{"id":36246,"date":"2018-01-26T10:34:09","date_gmt":"2018-01-26T09:34:09","guid":{"rendered":"http:\/\/www.planet3dnow.de\/cms\/?p=36246"},"modified":"2018-01-26T12:34:04","modified_gmt":"2018-01-26T11:34:04","slug":"amd-gibt-programmierleitfaden-gegen-spectre-heraus","status":"publish","type":"post","link":"https:\/\/www.planet3dnow.de\/cms\/36246-amd-gibt-programmierleitfaden-gegen-spectre-heraus\/","title":{"rendered":"<span class=\"caps\">AMD<\/span> gibt Programmierleitfaden gegen Spectre heraus"},"content":{"rendered":"<p>Gestern hat Leser skel\u00adle\u00adtor <a href=\"http:\/\/www.planet3dnow.de\/vbulletin\/threads\/429331-AMD-stellt-klar-MS-Patch-nur-gegen-Spectre-auf-AMD-Hardware?p=5186998#post5186998\">im Forum<\/a> ein neu\u00ades White\u00adpa\u00adper von <span class=\"caps\">AMD<\/span> ent\u00addeckt, wel\u00adches Pro\u00adgram\u00admie\u00adrern und Com\u00adpi\u00adler\u00adent\u00adwick\u00adlern eini\u00adge Tech\u00adni\u00adken an die Hand geben soll, wie die Angriffs\u00adsze\u00adna\u00adri\u00aden Spect\u00adre 1 und 2 auf AMD-Pro\u00adzes\u00adso\u00adren erschwert wer\u00adden k\u00f6n\u00adnen. Von Melt\u00addown ist <span class=\"caps\">AMD<\/span> auf\u00adgrund der Archi\u00adtek\u00adtur-Unter\u00adschie\u00adde zu Intel bekannt\u00adlich <a href=\"http:\/\/www.planet3dnow.de\/cms\/35759-massive-sicherheitsluecke-in-intel-cpus-update-amd-arm-bugfixes-2\/\">nicht betrof\u00adfen<\/a>. Bei Spect\u00adre jedoch ist auch bei AMD-Pro\u00adzes\u00adso\u00adren zumin\u00addest die M\u00f6g\u00adlich\u00adkeit gege\u00adben, die L\u00fccke aus\u00adzu\u00adnut\u00adzen, auch wenn <span class=\"caps\">AMD<\/span> sie im Fal\u00adle von Vari\u00adan\u00adte 2 mit \u201cnahe Null\u201d angibt.<\/p>\n<p>Wer einen Blick in den <a href=\"http:\/\/developer.amd.com\/wordpress\/media\/2013\/12\/Managing-Speculation-on-AMD-Processors.pdf\" rel=\"noopener\" target=\"_blank\">Leit\u00adfa\u00adden<\/a> wirft, fin\u00addet eine gan\u00adze Palet\u00adte an Vor\u00adschl\u00e4\u00adgen. So sol\u00adlen z.B. Regis\u00adter geleert wer\u00adden sobald sie nicht mehr ben\u00f6\u00adtigt wer\u00adden, der Befehl <span class=\"caps\">LFENCE<\/span> soll genutzt wer\u00adden, um Lade\u00adope\u00adra\u00adtio\u00adnen seri\u00adell durch\u00adzu\u00adf\u00fch\u00adren und es wird anhand eines Bei\u00adspiels gezeigt, wie <a href=\"https:\/\/support.google.com\/faqs\/answer\/7625886\" rel=\"noopener\" target=\"_blank\">Ret\u00adpo\u00adli\u00adne<\/a>, Goo\u00adgles Vor\u00adschlag zur Mil\u00adde\u00adrung von Spect\u00adre 2, in der Pro\u00adgram\u00admier\u00adpra\u00adxis umge\u00adsetzt wer\u00adden kann; im White\u00adpa\u00adper <span class=\"caps\">V2<\/span>\u20111 genannt.<\/p>\n<p>Der Vor\u00adteil von Ret\u00adpo\u00adli\u00adne w\u00e4re, dass die AMD-Pro\u00adzes\u00adso\u00adren \u2013 im Gegen\u00adsatz zu Intel \u2013 ohne wei\u00adte\u00adre Micro\u00adcode-Updates aus\u00adk\u00e4\u00admen. Es m\u00fcss\u00adten also weder BIOS-Updates gegen Spect\u00adre 2 geschn\u00fcrt und ver\u00adteilt, noch Micro\u00adcode-Updates in Linux Repo\u00adsi\u00adto\u00adrys aus\u00adge\u00adrollt wer\u00adden. Es zeich\u00adnet sich ab, dass Ret\u00adpo\u00adli\u00adne der bevor\u00adzug\u00adte Weg in der Linux-Welt wer\u00adden wird, w\u00e4h\u00adrend sich Micro\u00adsoft in sei\u00adnen bis\u00adhe\u00adri\u00adgen Win\u00addows-Updates auf eine ande\u00adre Vari\u00adan\u00adte kon\u00adzen\u00adtriert, im White\u00adpa\u00adper <span class=\"caps\">V2<\/span>\u20114 genannt. Die\u00adse setzt neue CPU-Befeh\u00adle vor\u00adaus \u2013 Indi\u00adrect Branch Rest\u00adric\u00adted Spe\u00adcu\u00adla\u00adti\u00adon (<span class=\"caps\">IBRS<\/span>), Sin\u00adgle Thread Indi\u00adrect Branch Pre\u00addic\u00adtors (<span class=\"caps\">STIBP<\/span>) und Indi\u00adrect Branch Pre\u00addic\u00adtor Bar\u00adri\u00ader (<span class=\"caps\">IBPB<\/span>) \u2013 ist damit nur mit\u00adtels Micro\u00adcode-Update und\/oder neu\u00ader CPUs mach\u00adbar und kos\u00adtet je nach CPU-Gene\u00adra\u00adti\u00adon mal mehr mal weni\u00adger an Leistung.<\/p>\n<p>Aus die\u00adsem Grund spricht sich <span class=\"caps\">AMD<\/span> im Fazit deut\u00adlich f\u00fcr Ret\u00adpo\u00adli\u00adne als L\u00f6sungs\u00adweg gegen Spect\u00adre 2 aus, schlie\u00df\u00adlich k\u00e4me man dann ohne wei\u00adte\u00adre Micro\u00adcode-Updates aus:<\/p>\n<blockquote><p><span class=\"caps\">AMD<\/span> is ali\u00adgned with the x86 com\u00admu\u00adni\u00adty that <span class=\"caps\">V1<\/span>\u20111 (lfence) is the pre\u00adfer\u00adred vari\u00adant 1 soft\u00adware solu\u00adti\u00adon and that the <span class=\"caps\">V2<\/span>\u20111 (ret\u00adpo\u00adli\u00adne) is the pre\u00adfer\u00adred vari\u00adant 2 soft\u00adware solu\u00adti\u00adon. <span class=\"caps\">AMD<\/span> con\u00adti\u00adnues to eva\u00adlua\u00adte oppor\u00adtu\u00adni\u00adties for new miti\u00adga\u00adti\u00adons in both the x86 <span class=\"caps\">ISA<\/span> and micro-archi\u00adtec\u00adtu\u00adre for future <span class=\"caps\">AMD<\/span> processors.<\/p><\/blockquote>\n<p>Ob Micro\u00adsoft jedoch noch ein\u00admal umschwen\u00adken wird, darf zumin\u00addest bezwei\u00adfelt wer\u00adden. Soll\u00adte Intel jedoch sei\u00adne Micro\u00adcode-Updates nicht zeit\u00adnah hin\u00adkrie\u00adgen \u2013 der ers\u00adte Ver\u00adsuch muss\u00adte nach Insta\u00adbi\u00adli\u00adt\u00e4\u00adten bereits <a href=\"http:\/\/www.planet3dnow.de\/cms\/36216-bootfehler-nach-windows-update-auch-bei-neuen-systemen\/\">wie\u00adder zur\u00fcck\u00adge\u00adzo\u00adgen<\/a> wer\u00adden \u2013 w\u00e4re Micro\u00adsoft wom\u00f6g\u00adlich gezwun\u00adgen dazu. Ins\u00adbe\u00adson\u00adde\u00adre Linux-Chef\u00adstra\u00adte\u00adge Linus Tor\u00advalds hat sich k\u00fcrz\u00adlich deut\u00adlich (\u201c<a href=\"http:\/\/lkml.iu.edu\/hypermail\/linux\/kernel\/1801.2\/04628.html\" rel=\"noopener\" target=\"_blank\">The patches are <span class=\"caps\">COMPLETE<\/span> <span class=\"caps\">AND<\/span> <span class=\"caps\">UTTER<\/span> <span class=\"caps\">GARBAGE<\/span><\/a>\u201d) zu den bis\u00adher abge\u00adlie\u00adfer\u00adten Patches ge\u00e4u\u00dfert.<\/p>\n<p>Von Ker\u00adnel\u00adent\u00adwick\u00adler Ingo Moln\u00e1r exis\u00adtiert mitt\u00adler\u00adwei\u00adle noch <a href=\"https:\/\/lkml.org\/lkml\/2018\/1\/23\/25\" rel=\"noopener\" target=\"_blank\">ein wei\u00adte\u00adrer Vor\u00adschlag<\/a>, der der\u00adzeit unter\u00adsucht wird, eine Erg\u00e4n\u00adzung, um Ret\u00adpo\u00adli\u00adne auch auf anschei\u00adnend beson\u00adders gef\u00e4hr\u00adde\u00adten*) Intel-Sky\u00adla\u00adke-CPUs nutz\u00adbar zu machen. Die\u00adser k\u00e4me ohne Micro\u00adcode-Updates aus und w\u00fcr\u00adde auf einen bereits in den meis\u00adten Ker\u00adnels ent\u00adhal\u00adte\u00adnen <span class=\"caps\">CONFIG_FUNCTION_TRACER<\/span> fu\u00dfen:<\/p>\n<blockquote><p>Note the huge num\u00adber of advantages:<\/p>\n<p> \u2014 All dis\u00adtro ker\u00adnels alre\u00ada\u00addy enable the mcount based patching opti\u00adons, so there\u2019s lite\u00adral\u00adly zero over\u00adhead to any\u00adthing except SkyLake.<\/p>\n<p> \u2014 It is ful\u00adly ker\u00adnel patching based and can be acti\u00adva\u00adted on Sky\u00adla\u00adke&nbsp;only<\/p>\n<p> \u2014 It does\u00adn\u2019t requi\u00adre any micro\u00adcode updates, so it will work on all exis\u00adting CPUs with no firm\u00adware or micro\u00adcode modificatons<\/p>\n<p> \u2014 It does\u00adn\u2019t requi\u00adre any com\u00adpi\u00adler updates<\/p>\n<p> \u2014 Sky\u00adLa\u00adke per\u00adfor\u00admance is very likely to be much less fra\u00adgi\u00adle than rely\u00ading on a hasti\u00adly deploy\u00aded micro\u00adcode&nbsp;hack<\/p>\n<p> \u2014 The \u201cSky\u00adLa\u00adke stack depth tra\u00adcer\u201d can be tes\u00adted on other CPUs as well in debug builds, broa\u00adde\u00adning the test\u00ading&nbsp;base<\/p>\n<p> \u2014 The tra\u00adcer is very obvious\u00adly simp\u00adle and reviewa\u00adble, and we can for\u00adget about it in the far future.<\/p>\n<p> \u2014 It\u2019s much more back\u00adpor\u00adta\u00adble to older ker\u00adnels: should the\u00adre be a new class of exploits then this machi\u00adnery could be updated to cover that too \u2014 while  upgrades to newer ker\u00adnels would give the hig\u00adher per\u00adfor\u00admant solution.<\/p><\/blockquote>\n<p>Der L\u00f6sungs\u00adweg wird der\u00adzeit noch eva\u00adlu\u00adiert und ist bis\u00adher noch nicht imple\u00admen\u00adtiert worden.<\/p>\n<p>*) <a href=\"https:\/\/lkml.org\/lkml\/2018\/1\/22\/598\" rel=\"noopener\" target=\"_blank\">David Wood\u00adhouse<\/a>: <em>\u201cThen there\u2019s Sky\u00adla\u00adke, and that gene\u00adra\u00adti\u00adon of <span class=\"caps\">CPU<\/span> cores. For com\u00adpli\u00adca\u00adted reasons they actual\u00adly end up being vul\u00adnerable not just on indi\u00adrect bran\u00adches, but also on a \u2018ret\u2019 in some cir\u00adcum\u00ads\u00adtances (such as 16+ CALLs in a deep&nbsp;chain).\u201d<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Wer einen Blick in den Leit\u00adfa\u00adden wirft, fin\u00addet eine gan\u00adze Palet\u00adte an Vor\u00adschl\u00e4\u00adgen. So sol\u00adlen z.B. Regis\u00adter geleert wer\u00adden sobald sie nicht mehr ben\u00f6\u00adtigt wer\u00adden, der Befehl <span class=\"caps\">LFENCE<\/span> soll genutzt wer\u00adden, um Lade\u00adope\u00adra\u00adtio\u00adnen seri\u00adell durch\u00adzu\u00adf\u00fch\u00adren und es wird anhand eines Bei\u00adspiels gezeigt, wie Ret\u00adpo\u00adli\u00adne, Goo\u00adgles Vor\u00adschlag zur Mil\u00adde\u00adrung von Spect\u00adre 2, in der Pro\u00adgram\u00admier\u00adpra\u00adxis umge\u00adsetzt wer\u00adden kann; im White\u00adpa\u00adper <span class=\"caps\">V2<\/span>\u20111 genannt. (\u2026) <a class=\"moretag\" href=\"https:\/\/www.planet3dnow.de\/cms\/36246-amd-gibt-programmierleitfaden-gegen-spectre-heraus\/\">Wei\u00adter\u00adle\u00adsen&nbsp;\u00bb<\/a><\/p>\n","protected":false},"author":2,"featured_media":35751,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"ngg_post_thumbnail":0,"footnotes":""},"categories":[12],"tags":[966,1420],"class_list":["post-36246","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-aktuelles","tag-amd","tag-spectre","entry"],"share_on_mastodon":{"url":"","error":""},"_links":{"self":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts\/36246","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/comments?post=36246"}],"version-history":[{"count":18,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts\/36246\/revisions"}],"predecessor-version":[{"id":36274,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/posts\/36246\/revisions\/36274"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/media\/35751"}],"wp:attachment":[{"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/media?parent=36246"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/categories?post=36246"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.planet3dnow.de\/cms\/wp-json\/wp\/v2\/tags?post=36246"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}