Today's hardware vulnerability: register file data sampling
source link: https://lwn.net/Articles/965167/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Today's hardware vulnerability: register file data sampling
RFDS may allow a malicious actor to infer data values previously used in floating point registers, vector registers, or integer registers. RFDS does not provide the ability to choose which data is inferred
Only Atom cores are affected, but those cores can be found inside a number of processors. See this documentation commit for more information.
(Log in to post comments)
Today's hardware vulnerability: register file data sampling
Posted Mar 12, 2024 21:35 UTC (Tue) by developer122 (guest, #152928) [Link]
Today's hardware vulnerability: register file data sampling
Posted Mar 12, 2024 22:29 UTC (Tue) by hmh (subscriber, #3838) [Link]
https://www.intel.com/content/www/us/en/developer/topic-t...
Today's hardware vulnerability: register file data sampling
Posted Mar 12, 2024 23:00 UTC (Tue) by Heretic_Blacksheep (subscriber, #169992) [Link]
https://www.intel.com/content/www/us/en/developer/article...
I wouldn't assume previous unsupported generations of Atom processors aren't vulnerable because they're not listed. Intel specifically says in the fine print for the consolidated table:
"Refer to the 2022-2024 tab of the consolidated Affected Processors table: Register File Data Sampling column. Processors which have reached their End Of Servicing Lifetime are not listed in the consolidated table. Intel does not plan to evaluate whether any such processors are affected. Refer to the Support page for more information."
They may or may not be vulnerable. Intel isn't going to bother to check. It's left as an exercise to those who own and may still use those processors to check if RFDS (and any future hardware vulns) affect them and what to do about it.
That said, any of the in-order Atom CPUs probably won't be affected by hardware vulns that require speculative out-of-order execution. But if I'm reading the disclosure correctly, this isn't one of those vulnerabilities. Instead, it's a stale data not being cleared after processing vulnerability that can potentially leak sensitive data from places that shouldn't be leaking like the SGX domain or privileged kernel data using the AES-NI instructions. Spectre branch misprediction exploitation doesn't appear to be required here.
Today's hardware vulnerability: register file data sampling
Posted Mar 13, 2024 2:47 UTC (Wed) by willy (subscriber, #9762) [Link]
Today's hardware vulnerability: register file data sampling
Posted Mar 13, 2024 16:42 UTC (Wed) by Sesse (subscriber, #53779) [Link]
It's hard to find information about this now, though.
Today's hardware vulnerability: register file data sampling
Posted Mar 14, 2024 7:25 UTC (Thu) by anton (subscriber, #25547) [Link]
Bonnell (the in-order microarchitecture of the first Atom generation) is unlikely to be affected, because 1) it's completely different from the OoO microarchitectures used in later generations and, in particular, 2) it does not use register renaming, so there are no stale physical registers; all physical registers are architectural and directly readable.
The Silvermont and Airmont microarchitectures are between Bonnell and the listed Goldmont. Are there no supported products with these microarchitectures? My impression is that "Atom" cores are used longer in products than "Core" cores, and they might well be still supported.
Today's hardware vulnerability: register file data sampling
Posted Mar 14, 2024 10:33 UTC (Thu) by anton (subscriber, #25547) [Link]
Looking around a bit, at least the Silvermont-based Atom E3805 is still in the marketing status "launched" (rather than "discontinued"), so I would expect that Intel has checked Silvermont and that they think that Silvermont is not affected.
Concerning Airmont, I have not looked around until I found a CPU with Airmont that is still being considered in service, but Airmont is mostly a shrink of Silvermont, so it is unlikely to be affected if Silvermont is not; or in other words, it is more likely that they introduced this bug between Airmont and Goldmont than between Silvermont and Airmont.
Today's hardware vulnerability: register file data sampling
Posted Mar 12, 2024 22:19 UTC (Tue) by flussence (subscriber, #85566) [Link]
Today's hardware vulnerability: register file data sampling
Posted Mar 13, 2024 9:51 UTC (Wed) by ianmcc (subscriber, #88379) [Link]
Today's hardware vulnerability: register file data sampling
Posted Mar 13, 2024 16:12 UTC (Wed) by k3ninho (subscriber, #50375) [Link]
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK