• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Microsoft Halts Meltdown-Spectre Patches to AMD PCs as Some Turn Unbootable

Joined
Feb 3, 2017
Messages
3,755 (1.32/day)
Processor Ryzen 7800X3D
Motherboard ROG STRIX B650E-F GAMING WIFI
Memory 2x16GB G.Skill Flare X5 DDR5-6000 CL36 (F5-6000J3636F16GX2-FX5)
Video Card(s) INNO3D GeForce RTX™ 4070 Ti SUPER TWIN X2
Storage 2TB Samsung 980 PRO, 4TB WD Black SN850X
Display(s) 42" LG C2 OLED, 27" ASUS PG279Q
Case Thermaltake Core P5
Power Supply Fractal Design Ion+ Platinum 760W
Mouse Corsair Dark Core RGB Pro SE
Keyboard Corsair K100 RGB
VR HMD HTC Vive Cosmos
Why? Because what that patch is doing is basically screaming at the CPU "no you won´t be doing this, you are blocked, find another route". Because if the CPU does what it was programmed to, it will put valuable information on a place where a hacker can access. Wich is what meltdown is, in easy non complex words. This is not your common insecure software code that can be 100% patched. This is on the core of the CPUs!
What the patch does is tell CPU to clean out the valuable information from a place where hacker can access before the hacker gets to the point where he can access it.
When that information is not there, the CPU is not going to be able to read it.
Even a website can mess your meltdown patch and you are open again.
No, it cannot.
If you have no problems by using a CPU at that constant risk, that´s up to you. I refuse to.
What are you going back to, one of the Atoms? :)
For Meltdown, AMD and most of ARMs seem to be unaffected. For Spectre, here is a list:
https://forum.level1techs.com/t/list-of-cpus-most-likely-immune-to-spectre/123128
 
Last edited:
Joined
Apr 16, 2010
Messages
3,600 (0.67/day)
Location
Portugal
System Name LenovoⓇ ThinkPad™ T430
Processor IntelⓇ Core™ i5-3210M processor (2 cores, 2.50GHz, 3MB cache), Intel Turbo Boost™ 2.0 (3.10GHz), HT™
Motherboard Lenovo 2344 (Mobile Intel QM77 Express Chipset)
Cooling Single-pipe heatsink + Delta fan
Memory 2x 8GB KingstonⓇ HyperX™ Impact 2133MHz DDR3L SO-DIMM
Video Card(s) Intel HD Graphics™ 4000 (GPU clk: 1100MHz, vRAM clk: 1066MHz)
Storage SamsungⓇ 860 EVO mSATA (250GB) + 850 EVO (500GB) SATA
Display(s) 14.0" (355mm) HD (1366x768) color, anti-glare, LED backlight, 200 nits, 16:9 aspect ratio, 300:1 co
Case ThinkPad Roll Cage (one-piece magnesium frame)
Audio Device(s) HD Audio, RealtekⓇ ALC3202 codec, DolbyⓇ Advanced Audio™ v2 / stereo speakers, 1W x 2
Power Supply ThinkPad 65W AC Adapter + ThinkPad Battery 70++ (9-cell)
Mouse TrackPointⓇ pointing device + UltraNav™, wide touchpad below keyboard + ThinkLight™
Keyboard 6-row, 84-key, ThinkVantage button, spill-resistant, multimedia Fn keys, LED backlight (PT Layout)
Software MicrosoftⓇ WindowsⓇ 10 x86-64 (22H2)
It would be a different story if that patch would bin applied by CPU micro code or BIOS fix, not Software / OS fix.
Manufacturers are actively releasing BIOS/UEFI updates to mitigate the known CVEs, for systems in their support's timeframe. Check for updates on your manufacturer's website.
 
Joined
Jul 5, 2016
Messages
155 (0.05/day)
System Name Purple Stuff
Processor Intel Core I7-8700K @ 5.0 Ghz
Motherboard Asus ROG Strix Z370-F Gaming
Cooling NZXT Kraken X62
Memory Corsair Vengence 16 GB DDR4 @ 3600 Mhz
Video Card(s) Asus ROG Strix GTX 1080 TI
Storage Samsung EVO 960 500 GB, HDD 4TB WD Black, SSD Crucial MX400 1TB
Display(s) Acer Predator XB271HU 27" x2
Case Phanteks Enthoo Evolv ATX Tempered Glass
Power Supply Seasonic Focus + Platinum 850 W
Mouse Steelseries Rival 700
Keyboard Razer Blackwidow Chroma V2
Software Win 10 Pro
That people actually believe, that a 'patch' will solve this thing, lol. Patch will be overwritten and your system is back to being vulnerable again. It takes some time for hackers to develop a serious exploit.


You sure? If a hacker would succesfully write his own patch to disable that patch, then that CPU goes back to doing normal thing again, making it vulnerable. He is right. The scale of Meltdown is easily underestimated. Every intel CPU is vulnerable. It would be a different story if that patch would bin applied by CPU micro code or BIOS fix, not Software / OS fix.


The mitigation for Meltdown has the following parts : OS Updates and BIOS firmware (ASUS were among the first ones to roll out the BIOS update that INCLUDES the mitigation). Meltdown IS mitigated thus far. Techspot even has a benchmark on it. At this point this is turning to be a contest between which is worse Specter or Meltdown ... and it shouldn't be the case since BOTH are serious vulnerabilities that are being mitigated until a possible fix will be out with tech companies working around the damn clock to find a fix that will not impact performance. Stop acting like nobody is working on the matter and furthermore stop spreading FUD.
 
Joined
Jan 31, 2012
Messages
2,648 (0.57/day)
Location
East Europe
System Name PLAHI
Processor I5-10400
Motherboard MSI MPG Z490 GAMING PLUS
Cooling 120 AIO
Memory 32GB Corsair LPX 2400 Mhz DDR4 CL14
Video Card(s) PNY QUADRO RTX A2000
Storage Intel 670P 512GB
Display(s) Philips 288E2A 28" 4K + 22" LG 1080p
Case Silverstone Raven 03 (RV03)
Audio Device(s) Creative Soundblaster Z
Power Supply Fractal Design IntegraM 650W
Mouse Logitech Triathlon
Keyboard REDRAGON MITRA
Software Windows 11 Home x 64
If you have no problems by using a CPU at that constant risk, that´s up to you. I refuse to.

I don't think this is right. I literary assembled my PC a few months ago. And probably use it for 5-7 years or so. Like millions of people that are not super tech savvy/ on a budget. Are you suggesting all of us should just sell, or whatever our current systems and switch right away with substantial cost taken on our account? This makes no sense to me. Problem is being solved and with adequate user behavior lots of dangers can be avoided.
 
Joined
Feb 12, 2015
Messages
1,104 (0.31/day)
The Window Updates over the past year have been a complete nightmare for me. Doesn't matter if it's an AMD or Intel system.... At least one of my PC's breaks every major update.

The worst part is I cannot even decide I don't want a machine-breaking update! God we need an alternative to Windows so bad right now...
 
Joined
Apr 10, 2013
Messages
302 (0.07/day)
Location
Michigan, USA
Processor AMD 1700X
Motherboard Crosshair VI Hero
Memory F4-3200C14D-16GFX
Video Card(s) GTX 1070
Storage 960 Pro
Display(s) PG279Q
Case HAF X
Power Supply Silencer MK III 850
Mouse Logitech G700s
Keyboard Logitech G105
Software Windows 10
]please update the image to reflect that the issue happens on older chipsets and/or add more information, Ryzen seems not to be affected so far. As it stands, it is vague and creates FUD around which AMD products this is being affected, with reports so far pointing to K8-era hardware. It is enough that this is already happening with Intel CPUs..
AMD already confirmed their CPUs are vulnerable to variant 1 and variant 2. The internet trolls like to say AMD isn't vulnerable to variant 2 since AMD says "there is near zero risk". Near is not "no". All of this is near zero for all CPUs. RyZen is AMD's current product and this is their problem (bricking PCs). And yes, Intel sucks. Just being fair.
 

64K

Joined
Mar 13, 2014
Messages
6,773 (1.73/day)
Processor i7 7700k
Motherboard MSI Z270 SLI Plus
Cooling CM Hyper 212 EVO
Memory 2 x 8 GB Corsair Vengeance
Video Card(s) Temporary MSI RTX 4070 Super
Storage Samsung 850 EVO 250 GB and WD Black 4TB
Display(s) Temporary Viewsonic 4K 60 Hz
Case Corsair Obsidian 750D Airflow Edition
Audio Device(s) Onboard
Power Supply EVGA SuperNova 850 W Gold
Mouse Logitech G502
Keyboard Logitech G105
Software Windows 10
The Window Updates over the past year have been a complete nightmare for me. Doesn't matter if it's an AMD or Intel system.... At least one of my PC's breaks every major update.

The worst part is I cannot even decide I don't want a machine-breaking update! God we need an alternative to Windows so bad right now...

I think MS has shifted the burden of QA and testing from themselves to their customers. Pretty damn lazy of them and what happened here is a result of that mindset.
 
Joined
Dec 30, 2010
Messages
2,198 (0.43/day)
The Window Updates over the past year have been a complete nightmare for me. Doesn't matter if it's an AMD or Intel system.... At least one of my PC's breaks every major update.

The worst part is I cannot even decide I don't want a machine-breaking update! God we need an alternative to Windows so bad right now...

Install W7 X64. And use it for another 2 years untill support ends up. By that time, linux and Wine is getting so accepted that you should be able to create an alternative OS easily. It's the same i'm doing. You cant tell how many computers every month get bricked due to failed updates.
 
Joined
Feb 12, 2015
Messages
1,104 (0.31/day)
I think MS has shifted the burden of QA and testing from themselves to their customers. Pretty damn lazy of them and what happened here is a result of that mindset.

I am sure that is part of it. But then if that's the way MS wants to do things... Why are they making the updates mandatory?!


If they thoroughly tested each update themselves, then I would understand (a little) why they want to force updates for security reasons. But that is clearly not true if they released this update without testing it on AMD systems! LOL what is this amateur hour?
 
  • Like
Reactions: 64K
Joined
Apr 16, 2010
Messages
3,600 (0.67/day)
Location
Portugal
System Name LenovoⓇ ThinkPad™ T430
Processor IntelⓇ Core™ i5-3210M processor (2 cores, 2.50GHz, 3MB cache), Intel Turbo Boost™ 2.0 (3.10GHz), HT™
Motherboard Lenovo 2344 (Mobile Intel QM77 Express Chipset)
Cooling Single-pipe heatsink + Delta fan
Memory 2x 8GB KingstonⓇ HyperX™ Impact 2133MHz DDR3L SO-DIMM
Video Card(s) Intel HD Graphics™ 4000 (GPU clk: 1100MHz, vRAM clk: 1066MHz)
Storage SamsungⓇ 860 EVO mSATA (250GB) + 850 EVO (500GB) SATA
Display(s) 14.0" (355mm) HD (1366x768) color, anti-glare, LED backlight, 200 nits, 16:9 aspect ratio, 300:1 co
Case ThinkPad Roll Cage (one-piece magnesium frame)
Audio Device(s) HD Audio, RealtekⓇ ALC3202 codec, DolbyⓇ Advanced Audio™ v2 / stereo speakers, 1W x 2
Power Supply ThinkPad 65W AC Adapter + ThinkPad Battery 70++ (9-cell)
Mouse TrackPointⓇ pointing device + UltraNav™, wide touchpad below keyboard + ThinkLight™
Keyboard 6-row, 84-key, ThinkVantage button, spill-resistant, multimedia Fn keys, LED backlight (PT Layout)
Software MicrosoftⓇ WindowsⓇ 10 x86-64 (22H2)
AMD already confirmed their CPUs are vulnerable to variant 1 and variant 2. The internet trolls like to say AMD isn't vulnerable to variant 2 since AMD says "there is near zero risk". Near is not "no". All of this is near zero for all CPUs. RyZen is AMD's current product and this is their problem (bricking PCs). And yes, Intel sucks. Just being fair.
This news article and my reply refer to Microsoft's patch and it's effect on older AMD processors/chipset, NOT the vunlnerabilty of AMD's line-up to Spectre I and II. That aspect wasn't in evidence here and has not been discussed. Please, don't create confusion over this.
 
Joined
Feb 12, 2015
Messages
1,104 (0.31/day)
Install W7 X64. And use it for another 2 years untill support ends up. By that time, linux and Wine is getting so accepted that you should be able to create an alternative OS easily. It's the same i'm doing. You cant tell how many computers every month get bricked due to failed updates.

I am sorry I had to stop myself from laughing myself out of my chair. Look I want Linux to be a viable alternative just as much as you, but it ISN'T. It isn't even close!


P.S. Let me go boot up my SteamOS system. That should be well supported after 5 years right? Oh wait...
 
Joined
Jul 16, 2014
Messages
8,198 (2.16/day)
Location
SE Michigan
System Name Dumbass
Processor AMD Ryzen 7800X3D
Motherboard ASUS TUF gaming B650
Cooling Artic Liquid Freezer 2 - 420mm
Memory G.Skill Sniper 32gb DDR5 6000
Video Card(s) GreenTeam 4070 ti super 16gb
Storage Samsung EVO 500gb & 1Tb, 2tb HDD, 500gb WD Black
Display(s) 1x Nixeus NX_EDG27, 2x Dell S2440L (16:9)
Case Phanteks Enthoo Primo w/8 140mm SP Fans
Audio Device(s) onboard (realtek?) - SPKRS:Logitech Z623 200w 2.1
Power Supply Corsair HX1000i
Mouse Steeseries Esports Wireless
Keyboard Corsair K100
Software windows 10 H
Benchmark Scores https://i.imgur.com/aoz3vWY.jpg?2
if m$ is pointing fingers at anyone, intel paid them to point at AMD. #conspiracytheories
 
Joined
Apr 10, 2013
Messages
302 (0.07/day)
Location
Michigan, USA
Processor AMD 1700X
Motherboard Crosshair VI Hero
Memory F4-3200C14D-16GFX
Video Card(s) GTX 1070
Storage 960 Pro
Display(s) PG279Q
Case HAF X
Power Supply Silencer MK III 850
Mouse Logitech G700s
Keyboard Logitech G105
Software Windows 10
Please, don't create confusion over this.
I am not sure what is confusing? This article is about a MS patch and its effect on AMD processors. That same update applied to Intel processors without issue. The variable is AMD which is why the AMD pic was used. This isn't confusing stuff.
 
Joined
Apr 19, 2011
Messages
2,198 (0.44/day)
Location
So. Cal.
if m$ is pointing fingers at anyone, intel paid them to point at AMD. #conspiracytheories

This... while btarunr continues to propagate the two (Intel/MS) as "holier-than-thou" and bashes AMD and their resent CPU product, when it appears it's not!
 
Joined
Apr 10, 2013
Messages
302 (0.07/day)
Location
Michigan, USA
Processor AMD 1700X
Motherboard Crosshair VI Hero
Memory F4-3200C14D-16GFX
Video Card(s) GTX 1070
Storage 960 Pro
Display(s) PG279Q
Case HAF X
Power Supply Silencer MK III 850
Mouse Logitech G700s
Keyboard Logitech G105
Software Windows 10
This... while btarunr continues to propagate the two (Intel/MS) as "holier-than-thou" and bashes AMD and their resent CPU product, when it appears it's not!
I have no idea what is so confusing to people here or if this is trolling or marketing stuff. This article has nothing to do with Intel. The problem is an MS update applied on some systems running AMD processors. AMD has even acknowledged it. See the update to the first post/story. I really don't think there is some massive Techpowerup/btarunr/Intel conspiracy here. The update applied to both Intel and AMD systems. Intel systems had no problem reports. AMD systems did. Same patch, different hardware. The variable was AMD hence the pic and title.
 

INSTG8R

Vanguard Beta Tester
Joined
Nov 26, 2004
Messages
8,042 (1.10/day)
Location
Canuck in Norway
System Name Hellbox 5.1(same case new guts)
Processor Ryzen 7 5800X3D
Motherboard MSI X570S MAG Torpedo Max
Cooling TT Kandalf L.C.S.(Water/Air)EK Velocity CPU Block/Noctua EK Quantum DDC Pump/Res
Memory 2x16GB Gskill Trident Neo Z 3600 CL16
Video Card(s) Powercolor Hellhound 7900XTX
Storage 970 Evo Plus 500GB 2xSamsung 850 Evo 500GB RAID 0 1TB WD Blue Corsair MP600 Core 2TB
Display(s) Alienware QD-OLED 34” 3440x1440 144hz 10Bit VESA HDR 400
Case TT Kandalf L.C.S.
Audio Device(s) Soundblaster ZX/Logitech Z906 5.1
Power Supply Seasonic TX~’850 Platinum
Mouse G502 Hero
Keyboard G19s
VR HMD Oculus Quest 3
Software Win 11 Pro x64
Joined
Apr 19, 2011
Messages
2,198 (0.44/day)
Location
So. Cal.
I have no idea what is so confusing to people here or if this is trolling or marketing stuff. This article has nothing to do with Intel. The problem is an MS update applied on some systems running AMD processors. AMD has even acknowledged it. See the update to the first post/story. I really don't think there is some massive Techpowerup/btarunr/Intel conspiracy here. The update applied to both Intel and AMD systems. Intel systems had no problem reports. AMD systems did. Same patch, different hardware. The variable was AMD hence the pic and title.

"issue with some older generation processors"
But, honestly is it effecting Ryzen and why doesn't btarunr change the picture he's implicating Ryzen is part of this... it's not!
 
Last edited:
Joined
Feb 15, 2006
Messages
451 (0.07/day)
Location
NJ
System Name Gaming Rig
Processor AMD Ryzen 5900x
Motherboard ASRock X570 Taichi
Cooling Corsair Hydro Series H110i Icue Push/Pull
Memory G Skill TridentZ F4-3600C16-16GTZNC 64GB
Video Card(s) Nvidia RTX 3090 FE
Storage 1TB ADATA XPG SX8200 M.2 PCIe NVME
Display(s) AOC CU34G2X 34" Curved UltraWide QHD 3440x1440, VA Panel, 1ms 144MHz
Case Corsair Graphite Series 600T Mesh
Power Supply EVGA SuperNOVA 220-G3-1000-X1
Software Windows 11 Pro
Joined
Oct 1, 2010
Messages
2,361 (0.46/day)
Location
Marlow, ENGLAND
System Name Chachamaru-IV | Retro Battlestation
Processor AMD Ryzen 9 5900X | Intel Pentium II 450MHz
Motherboard ASUS ROG STRIX X570-F Gaming | MSI MS-6116 (Intel 440BX chipset)
Cooling Noctua NH-D15 SE-AM4
Memory 32GB Corsair DDR4-3000 (16-20-20-38) | 512MB PC133 SDRAM
Video Card(s) nVIDIA GeForce RTX 4070 FE | 3dfx Voodoo3 3000
Storage 1TB WD_Black SN850 NVME SSD (OS), Toshiba 3TB (Storage), Toshiba 3TB (Steam)
Display(s) Samsung Odyssey G5 27" @ 1440p144 & Dell P2312H @ 1080p60
Case SilverStone Seta A1 | Beige box
Audio Device(s) Creative Sound Blaster AE-7 (Speakers), Creative Zen Hybrid headset | Sound Blaster AWE64
Power Supply EVGA Supernova 750 G2 | 250W ASETEC
Mouse Roccat Kone Air| Microsoft Serial Mouse v2.0A
Keyboard Vortex Race3 | Dell AT102W
Software Microsoft Windows 11 Pro | Microsoft Windows 98SE
I think I'm a victim of this as well, despite having an Intel CPU. My PC wouldn't boot this morning and I had to do startup repair; I saw this news and went to check my recently installed updates, and this particular update was pending install. So I'm thinking that startup repair rolled it back and it's going to fuck up again. I'll have to wait and see.
 
Joined
Dec 15, 2016
Messages
630 (0.22/day)
What the patch does is tell CPU to clean out the valuable information from a place where hacker can access before the hacker gets to the point where he can access it.
When that information is not there, the CPU is not going to be able to read it.
No, it cannot.
What are you going back to, one of the Atoms? :)
For Meltdown, AMD and most of ARMs seem to be unaffected. For Spectre, here is a list:
https://forum.level1techs.com/t/list-of-cpus-most-likely-immune-to-spectre/123128

1- No it doesn´t clean anything. It just stops the CPU from using that space to put information easily accessible for it to perform tasks quicker. If the patch was only about cleaning, it would do nothing because before the hacker could have that information in 1 milisecond. This is why CPUs will be a bit slower in some tasks, because it is not operating as it was suppose to, is not because of cleaning, that would have no performance hit at all.

2- Spectre is not nearly as dangerous as Meltdown. It is harder to fix, wich doesn´t mean is as bad. There are websites with more dangerous threats than spectre itself, and in AMD case, it only gets really affected by 1 of its variants.

3- Meltdown is considered the worst security flaw ever in history, for a reason.

You guys are protecting intel to death. Meltdown is not an issue that you can solve with a patch. you will be installing new patches forever as long as you use intel Cpus, because this war will never end. When the flaws are on the hardware itself any patch can lose its effect in days. You will see.
 
Joined
Feb 3, 2017
Messages
3,755 (1.32/day)
Processor Ryzen 7800X3D
Motherboard ROG STRIX B650E-F GAMING WIFI
Memory 2x16GB G.Skill Flare X5 DDR5-6000 CL36 (F5-6000J3636F16GX2-FX5)
Video Card(s) INNO3D GeForce RTX™ 4070 Ti SUPER TWIN X2
Storage 2TB Samsung 980 PRO, 4TB WD Black SN850X
Display(s) 42" LG C2 OLED, 27" ASUS PG279Q
Case Thermaltake Core P5
Power Supply Fractal Design Ion+ Platinum 760W
Mouse Corsair Dark Core RGB Pro SE
Keyboard Corsair K100 RGB
VR HMD HTC Vive Cosmos
Patches do not stop CPU from using caches. It will make sure these are cleaned out as much as possible in certain situations where getting stuff from cache maliciously is possible. Performance hit comes from both the process of clearing and because cached information has to be reloaded from RAM which is very slow.

Well, if you want to be technically correct, KAISER makes sure (better than before) that user memory space is separate from kernel memory space but on microarchitecture level clearing caches should be the end result.

Would you like to explain why it is not an issue that can be solved with a patch?
 
Last edited:
Joined
Jan 6, 2017
Messages
94 (0.03/day)
I somewhat hate to say this, but M$ had been pushing broken Windows 10 updates before the creator's update - at least for me. Most every update broke something I used, and in searching for solutions, I found that there were others experiencing the same problems. So, it in the least does not surprise me that they pushed yet another broken update. For me, the resolution to this was to turn off updates on my 10 pro pcs, and disable the windows update service on my 10 home pc. That way, I am in control of my updates, and the only way that I update is to do an image backup right before updating so if M$ has borked something, I have a way back to a working system.

That said, M$ really needs to learn regression testing and quality control, IMO.
 
Joined
Feb 3, 2017
Messages
3,755 (1.32/day)
Processor Ryzen 7800X3D
Motherboard ROG STRIX B650E-F GAMING WIFI
Memory 2x16GB G.Skill Flare X5 DDR5-6000 CL36 (F5-6000J3636F16GX2-FX5)
Video Card(s) INNO3D GeForce RTX™ 4070 Ti SUPER TWIN X2
Storage 2TB Samsung 980 PRO, 4TB WD Black SN850X
Display(s) 42" LG C2 OLED, 27" ASUS PG279Q
Case Thermaltake Core P5
Power Supply Fractal Design Ion+ Platinum 760W
Mouse Corsair Dark Core RGB Pro SE
Keyboard Corsair K100 RGB
VR HMD HTC Vive Cosmos
Meltdown is not an issue that you can solve with a patch.

Meltdown paper seems to disagree with you:
Meltdown paper said:
The KAISER patch by Gruss et al. [8] implements a stronger isolation between kernel and user space. KAISER does not map any kernel memory in the user space, except for some parts required by the x86 architecture (e.g., interrupt handlers). Thus, there is no valid mapping to either kernel memory or physical memory (via the direct-physical map) in the user space, and such addresses can therefore not be resolved. Consequently, Meltdown cannot leak any kernel or physical memory except for the few memory locations which have to be mapped in user space.
We verified that KAISER indeed prevents Meltdown, and there is no leakage of any kernel or physical memory.
Furthermore, if KASLR is active, and the few remaining memory locations are randomized, finding these memory locations is not trivial due to their small size of several kilobytes.

You are technically correct that it does not fix the issue, it is a mitigation measure. However, it does effectively mitigate the problem to the degree where it is not feasible to use the vulnerability. The paper describes the situation further:
Meltdown paper said:
As hardware is not as easy to patch, there is a need for software workarounds until new hardware can be deployed. Gruss et al. [8] proposed KAISER, a kernel modification to not have the kernel mapped in the user space. This modification was intended to prevent side-channel attacks breaking KASLR [13, 9, 17]. However, it also prevents Meltdown, as it ensures that there is no valid mapping to kernel space or physical memory available in user space. KAISER will be available in the upcoming releases of the Linux kernel under the name kernel page-table isolation (KPTI) [25]. The patch will also be backported to older Linux kernel versions. A similar patch was also introduced in Microsoft Windows 10 Build 17035 [15]. Also, Mac OS X and iOS have similar features [22].

Although KAISER provides basic protection against Meltdown, it still has some limitations. Due to the design of the x86 architecture, several privileged memory locations are required to be mapped in user space [8]. This leaves a residual attack surface for Meltdown, i.e. , these memory locations can still be read from user space. Even though these memory locations do not contain any secrets, such as credentials, they might still contain pointers. Leaking one pointer can be enough to again break KASLR, as the randomization can be calculated from the pointer value.

Still, KAISER is the best short-time solution currently available and should therefore be deployed on all systems immediately. Even with Meltdown, KAISER can avoid having any kernel pointers on memory locations that are mapped in the user space which would leak information about the randomized offsets. This would require trampoline locations for every kernel pointer, i.e., the interrupt handler would not call into kernel code directly, but through a trampoline function. The trampoline function must only be mapped in the kernel. It must be randomized with a different offset than the remaining kernel. Consequently, an attacker can only leak pointers to the trampoline code, but not the randomized offsets of the remaining kernel. Such trampoline code is required for every kernel memory that still has to be mapped in user space and contains kernel addresses. This approach is a trade-off between performance and security which has to be assessed in future work.
 
Joined
Apr 16, 2010
Messages
2,070 (0.39/day)
System Name iJayo
Processor i7 14700k
Motherboard Asus ROG STRIX z790-E wifi
Cooling Pearless Assasi
Memory 32 gigs Corsair Vengence
Video Card(s) Nvidia RTX 2070 Super
Storage 1tb 840 evo, Itb samsung M.2 ssd 1 & 3 tb seagate hdd, 120 gig Hyper X ssd
Display(s) 42" Nec retail display monitor/ 34" Dell curved 165hz monitor
Case O11 mini
Audio Device(s) M-Audio monitors
Power Supply LIan li 750 mini
Mouse corsair Dark Saber
Keyboard Roccat Vulcan 121
Software Window 11 pro
Benchmark Scores meh... feel me on the battle field!
Told you......Intel will not go alone into the cold dark night........

1515567323745.png
 
Joined
Jan 11, 2005
Messages
1,491 (0.21/day)
Location
66 feet from the ground
System Name 2nd AMD puppy
Processor FX-8350 vishera
Motherboard Gigabyte GA-970A-UD3
Cooling Cooler Master Hyper TX2
Memory 16 Gb DDR3:8GB Kingston HyperX Beast + 8Gb G.Skill Sniper(by courtesy of tabascosauz &TPU)
Video Card(s) Sapphire RX 580 Nitro+;1450/2000 Mhz
Storage SSD :840 pro 128 Gb;Iridium pro 240Gb ; HDD 2xWD-1Tb
Display(s) Benq XL2730Z 144 Hz freesync
Case NZXT 820 PHANTOM
Audio Device(s) Audigy SE with Logitech Z-5500
Power Supply Riotoro Enigma G2 850W
Mouse Razer copperhead / Gamdias zeus (by courtesy of sneekypeet & TPU)
Keyboard MS Sidewinder x4
Software win10 64bit ltsc
Benchmark Scores irrelevant for me
Meltdown paper seems to disagree with you:


You are technically correct that it does not fix the issue, it is a mitigation measure. However, it does effectively mitigate the problem to the degree where it is not feasible to use the vulnerability. The paper describes the situation further:

what @Manu_PT try to explain is that current patch will become useless once the hackers(nsa) will manage to undo is effects and use the vulnerability again ... so we may have an endless release of patches(if hackers successful attack is discovered..) .... patching the previous patch without success as a soft patch can't fix a cpu architecture design which has a flaw (feature)...
 
Top