we go.
@MightyPork My gut feeling is: yes your home PC will be hit by this, *unless* it is disconnected from Teh Intertubes and runs 100% verified software. :)
This seems to be a bug that allows userland to read kernel memory. I.e. your adblocker could be reading your kernel memory.
But I am happy to be proven wrong.
@MightyPork so, "nopti" kernel arg is now a thing:
@rysiek I’m implying they have no idea what the consequences and probable fixes are of the bug not that they are lying. If they are referencing the MMU timing attack which much of it makes me think they are, then the misleading parts are all of it.
They way they portray it is nonsensical. They dont understand when kaslr is and is not useful....
@rysiek The patches look like they are protecting against the mmu attack only for kaslr when it is useless anyhow and not user space aslr where it is useful.
It is NOT paging out the kernel. This attack is present in amd but not across rings.
The entire article is a fuck. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf
@Wolf480pl @rysiek There ARE claimed ways (from the chipmakers, eg Intel) of putting 'secure enclaves' into the chips such that the owners of the hardware CAN'T access RAM, even in Ring 0 or -1 or whatever hypervisors / Intel ME gives access to.
But, um. One, how much do we trust the chipmakers? And two, how do we get encrypted data into and out of this 'secure RAM' through insecure RAM?
It's maybe possible, but it seems really awkward, and still a big trust point being the chip makers.
Corporations want cheap cheap compute!
They also want privacy, or *should*.
It's hard. More and more businesses just don't want to run their own physical datacenters. Air conditioning and power costs a lot. They just want to make the whole cost center go away. Amazon's right there.
We've kinda gone right back to the IBM days, now with Amazon as IBM.