Intel processor design flaw requiring ROS kernel mode change

Here you can discuss ReactOS related topics.

Moderator: Moderator Team

dizt3mp3r
Posts: 1447
Joined: Mon Jun 14, 2010 5:54 pm

Intel processor design flaw requiring ROS kernel mode change

Post by dizt3mp3r » Wed Jan 03, 2018 11:10 pm

This is a nasty issue that will affect XP systems. There is a processor flaw that allows user process access to Ring0 kernel mode memory.

https://www.theregister.co.uk/2018/01/0 ... sign_flaw/

Windows, Linux and OS/X are all being patched to circumvent this flaw and it supposedly results in a 5%-30% decrease in system performance as it requires complete separation between user and kernel modes requiring a lot more context switching hence more cpu cycles and delays.

What is the situation with ReactOS? I suppose the same changes will have to be implemented in ReactOS too and all o/s that could use the recent batch of Intel CPUs.

I wonder if Micorsots (sic) will produce a kernel mode fix?

Strangely, older CPUs > 10 years may be more secure as they are unaffected by the hardware error.

That article is REALLY worth reading.

karlexceed
Posts: 459
Joined: Thu Jan 10, 2013 6:17 pm
Contact:

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by karlexceed » Wed Jan 03, 2018 11:26 pm

Thanks, great article! Nice to see Alex Ionescu get a mention at the end there too!

I imagine that this is a bit of a non-issue for ROS in the short term, but could be a spot where eventually ROS will be forced to diverge from MS's implementation to address an issue that was never around in Server 2003's heyday.

dizt3mp3r
Posts: 1447
Joined: Mon Jun 14, 2010 5:54 pm

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by dizt3mp3r » Thu Jan 04, 2018 12:09 am

Yes I should have mentioned Alex being quoted there, I was too keen to get the news out.

From what I have read it seems that all Intel CPUs from 2007 onward have this vulnerability, that includes core2duo systems that were prevalent at that time. This is not stated anywhere yet but a look at the list of Intel cpus tells us what was created 10 years ago and that's all the core2duo and all the i3/5/7s &c.

The implication is that all Windows o/s need to be patched, XP, Vista, 7 - 8 and 10. I can't see MS avoiding patching 7, 8 or 10 and by implication XP too as it is used in business everywhere and last time there was such a serious flaw XP was patched.

I bet all the AMD users are sitting pretty at the moment. Shows us why we need competition in the CPU market. My two Win10 systems are both AMD. My Win7 system is core 2duo.

Adcock
Posts: 231
Joined: Thu Jul 07, 2016 5:37 pm

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by Adcock » Thu Jan 04, 2018 11:08 am

dizt3mp3r wrote: I bet all the AMD users are sitting pretty at the moment. Shows us why we need competition in the CPU market. My two Win10 systems are both AMD. My Win7 system is core 2duo.
Don't get comfy.
You forgot an 'h'.
Link
Someone in the Link wrote:AMD, Arm also affected by
data-leak design blunders,
Chipzilla hit hardest
kek!
Last edited by Adcock on Thu Jan 04, 2018 11:26 am, edited 1 time in total.

Konata
Posts: 391
Joined: Sun Apr 20, 2014 8:54 pm

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by Konata » Thu Jan 04, 2018 11:20 am

Adcock wrote: Don't get comfy.
Link
Someone in the Link wrote:AMD, Arm also affected by
data-leak design blunders,
Chipzilla hit hardest
kek!
The vulnerability only results in a segfault because AMD does actual security checking, Intel chips do no security checking for their instruction prediction and thus are actually vulnerable to arbitrary memory reads. Read things before you spew them.
And don't say "kek", you sound like a 9 year old.

val
Posts: 69
Joined: Fri Feb 10, 2017 5:22 am

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by val » Thu Jan 04, 2018 11:28 am

This is a CPU bug, not software one, so ReactOS is affected. Unless it doesn't map the kernel into the higher VA subspace of every process, but it does. Everybody does.
This is a very unpleasant thing. Turns out every processor using extensive out of order and speculative execution have these vulnerabilities to the varying degree. some latest AMD processors have been reptored as affected as well. and arm ones.

Adcock
Posts: 231
Joined: Thu Jul 07, 2016 5:37 pm

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by Adcock » Thu Jan 04, 2018 11:30 am

Konata : Vulnerability is not the problem.
Just tell me if that would slow down AMD too.
Will AMD slow down too?
Oh and I am sorry about 'kek!'.
As far as I know it's LOL.
Is it bad? :(
val: Does it mean I am right?

dizt3mp3r
Posts: 1447
Joined: Mon Jun 14, 2010 5:54 pm

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by dizt3mp3r » Thu Jan 04, 2018 11:41 am

I bet users of 'older' AMD processors are sitting pretty. My two Win10 laptops use older AMD processors and not Ryzens of course...

Adcock
Posts: 231
Joined: Thu Jul 07, 2016 5:37 pm

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by Adcock » Thu Jan 04, 2018 11:55 am

Konata : I did not say all AMD processors are affected.
dizt3mp3r : Thanks.
:)

I guess users of 'older' Intel processors
are sitting pretty too. ( <= 2007 )

kek!

dizt3mp3r
Posts: 1447
Joined: Mon Jun 14, 2010 5:54 pm

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by dizt3mp3r » Thu Jan 04, 2018 12:35 pm

If you have an old pre 2007 dual core Intel CPU (prior to core2duo) it MAY not be affected but that is unconfirmed. Those dual core cpus were quite quick in cycles (3 ghz+) but they were limited in architectural design and they were definitely slower than my 2.5ghz core 2duo which I still find quite adequate (at least for the moment).

val
Posts: 69
Joined: Fri Feb 10, 2017 5:22 am

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by val » Thu Jan 04, 2018 1:12 pm

Adcock wrote:Konata : Vulnerability is not the problem.
val: Does it mean I am right?
if researchers at google were right, then yes:
The register wrote: The researchers say AMD's Ryzen family is affected by Spectre. Googlers have confirmed AMD FX and AMD Pro cores can allow arbitrary data to be obtained by a user process; the proof-of-concept worked just within one process, though. An AMD Pro running Linux in a non-default configuration – the BPF JIT is enabled – also lets a normal user process read from 4GB of kernel virtual memory.

Adcock
Posts: 231
Joined: Thu Jul 07, 2016 5:37 pm

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by Adcock » Thu Jan 04, 2018 1:37 pm

dizt3mp3r : No. That was just fun.
Hope you did not mind.
Actually I have ( I mean my elder brother ) an HP Probook 450 G0 which is almost three years old ( probably more ).
So I am really upset.
:cry:

val : Okay. Thanks.

Updated with dizt3mp3r's suggestition.
Last edited by Adcock on Thu Jan 04, 2018 5:53 pm, edited 3 times in total.

Adcock
Posts: 231
Joined: Thu Jul 07, 2016 5:37 pm

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by Adcock » Thu Jan 04, 2018 2:25 pm

There is another issue.
Suppose patchs are made for Linux, Mac OS, MS Windows.
Will patch be made for kernel?
If yes then :
Then will Windows automatically detect the computer's processor and decide whether the patch is required or not and act accordingly?
If it doesn't do that then even if one has a processor that does not have that vulnerability will suffer performance loss, right?
I guess same for Macs.
But if Linux kernel gets the update then one would have to manually unpatch the sources and re-compile it to avoid performance loss, right?

Hope you guys understand what I mean.

dizt3mp3r
Posts: 1447
Joined: Mon Jun 14, 2010 5:54 pm

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by dizt3mp3r » Thu Jan 04, 2018 3:41 pm

Adcock, I think it may be time for you to read those articles, the information is present on the internet and it should answer all your questions re: Linux, os/x &c.

PS. You need to check your use of slang "sh1tt1ng" is not an appropriate word for a technical forum - you should really avoid any use of such slang that is considered an expletive in some cultures. In the UK that is still a swear word even if the Americans use it hourly in normal speech. It sounds bad to our ears and in our minds when we have to read it. It is also wrong to use it here as it adds nothing to the technical discussion. Simply put - avoid all slang.

PPS. FYI Latest news would imply that even dual core CPUs prior to 2007 would also be affected by the same weakness/potential exploit. This particular functionality has been used in Intel CPUs since 1995.

Sounds as if AMD (older chips) are the only ones less affected.

Fraizeraust
Posts: 228
Joined: Thu Jan 05, 2017 11:46 am
Location: Italy
Contact:

Re: Intel processor design flaw requiring ROS kernel mode ch

Post by Fraizeraust » Thu Jan 04, 2018 4:27 pm

dizt3mp3r wrote:I can't see MS avoiding patching 7, 8 or 10 and by implication XP too as it is used in business everywhere and last time there was such a serious flaw XP was patched.
Microsoft will obviously patch these operating systems sooner or later, not sure if I may say the same for XP. For Windows XP to be patched, you would have to wait another catastrophic situation like it happened before with XP machines of various organisations and institutions being infected by WannaCry ransomware which pushed Microsoft into releasing an emergency patch. It might sound stupid, but hey, that's my two cents guess.

I seriously doubt Microsoft will ever deliver updates on critical scenarios like these for this OS. WannaCry, indeed, has done lots of damage which Microsoft hadn't other chance but patching XP although this is a very particular and rare case for a company to update an abandonware product. Hopefully they'll consider giving aid to XP as well, if not then, well, such is life folks. :D
dizt3mp3r wrote:What is the situation with ReactOS? I suppose the same changes will have to be implemented in ReactOS too and all o/s that could use the recent batch of Intel CPUs.
This hardware bug will also affect ReactOS, no doubt. The main question is, do we have an active kernel developer who can tackle this critical flaw for the better?

Post Reply

Who is online

Users browsing this forum: Ahrefs [Bot], Bing [Bot] and 8 guests