CPU flaw: Key details of the huge processor problem [Fixes are here!]

Chris Burns - Jan 3, 2018
CPU flaw: Key details of the huge processor problem [Fixes are here!]

An Intel bug was just announced which could have negative effects on the performance capabilities of computers all over the world. Before we go any further, I need to be clear in saying this will not have a significant effect on most users, or so we’re lead to believe thus far. Intel has not released all the details on the issue, but we do have a general idea of what’s happening and what to expect.

Should my IT department freak out?

More than likely your IT department doesn’t need to flip their collective wig just yet. The issue has the potential to be bad in very unlikely circumstances, and it’s unlikely that any new problems are going to pop up soon. New issues are not likely to appear before Intel issues their fix for the problem, that is to say.

Should my son or daughter be aware?

You don’t need to call, text, or otherwise send messages to your son or daughter right this minute. If you’re the sort of parent that loves to tell your family about software updates, by all means do so. This isn’t so much of hole in a submarine as it is a loose wood slat in a fence …for most people …for the time being.

What’s going on?

A user’s computer’s CPU operates in two modes: kernel mode and user mode. In user mode is the safe zone, and kernel mode is the danger zone. Kernel mode is where your computer hardware can be read, modified, or wrecked completely.

A program using the CPU in user mode is supposed to only have access to the hardware that the CPU has allotted. The bug seems to be that the program, still in user mode, can access more hardware than the CPU is supposed to have allowed.* This is potentially very bad as it could give a malicious program access to a user’s hardware in a way usually only possible in kernel mode.

*OF NOTE: The CPU gives the program a page table of virtual memory cells with which to operate in user mode. With Intel processors in this situation, additional page tables were generated, but inaccessible to the program in user mode.

These supposedly inaccessible tables contained references to physical memory. The problem is that these inaccessible tables seem to have been accessible to programs in user mode, which is not good.

The Fix

A fix is not yet delivered for all computers with Intel inside. As such, we can only speculate as to what exactly will happen. One thing that seems to be certain is the basic set of actions that’ll occur.

Each time a program needs memory, it accesses the page table of virtual memory it was allotted. If the program needs to do some processing with memory which it was not already allotted, the CPU will switch to kernel mode, do the processing, and switch back to user mode. That’ll change with the software fix for this issue.

The fix will change the way the program attains memory for its processes. With the fix, the entire page table of memory will be sent back when the CPU switches to kernel mode. The CPU will do its processing in kernel mode, and the whole page table will be sent back to user mode.

The safety of this fix will almost certainly result in a performance hit to all Intel computers. Dependent on how big of a hit computers will take, we’ll see additional fallout as a result of this situation.

TLDR : Python Sweetness

An article by an anonymous user writing in a blog by the name of Python Sweetness did a lot of the research work necessary to uncover this bug. While we do not know their name, I’d like to thank this developer/researcher for their legwork.

“There is presently an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve,” wrote PS. “Urgent development of a software mitigation is being done in the open and recently landed in the Linux kernel, and a similar mitigation began appearing in NT kernels in November.” More deep-dive information that most everyday users couldn’t possibly find a use for can be found at Python Sweetness.

UPDATE: Statements

Intel, AMD, ARM, and Google have released statements on this situation. Have a peek are our full statements article for the whole bunch. Intel suggested the situation isn’t something to get too excited about (of course), and said that their fix will result in a maximum performance loss of 2%.

Google had the most succinct description of the flaw – which makes sense, them having apparently discovered the thing in the first place. As Google’s Matt Linton, Senior Security Engineer and Pat Parseghian, Technical Program Manager, puts it:

“In order to improve performance, many CPUs may choose to speculatively execute instructions based on assumptions that are considered likely to be true. During speculative execution, the processor is verifying these assumptions; if they are valid, then the execution continues,” said Parseghian. “If they are invalid, then the execution is unwound, and the correct execution path can be started based on the actual conditions. It is possible for this speculative execution to have side effects which are not restored when the CPU state is unwound, and can lead to information disclosure.”

The Fixes are In

According to The Verge, the Windows update for this issue will be released at 5PM Eastern Time, 4PM Central Time, 2PM Pacific. At that time, availability for the update should begin. To access the update, Windows 10 users should find their settings menu, tap “Update and Security,” then tap “Check for Updates.”

The vast majority of Google products (including products that run Google operating systems like Android) already have a fix for the exploit in place. Intel, AMD, ARM – and anyone else we’ve not heard about thus far – have fixes already in place or in the mix with hardware manufacturers in which their products reside. See MeltdownAttack.com for more information (from the bug seekers themselves.)

Must Read Bits & Bytes