
Unexpected Page Fault In Virtualized Environment Advisory - btmills
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html
======
zelon88
Someone should make a graph quantifying the number of "mitigations" and
performance impacting patch work for popular Intel SKU's since release.

It would be interesting to see how many times they've patched the same
processor and how much slower they are now than when they were made due to all
the mitigations.

~~~
freeopinion
Do you spell "someone" A-M-D?

~~~
olyjohn
I was under the impression that AMD has their own fair share of these
vulnerabilities, too. They just aren't as common in the datacenter.

~~~
sp332
AMD never had one as boneheaded as Meltdown. Intel keeps having more and more
uncovered, and according to researchers who went on the record in the NYT,
they are not handling reported vulnerabilities quickly or thoroughly.
[https://www.nytimes.com/2019/11/12/technology/intel-chip-
fix...](https://www.nytimes.com/2019/11/12/technology/intel-chip-fix.html)

~~~
dmead
IIRC intel stopped doing as much validation like 10ish years ago (so,
2009/2010). it would be nice to see then publish a paper about how those
decisions lead into these problems...

~~~
xvector
Intel willingly admitting mistakes is just about as likely as hell freezing
over

~~~
dnautics
It really is. I got hit pretty bad by an ubuntu intel-microcode package
regression, which has this annoying property that soft reboots fail (and hard
reboots are fine). I lost about 3 days of work to this[0], and our mitigation
(pinning the package to an earlier version) is still painful, because you have
to go through one OS installation cycle and still manually reboot (we do a lot
of manual OS installations, and debugging "first installs").

Anyways I was bitching about this to my roommate, and she remarked that hey
you know acquaintance X we know works in Intel software security division. I
told her to give him crap about it and apparently his response was something
like "we should have closed comments on that github issue". I feel like this
is not a really appropriate response, even between friends.

AFACIT the package still hasn't been fixed and the official ubuntu solution is
to roll back to the nonbroken version.

[0] admittedly slightly poor internal communication is also responsible, since
this was observed by our support staff for our customers which didn't make it
known to R&D - me

------
bonzini
This seems like the usual processor erratum causing potentially very bad
things, but only in very rare conditions that no one really understands. It's
not another L1TF or similar.

~~~
monocasa
Hence why we need open source CPUs pretty badly.

~~~
vajrabum
I'm pretty sure that high performance open source CPUs will have their own
obscure problems. Too much complexity, too many dependencies, too many
possible feature interactions.

~~~
monocasa
They will, but you'll be able to understand the problem, the fix, and how it
combines with other fixes.

I can def see a world soon where all of Intel's woes have combined to the
point that they've run out of patch space for their microcode updates, and you
have to pick and choose what you want mitigations for.

~~~
hinkley
"Good news, our brand new processor has twice as much space for microcode as
the old versions!"

------
strstr
Anyone know what conditions are required? The advisory is sparse on details.

The errata lists the same vague info:
[https://www.intel.com/content/dam/www/public/us/en/documents...](https://www.intel.com/content/dam/www/public/us/en/documents/specification-
updates/xeon-scalable-spec-update.pdf)

~~~
erk__
>November 2910

They seem to have gotten information about the bug from the future :P

This could also show that trhey released it in a hurry since they did not fix
that typing mistake.

~~~
ars
It's not a typo, it's in Middle-endian format. :)

~~~
hinkley
It looks more like a concurrency bug to me.

------
_Codemonkeyism
It feels like the only mails I get from DigitalOcean are about Intel
processors.

------
rossmohax
Intel now runs bug bounty program with up to $100k payouts
([https://www.intel.com/content/www/us/en/security-
center/bug-...](https://www.intel.com/content/www/us/en/security-center/bug-
bounty-program.html)), where one of the requirements is not to leak
vulnerability details.

~~~
cortesoft
Isn't that a pretty standard bug bounty requirement? The idea is that you
submit the bug to the company and they fix it before it is disclosed.

~~~
throwawaymath
It is standard in the sense that it's not uncommon. But about as frequently
it's not a requirement. Many companies allow complete or partial vulnerability
disclosure once resolution is complete. It's often on a case by case basis and
requires approval.

~~~
cortesoft
Oh, I thought that was what you meant (until resolution).. didn't realize they
block disclosure forever

------
ysleepy
Skylake and newer.

Is Broadwell and before not affected or are those not mentioned since their
support cycle has ended? I'd be surprised with Intel spinning up Haswell
production for lower grade CPUs on 22nm, but I can't be sure.

------
bdibs
There seem to be quite a few security updates today from Intel:
[https://www.us-cert.gov/ncas/current-
activity/2019/12/10/int...](https://www.us-cert.gov/ncas/current-
activity/2019/12/10/intel-releases-security-updates)

------
_Codemonkeyism
Intel feels so much like Boeing now.

