
An Update on AMD Processor Security - Deimorz
https://www.amd.com/en/corporate/speculative-execution
======
mrmondo
> Resolved by software / OS

It's not _resolved by_ , it's _mitigated by_.

Furthermore, it wasn't _mitigated_ by AMD (or Intel or ARM), it was
_mitigated_ by OS / Software vendors that had to spend the time to make
workarounds for the hardware's design flaw. It would have been nice to see a
nod to such developers for taking the time to help with the problem.

~~~
cryptonector
This could be an extinction level event for less popular OSes. Intel, and to a
lesser extent AMD, may end up causing enormous damage for which they'll pay
nothing much.

~~~
jnwatson
That's an excellent point. I used to work porting a commercial embedded real-
time OS. I just reviewed the description of the recent mitigations in Linux.

It is easily 6 man-months of work if not double, and the level of expertise
necessary to implement this right is pretty high. For a small OS shop, that's
a pretty high price.

------
anfilt
This response is better than the corporate speak Intel put out regarding these
vulnerabilities. Still light on details, but at least not the same kind of
corporate drivel.

AMD does not even mention Intel or ARM. While Intel did. Why is that? AMD
mentions it's an issue with speculative execution used in modern processor
architectures. Clean and simple, and to the point.

Here's Intel's response compare: [https://newsroom.intel.com/news/intel-
responds-to-security-r...](https://newsroom.intel.com/news/intel-responds-to-
security-research-findings/)

------
Decabytes
>As always, AMD strongly encourages its customers to consistently undertake
safe computing practices, examples of which include: not clicking on
unrecognized hyperlinks, following strong password protocols, using secure
networks, and accepting regular software updates.

Ummm none of these things will stop this attack.

~~~
foxylad
Except they just said this attack is virtually impossible (certainly hasn't
been demonstrated) on AMD. So I interpret this as general advice.

~~~
noncoml
Is the JS PoC for Spectre not applicable to AMD then?

~~~
molyss
I think Spectre and the JS PoC are actually the ones applicable to any modern
processors (including AMDs, ARMs and probably most other chip vendors). Looks
like the mitigations for these will be directly included in the browser.

EDIT : I don't even think we know of a way to fix Spectre in the kernel...

~~~
cryptonector
[https://lkml.org/lkml/2018/1/3/780](https://lkml.org/lkml/2018/1/3/780)

~~~
ibotty
No, that's only for variant two. Spectre is also variant one.

------
sandworm101
Still happy that i went with ryzen for my recent machine. I was sick of intel
behavior then, only more so now.

~~~
ComputerGuru
Completely off-topic now, but I've had such a bad experience with the
motherboard selection. So many bugs in even the most popular motherboard (X399
Taichi) that have necessitated countless updates, and the bug reports are
still coming in.

At least with Intel, I could grab a server-class motherboard and guarantee
rock-solid feature implementation - with the selection of AMD motherboards
available we have even separate yet contradictory settings exposed in the BIOS
setup. Pathetic.

~~~
loeg
What bugs have you observed in the X399 Taichi? Coincidentally, I have the
same board (since TR launch) and haven't even updated the BIOS -- it just
works fine for me.

~~~
ensignavenger
I had to update my Taichi to support my RAM at full speeds, but other than
that, it has worked generally well. My system overall sometimes does not wake
back up after going into power save, but I am not sure that is the MB or if it
is something else.

~~~
geezerjay
> I had to update my Taichi to support my RAM at full speeds

Unsupported hardware is hardly a bug.

~~~
ensignavenger
I agree, I don't really think it was a bug at all- I was just commenting that
I had only needed to update it that once for that one reason, and other than
that, it has worked well. Though given the context, I can see how you might
interpret my comment that way :)

------
kbwt
> Resolved by software / OS updates to be made available by system vendors and
> manufacturers.

Not unless you update every piece of code running on your machine to insert an
lfence following every branch on attacker-controlled data.

~~~
all_blue_chucks
Care to explain? How is an OS update insufficient?

~~~
fooker
Fences in the code significantly slows down execution. While you can not avoid
them altogether (modern processors are not sequentially consistent), the less
you can use, faster your concurrent code is.

This update makes the kernel insert fences into places where it wouldn't have
been necessary before, leading to potentially severe slowdowns.

------
proactivesvcs
I note they didn't state anything along the lines of "Negligible performance
impact. In line with other hardware manufacturers such as Intel, our security
fixes rarely cause severe performance loss."

~~~
ComputerGuru
Why would they? The performance loss being discussed on HN and affecting AWS
and others is primarily for the 3rd variant, not the first (which your quote
was with regards to).

~~~
proactivesvcs
Intel tacitly threw them and ARM under the bus, IMO, when Intel named them
specifically and unnecessarily. It seems AMD do not wish to return the favour.

------
zeep
Computer security, what a nightmare. If governments backdoors were illegal to
implement, that would help a little...

------
ngrilly
What are the "architecture differences" that make AMD CPUs immune to the 3rd
variant (Rogue Data Cache Load, aka Meltdown)?

~~~
ngrilly
I found this explanation in a Linux kernel commit:

 _AMD processors are not subject to the types of attacks that the kernel page
table isolation feature protects against. The AMD microarchitecture does not
allow memory references, including speculative references, that access higher
privileged data when running in a lesser privileged mode when that access
would result in a page fault._

Source:
[https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/...](https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=694d99d40972f12e59a3696effee8a376b79d7c8)

~~~
JdeBP
Discussed on Hacker News at
[https://news.ycombinator.com/item?id=16052451](https://news.ycombinator.com/item?id=16052451)
.

~~~
ngrilly
Thanks!

