Archive

Posts Tagged ‘intel’

Companies Address Concerns related to Speculative Execution Exploits: Meltdown and Spectre

January 4th, 2018 17 comments

Yesterday, news surfaced about a “bug” in Intel processors that could be fixed at the operating system level at the cost of a decrease in performance for some tasks, from a typical, and barely noticeable 5% hit, to a more consequent 30% hit for some specific tasks, and as we discussed yesterday I/O intensive tasks are the most impacted by the changes.

While Intel (and Arm) are impacted, AMD claims not to be, and the issue was reported by major news outlets and likely impacting the stock price of the companies with Intel stock losing 3.39%, and AMD stock gaining 5.19%, so obviously every company felt the need to answer, starting with Intel’s response to security research findings:

Recent reports that these exploits are caused by a “bug” or a “flaw” and are unique to Intel products are incorrect. Based on the analysis to date, many types of computing devices — with many different vendors’ processors and operating systems — are susceptible to these exploits.

Check with your operating system vendor or system manufacturer and apply any available updates as soon as they are available.

Intel believes its products are the most secure in the world and that, with the support of its partners, the current solutions to this issue provide the best possible security for its customers.

This looks like damage limitation, and I guess more info will be released once the fixes are all released.

But the most detailed report is by Google, since Project Zero found three variant of two vulnerabilities – Metldown and Spectre – related to speculative execution, a technique to predict (and run) likely future instruction in order to boost performance:

We have discovered that CPU data cache timing can be abused to efficiently leak information out of mis-speculated execution, leading to (at worst) arbitrary virtual memory read vulnerabilities across local security boundaries in various contexts.

Variants of this issue are known to affect many modern processors, including certain processors by Intel, AMD and ARM. For a few Intel and AMD CPU models, we have exploits that work against real software. We reported this issue to Intel, AMD and ARM on 2017-06-01.

The three variants:

Variants 1 & 2 are referred to as Spectre, and variant 3 as Meltdown, with the latter easier to exploit.

The Meltdown attack uses exception handling or suppression to run a series of transient instructions

Yesterday, we learned AMD was not impacted, but Google clearly mention they could exploit AMD processors too, and that’s because AMD is only subject to Spectre. So AMD responded too:

It is important to understand how the speculative execution vulnerability described in the research relates to AMD products, but please keep in mind the following:

  • The research described was performed in a controlled, dedicated lab environment by a highly knowledgeable team with detailed, non-public information about the processors targeted.
  • The described threat has not been seen in the public domain.

and provided a table showing how AMD processors are impacted:

Google Project Zero (GPZ) Research Title Details
Variant One Bounds Check Bypass Resolved by software / OS updates to be made available by system vendors and manufacturers. Negligible performance impact expected.
Variant Two Branch Target Injection Differences in AMD architecture mean there is a near zero risk of exploitation of this variant. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date.
Variant Three Rogue Data Cache Load Zero AMD vulnerability due to AMD architecture differences.

So it looks like only variant 1 is a potential issue, and operating systems will have to be patched.

Arm’s turn:

Cache timing side-channels are a well-understood concept in the area of security research and therefore not a new finding. However, this side-channel mechanism could enable someone to potentially extract some information that otherwise would not be accessible to software from processors that are performing as designed and not based on a flaw or bug. This is the issue addressed here and in the Cache Speculation Side-channels whitepaper.

It is important to note that this method is dependent on malware running locally which means it’s imperative for users to practice good security hygiene by keeping their software up-to-date and avoid suspicious links or downloads.

The majority of Arm processors are not impacted by any variation of this side-channel speculation mechanism. A definitive list of the small subset of Arm-designed processors that are susceptible can be found below.

The currently popular Cortex-A7 and Cortex A53 cores are not impacted at all, but some others are:

Processor

Variant 1

Variant 2

Variant 3

Variant 3a

Cortex-R7

Yes*

Yes*

No

No

Cortex-R8

Yes*

Yes*

No

No

Cortex-A8

Yes (under review)

Yes

No

No

Cortex-A9

Yes

Yes

No

No

Cortex-A15

Yes (under review)

Yes

No

Yes

Cortex-A17

Yes

Yes

No

No

Cortex-A57

Yes

Yes

No

Yes

Cortex-A72

Yes

Yes

No

Yes

Cortex-A73

Yes

Yes

No

No

Cortex-A75

Yes

Yes

Yes

No

Variant 3a of Meltdown is detailed in the whitepaper linked above, and Arm “does not believe that software mitigations for this issue are necessary”. In the table above, “Yes” means exploitable, but has a mitigation, and “No” means “no problem” :). So only Cortex-A75 is subject to both Meltdown and Spectre exploits, and it’s not in devices yet. Like other companies, Arm will provide a fix for future revisions of their processors.

Silicon vendors are not the only companies to issue answers, as operating systems vendors will have to issues fixes, and cloud providers are also impacted. Patchsets have been merged into Linux 4.15 as we’ve seen yesterday, Microsoft issued a statement for their Cloud service, Red Hat / Debian and others are working on it, and Google listed products impacted, and even Chrome web browser users need to take action to protect themselves. Android phones with the latest security patch will be protected, bearing in mind that all those Cortex-A53 phones in the wild are not affected at all. It’s worse noting that while Meltdown and Spectre make the news, there are over thirty other critical or high severity vulnerabilities fixed in January that did not get much coverage if any…

Intel Hardware Security Bug Fix to Hit Performance on Windows, Linux…

January 3rd, 2018 15 comments

Many security bugs can be fixed without performance penalty , but according to reports Intel processors have a hardware bug – whose details have not been disclosed yet (embargo) – that seems to affect all operating systems including Windows, Linux, Mac OS, etc…, and the fix may lead to significant performance hits for some tasks.

We know a bit more thanks to the Kernel Page Table Isolation (KPTI) patch for Linux that enables the fix/workaround with X86_BUG_CPU_INSECURE feature. The fix used to be called KAISER, and there’s an explanation on LWN about “hiding the kernel from user space” about the issue:

On contemporary 64-bit systems, the shared address space does not constrain the amount of virtual memory that can be addressed as it used to, but there is another problem that is related to security. An important technique for hardening the system is kernel address-space layout randomization (KASLR), which randomizes the placement of the kernel in the virtual address space at boot time. By denying an attacker the knowledge of where the kernel lives in memory, KASLR makes many types of attack considerably more difficult. As long as the actual location of the kernel does not leak to user space, attackers will be left groping in the dark.

The problem is that this information leaks in many ways….

More recently, a concerted effort has been made to close off the direct leaks from the kernel, but none of that will be of much benefit if the hardware itself reveals the kernel’s location. And that would appear to be exactly what is happening.

This paper from Daniel Gruss et al. [PDF] cites a number of hardware-based attacks on KASLR. They use techniques like exploiting timing differences in fault handling, observing the behavior of prefetch instructions, or forcing faults using the Intel TSX (transactional memory) instructions. There are rumors circulating that other such channels exist but have not yet been disclosed…

and the fix:

Fixing information leaks in the hardware is difficult and, in any case, deployed systems are likely to remain vulnerable. But there is a viable defense against these information leaks: making the kernel’s page tables entirely inaccessible to user space. In other words, it would seem that the practice of mapping the kernel into user space needs to end in the interest of hardening the system.

The paper linked above provided an implementation of separated address spaces for the x86-64 kernel; the authors called it “KAISER”, which evidently stands for “kernel address isolation to have side-channels efficiently removed”. This implementation was not suitable for inclusion into the mainline, but it was picked up and heavily modified by Dave Hansen.

So in short, Intel processors leak the kernel’s location, so now efforts have to be made to close this hole at the OS level since the current hardware or microcode can be updated to fix this issue. In theory, having a fix in the operating system should be good enough, but there’s a caveat: performance hit!

Most workloads that we have run show single-digit regressions. 5% is a good round number for what is typical. The worst we have seen is a roughly 30% regression on a loopback networking test that did a ton of syscalls and context switches.

and from The Register article linked above:

So PostgreSQL SELECT command is about ~20% slower with KPTI workaround, and I/Os in general seem to be impacted negatively according to Phoronix benchmarks especially with fast storage, but not gaming performance, Linux kernel compilation, H.264 encoding, etc…

However, if you own an AMD system you can do a victory dance since the processors are not affected, so the “fix” is disabled:

AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.

Disable page table isolation by default on AMD processors by not setting the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI is set.

The Intel bug will be fully revealed later this month after all main OS have been patched, and I’d assume Intel will fix the hardware in its processors too, so we’ll live in interesting times when people may/will want to check the CPU revision / stepping number before purchasing an Intel system.

More Details about Goldmont Plus Microarchitecture (used in Gemini Lake Processors)

December 27th, 2017 2 comments

2017 was the year of systems based on Intel’s low power, low cost Apollo Lake processors, and provided Intel does not suddenly decide to cancel yet another product, they will be replaced by Gemini Lake processors in 2018. The former is based on Goldmont microarchitecture, while the latter relies on the updated Goldmont microarchitecture.

Intel has now released a document entitled “Intel 64 and IA-32 Architectures Optimization Reference Manual” where you’ll find more gritty technical details about Goldmont Plus in chapter 16 “SOFTWARE OPTIMIZATION FOR GOLDMONT PLUS, GOLDMONT, AND SILVERMONT MICROARCHITECTURES”.

Click to Enlarge

The enhancements over Goldmont include:

  • Widen previous generation Atom processor back-end pipeline to 4-wide allocation to 4-wide retire, while maintaining 3-wide fetch and decode pipeline.
  • Enhanced branch prediction unit.
  • Improved AES-NI instruction latency and throughput.
  • 64KB shared second level pre-decode cache (16KB in Goldmont microarchitecture).
  • Larger reservation station and ROB entries to support large out-of-order window.
  • Wider integer execution unit. New dedicated JEU port with support for faster branch redirection.
  • Radix-1024 floating point divider for fast scalar/packed single, double and extended precision floating point divides.
  • Larger load and store buffers. Improved store-to-load forwarding latency store data from register.
  • Shared instruction and data second level TLB. Paging Cache Enhancements (PxE/ePxE caches).
  • Modular system design with four cores sharing up to 4MB L2 cache.
  • Support for Read Processor ID (RDP) new instruction.

We had a discussion a little while ago comparing 64-bit ARM and Intel Apollo Lake OpenSSL benchmark, and Intel was a bit behind for some key sizes, so maybe the new AES-NI improvements in Gemini Lake/Goldmont Plus will bring low power Intel processor back to the front.

The document also contains a table comparing Goldmont Plus and Goldmont’s “Front End Cluster Features”.

Feature Goldmont Plus Microarchitecture Goldmont Microarchitecture
Number of Decoders 3
Max. Throughput Decoders 20 Bytes per cycle
Fetch and Icache Pipeline Decoupled
ITLB 48 entries, large page support
2nd Level ITLB Shared with DTLB
Branch Mispredict Penalty 13 cycles (12 cycles for certain Jcc) 12 cycles
L2 Predecode Cache 64K 16K

This table shows many similarities, but GLM+ has a bigger 64KB L2 cache, and a larger mispredict penalty (that’s certainly more than compensated by the larger cache). More information can be found in the Intel document.

Ubuntu 17.10 May Corrupt the BIOS on Some Lenovo, Acer, Dell, and Other Laptops

December 21st, 2017 2 comments

Canonical has decided to temporarily remove the download link to Ubuntu 17.10 due leaving a notice reading:

The download of Ubuntu 17.10 is currently discouraged due to an issue on certain Lenovo laptops. Once fixed this download will be enabled again.

The issue that many user are reported being unable to save BIOS settings or boot with USB in several Lenovo Laptops with many topics about this issue on Lenovo Forums. The installed operating system still boots normally, so many affected people may not have even noticed.

Based on the bug report it seems to be related to the enablement of intel-spi-* drivers (Intel Serial Flash drive) in the kernel (CONFIG_SPI_INTEL_SPI_PCI option), and this could also affect Ubuntu 16.04 with HWE kernels. The fix is to disable the driver in the kernel, and Canonical will soon release images. The downside of not using the driver are likely null or minimal, since according to the bug report “it’s unlikely anyone is actually doing anything which requires this driver”.

If you’ve been using isorepin.sh script to run the latest Ubuntu version/Linux kernel, you may also be impacted.

The current list of impacted system include:

  • Lenovo B40-70, B50-70, B50-80
  • Lenovo Flex-3, Flex-10
  • Lenovo G40-30, G50-70, G50-80
  • Lenovo S20-30
  • Lenovo U31-70
  • Lenovo Y50-70, Y70-70
  • Lenovo Yoga Thinkpad (20C0)
  • Lenovo Yoga 2 11″ – 20332
  • Lenovo Z50-70, Z51-70
  • Lenovo ideapad 100-15IBY
  • Acer Aspire E5-771G
  • Acer TravelMate B113
  • Toshiba Satellite S55T-B5233
  • Dell Insperion (with Insyde Software BIOS)

It’s likely other models / brands may also have the same problem. The bug report also include a link to a temporary workaround.

Via Linuxium

Intel Stratix 10 MX FPGA Integrates High Bandwidth Memory DRAM (HBM2)

December 19th, 2017 4 comments

Intel started sampling (Altera) Stratix 10 ARM + FPGA SoC in late 2016, and now the company has announced the availability the new Stratix 10 MX FPGA family wih High Bandwidth Memory DRAM (HBM2). The latter allow Stratix 10 MX FPGAs to offer up to 10 times the memory bandwidth when compared with standalone DDR memory solutions.

The higher bandwidth will be useful for multi-function accelerators for high-performance computing (HPC), data centers, network functions virtualization (NFV), and broadcast applications.

Intel / Altera Stratix 10 MX SoC key features and specifications:

  • Processor – Quad-core ARM Cortex-A53 MP Core up to 1.5 GHz
  • Logic Density Range – 1.092M LE to 2.073M LE
  • Embedded Memory
    • 3.5 to 8GB HBM2 high-bandwidth DRAM memory
    • 45 Mbit to 90 Mbit  eSRAM memory
    • 86 Mbit to 134 Mbit M20K memory
    • 6 Mbit to 11 Mbit MLAB memory
  • Up to 7,920 18 x 19 Multipliers
  • Up to 72 Transceivers up to 30 Gbps data rate (Chip to Chip)
  • Hard Protocol IP – 3 EMACs, PCI Express Gen3 X 8, 10/40G BaseKR- forward error correction (FEC), Interlaken physical coding sublayer (PCS)
  • Security – Secure device manager, Advanced Encryption Standard (AES) AES-256/SHA-256 bitsream encryption/authentication, PUF, ECDSA 256/384 boot code
    authentication, side channel attack protection

Apache Kafka and Apache Spark Streaming are example of HPC applications that benefit from the higher bandwidth. Intel claims Stratix 10 MX can provide up to 512 GB/s with the integrated HBM2. As shown on the diagram above, HBM2 should also consume less power than DDR4 or DDR3 external memory. More details can be found on Altera Intel Stratix 10 MX FPGA product page.

 

Categories: Intel FPGA Tags: altera, arm, fpga, intel

Holo P2P Distributed Hosting is Powered by Holochain Technology, Leverages Holo Fuel Cryptocurrency (Crowdfunding)

December 14th, 2017 6 comments

The Internet is now mostly centralized, for example most people search with Google, and Facebook dominates the social media space in many countries. That also means access to content can easily be blocked by governments, and many companies will use your personal data to their benefits.

Holo network promises to “take back the Internet” thanks to a P2P distributed web hosting system, where people hosts app from developers in their HoloPort devices, and get paid for hosting crypto apps in Holo Fuel cryptocurrency that can in turn be used to pay for processing power and/or storage on the network, or converted into other cryptocurrencies like Bitcoin, or fiat money (Dollars, Euros…).

It’s like a new Internet that uses the current “pipes” (i.e. you’d still need Internet through your ISP), but all content would have to be created from the ground up. It basically aims to replace datacenters, websites, and app from larger companies. The first prototype crypto apps include

  • Clutter – a P2P Twitter clone
  • Fractal Wiki – a serverless Wiki of cards within cards within cards
  • HoloChat – a Slack-like multi-channel chat room for teams
  • DPKI – a secure, decentralized cryptographic key management too

App / website developers would pay for Holo network, just like they pay for hosting services currently, and people are incentivized to buy HoloPort hardware as they could eventually get their money back and make some if the system is popular. You’d still use your web browser to access crypto apps (just type an URL) in the Holo P2P network, and other websites in the “centralized Internet”.

Three types of HoloPort – basically Linux computers – are available with HoloPort Nano based on a quad core ARM processor with Gigabit Ethernet, and larger HoloPort & HoloPort+ powered by more powerful Intel processors, and equipped with more memory and storage.

Click to Enlarge

Holo and Holo Fuel are based on Holochain described as “a next-generation platform that is more scalable, exponentially faster, far more energy efficient, and 10,000x cheaper than blockchain”. More details can be found in this document (PDF), and you can checkout the software on Github. The project is still at the alpha stage with the first stable release expected in Q2 2018. The company is now raising funds through and Initial Community Offering (not available in the US), and an Indiegogo campaign where they offer HoloPort hardware as rewards.

The crowdfunding effort started on a roll, as Holo has already received over $220,000 in pledges from around 530 backers. HoloPort Nano requires a $99 pledges, while the Intel platforms cost $449 or $999. Currently the pledges are fairly evenly distributed among the three platforms because the idea is that you’ll be able to serve more users with a faster computer, hence earn more Holo Fuel. Altough the start of the Indiegogo campaign is impressive, the whole project is quite ambitious, so we’ll have to see how it turns out. But in the worst case, with the project failing, you’d still have a Linux computer to play with. [Update: Alternatively, if you don’t want to buy hardware for it, but still want to support the project, you could pledge $40 for the Alpha/Beta Tester rewards to get early access to Holo and Holochain app developer tools].

More details may also be available on holo.host website.

Six Intel Gemini Lake Processors Launched: Pentium Silver N5000 / J5005, and Celeron N4100, N4000, J4105 and J4005

December 12th, 2017 8 comments

Most of us have been expecting Intel Gemini Lake processors for a while, many of the features are already known, but there were some delays, and Intel has now only officially launched Intel Gemini Lake family with 6 processors.

The models include two Pentium Silver quad core processor with N5000 for mobile, J5005 for desktop, and four Celeron dual/quad core processors with N4000 & N4100 for mobile, and Celeron J4005 & J4105 for desktop.

All processors share the same 4MB cache which will help with performance improvement, and dual channel DDR4-2400, LPDDR4-2400 memory. Pentium processors come with Intel UHD Graphics 605 clocked up to 750/800 MHz, and Celeron processors are instead equipped with UHD Graphics 600 up to 650/750 MHz which the exactly frequency depending on model.

The company also introduced Intel Pentium Silver and Intel Pentium Gold brand levels with the former on Gemini Lake architecture, and the latter on the higher performance Kaby Lake architecture. Intel claims Pentium Silver N5005 will deliver 58 percent faster productivity performance compared with a similar 4-year-old PC based on Pentium N3540 (Bay Trail) based on data provided by SYSmark 2014 SE benchmark.

Gemini Lake processors will support Gigabit Wi-Fi capability using 2×2 802.11AC with 160MHz channels for theoretical data rates up to 1733 Mbps, and in reality around  1200 Mbps in ideal conditions provided the the router/client also supporting 160 MHz channels. The processor also include Local Adaptive Contrast Enhancement (LACE), a new technology that should help people watch videos outdoors clearly even in bright light.

The only consumer Gemini Lake platforms I know of right now are the upcoming Latte Panda Delta board powered by Intel Celeron N4100 processor, and Intel’s own GLK NUCs, but the company reports that we should “look for designs from major OEMs to launch in the first quarter of 2018”, so we should see many more Gemini Lake mini PCs, 2-in-1 laptops, etc… very soon.

LEAGOO T5c Smartphone Features Spreadtrum SC9853i Octa-core Intel Airmont SoC

November 16th, 2017 7 comments

Intel is supposed to have left the mobile and IoT markets, but a few month ago, I wrote about Spreadtrum SC9861G-IA, an octa-core Intel Airmont SoC designed for LTE smartphones. Airmont is the microarchitecture used in Intel’s Cherry Trail and Braswell SoC, so the Spreadtrum SoC is not based on a new microarchitecture, but it still shows Intel decided to still use the technology, just not with their name on the processor.

The news was published in February, but so far I have not seen any phone based on the processor. Instead, a similarly specced SoC, namely Spreatrum SC9853i, is now found in LEAGOO T5c 5.5″ smartphone with 3GB RAM and 32GB flash.

LEAGOO T5c smartphone specifications:

  • SoC – Spreatrum SC9853i octa-core Intel 64-bit Airmont “Cherry Trail-T” processor @ up to 1.8 GHz (14-nm FinFET process)
  • System Memory – 3GB RAM
  • Storage – 32GB eMMC flash
  • Display – 5.5″ SHARP Full HD IPS display
  • Cellular Connectivity – LTE cat 6 and dual 4G networks
  • Camera – 13.0 MP + 2.0 MP dual rear camera with aufocus,  front-facing camera
  • Misc – Font fingerprint scanner
  • Battery – 3,000 mAh battery with 5V/2A “quick charge”

The operating system is not mentioned at all, but it’s probably safe to assume it’s running some version of Android.

The company claims SC9853i delivers 30% less power consumption, and is 25% to 39% faster than MediaTek MT6750 octa-core ARM Cortex A53 processor @ 1.5 GHz (Cluster 1) / 1.0 GHz (Cluster 2) for single core, multi-core and “CPU total” – whatever that means – performance.

Leegoo T5c retail price will be around $129.99, but they have a promotion at launch, offering the phone for $1.99 to 5 winners on December 4, as well as a $30 discount coupon to some of the participants, making it a $100 phone. For comparison, LEAGOO T5 smartphone based on  Mediatek MT6750T SoC, but with 4GB RAM/64GB storage instead of just 3GB/32GB, currently sells for $128 shipped.