Contribute
Register

Meltdown and Spectre

Status
Not open for further replies.
Mikorist

Mikorist

Joined
Oct 21, 2012
Messages
205
Motherboard
Gigabyte GA-B85M-HD3 - F12
CPU
i5-4460
Graphics
GT 710
Mac
  1. iMac
Mobile Phone
  1. Android
  2. iOS
Is there a workaround/fix?
There are patches against Meltdown for Linux ( KPTI (formerly KAISER)), Windows, and OS X. There is also work to harden software against future exploitation of Spectre, respectively to patch software after exploitation through Spectre ( LLVM patch).

Which systems are affected by Meltdown?
Desktop, Laptop, and Cloud computers may be affected by Meltdown. More technically, every Intel processor which implements out-of-order execution is potentially affected, which is effectively every processor since 1995 (except Intel Itanium and Intel Atom before 2013). We successfully tested Meltdown on Intel processor generations released as early as 2011. Currently, we have only verified Meltdown on Intel processors. At the moment, it is unclear whether ARM and AMD processors are also affected by Meltdown.

Which systems are affected by Spectre?
Almost every system is affected by Spectre: Desktops, Laptops, Cloud Servers, as well as Smartphones. More specifically, all modern processors capable of keeping many instructions in flight are potentially vulnerable. In particular, we have verified Spectre on Intel, AMD, and ARM processors.

Look https://spectreattack.com/

Rest in peace Intel:banghead:
 
No Worries, It's already fixed in 10.13.2. Don't listen to all the hype by the media.
Developer Alex Ionescu posted on Twitter that Apple included a fix for the flaw in macOS 10.13.2. Another report from AppleInsider echoes Ionescu’s claim, citing other sources that say most of the damage has already been mitigated.
Click to expand...

Reported by Cult of Mac on 1/3/18
 
Last edited:
trs96 said:
No Worries, It's already fixed in 10.13.2. Don't listen to all the hype by the media.

Reported by Cult of Mac on 1/3/18
Click to expand...

Apple Support Document : https://support.apple.com/en-us/HT208394

The problem is in the CPU hardware and cannot be fixed there. Apple has released a software fix to avoid the Meltdown hole, but not Spectre. And the fix is for MacOS High Sierra only.

We are still waiting for the Safari update Apple has promised to "mitigate" Spectre. I think we have no idea how Spectre may affect us now or in the future at this time.

How about older OS like El Capitan and Sierra which are still under support? Is Meltdown already fixed (avoided) with the most recent security updates? If so, how about the possible performance impact? Apple has not said anything on this in that document. And if not, is Apple going to release Security Updates for them to fix Meltdown in the future? What about even older systems like Yosemite which are "out of support"? Are we just expected to "upgrade" to High Sierra if we want the vulnerabilities "fixed" or "mitigated"?

I want answers to these questions as soon as possible. Hopefully Apple will give us answers soon.
 
Last edited:
Jamesbond007 said:
I want answers to these questions as soon as possible. Hopefully Apple will give us answers soon.
Click to expand...

I pretty sure that so far they have only worked to patch Meltdown.

And will come in macOS High Sierra 10.13.3.

So many unanswered questions and doubt here.
 
Jamesbond007 said:
The problem is in the CPU hardware and cannot be fixed there. Apple has released a software fix to avoid the Meltdown hole, but not Spectre. And the fix is for MacOS High Sierra only.
Click to expand...

January 4, 2018: Apple and Intel update on Meltdown and Spectre
Apple has posted a knowledge base article detailing both the updates the company has already pushed out to address Meltdown on macOS, iOS, and tvOS (watchOS is not affected), and its plans to push further updates to protect Safari from Spectre.

Screen Shot 6.jpg
 
Why is this all done without any configuration options?

A *competent* CPU engineer would fix this by making sure speculation
doesn't happen across protection domains. Maybe even a L1 I$ that is
keyed by CPL.

I think somebody inside of Intel needs to really take a long hard look
at their CPU's, and actually admit that they have issues instead of
writing PR blurbs that say that everything works as designed.

.. and that really means that all these mitigation patches should be
written with "not all CPU's are crap" in mind.

Or is Intel basically saying "we are committed to selling you ****
forever and ever, and never fixing anything"?

Because if that's the case, maybe we should start looking towards the
ARM64 people more.

Please talk to management. Because I really see exactly two possibibilities:

- Intel never intends to fix anything

OR

- these workarounds should have a way to disable them.

Which of the two is it?

Linus
Click to expand...

https://lkml.org/lkml/2018/1/3/797
 
Last edited:
I wonder what all these patches do without CPL ?

CPL.png


The same principle applies to all operating systems working at a low level . . .
 
Last edited:
Status
Not open for further replies.
Copyright © 2010 - 2024 tonymacx86 LLC
Back
Top