Dear Operator, to maintain a fair gaming environment and improve your experience, G.T.I. Security is committed to fighting every kind of cheat. We previously announced our efforts against DMA cheats. Now, we're introducing our measures against VT cheats.

How VT Cheats Differ from Traditional Cheats
Unlike DMA cheats, VT cheats operate at the hypervisor level and leverage virtualization technology, giving them higher privileges than the security systems. As a result, VT cheats can virtualize the operating system before the game even starts, thus leaving no traces in the computer's actual operating environment. With its built-in KernelBase anti-cheat toolkit, Delta Force is able to detect and neutralize VT cheats quickly and accurately.

A significant fix has been submitted to the Linux kernel 6.13-rc1 that addresses prolonged boot times affecting older AMD processors, specifically targeting "Zen 1" and "Zen 2" architectures. The issue, which has been present for approximately 18 months, could cause boot delays ranging from several seconds to multiple minutes in extreme cases. The problem was discovered by a Nokia engineer who reported inconsistent boot delays across multiple AMD EPYC servers. The most severe instances showed the initial unpacking process taking several minutes longer than expected, though not all boots were affected. Investigation revealed that the root cause stemmed from a kernel modification implemented in June 2023, specifically related to CPU microcode update handling.

The technical issue was identified as a missing step in the boot process: Zen 1 and Zen 2 processors require the patch buffer mapping to be flushed from the Translation Lookaside Buffer (TLB) after applying CPU microcode updates during startup. The fix, submitted as part of the "x86/urgent" material ahead of the Linux 6.13-rc1 release, implements the necessary TLB flush for affected AMD Ryzen and EPYC systems. This addition eliminates what developers described as "unnecessary and unnatural delays" in the boot process. While the solution will be included in the upcoming Linux 6.13 kernel release, plans are in place to back-port the fix to stable kernel versions to help cover most Linux users on older Zen architectures.

At AAEON Technology, we recognize growing demand for secure and reliable industrial systems. In collaboration with Canonical, AAEON Technology validates Ubuntu Pro across our Intel-based industrial systems. Each unit comes with a preinstalled Ubuntu image, an Ubuntu Pro license sticker, and 10 years of Canonical-backed updates for ongoing security and maintenance. "This collaboration means our customers benefit from cutting-edge hardware paired with the secure, long-term support offered with Ubuntu Pro enabled. With ongoing updates, they're always protected, allowing them to focus on their core goals," said Victor Lai, Managing Director at AAEON.

Ubuntu Pro provides enterprise-level security, compliance, and long-term stability for industrial and edge applications. It meets strict regulatory standards while delivering high performance in demanding environments.

QNAP Systems, Inc. today officially announced the release of the QTS 5.2 NAS operating system. A standout feature of this release is the debut of Security Center, which actively monitors file activities and thwarts ransomware threats. Additionally, system security receives a boost with the inclusion of support for TCG-Ruby self-encrypting drives (SED). Extensive optimizations have been implemented to streamline operations, configuration, and management processes, significantly elevating the overall user experience.

"We greatly appreciate the invaluable feedback provided by our dedicated QTS 5.2 beta testers, which has been instrumental in putting the finishing touches on this official release," said Tim Lin, Product Manager of QNAP, adding "QNAP remains committed to ensuring our data storage and management solutions stay current, offering dependable NAS storage solutions that meet the heightened expectations of today's users."

Intel's 5th generation Xeon Scalable processors codenamed Emerald Rapids, have been shipping since late 2023 and are installed at numerous servers today. However, Emerald Rapids appears to possess more performance and efficiency tricks than it initially revealed at launch. According to the report from Phoronix, reporting on a Linux kernel patch sent to the Linux Kernel Mailing List (LKML), there is a chance for up to 38% performance increase while using up to 18% less power on all Intel 5th generation Xeon machines. Thanks to Canonical (maker of Ubuntu Linux) engineer Pedro Henrique Kopper, who explained the patch on the LKML, we found out that changing a single line of code yielded this massive increase.

Ubuntu Linux, as well as many other distributions, ship with Energy Performance Preference (EPP) for Emerald Rapids with a "balance_performance" value of 128. However, changing the value to 32 now yields a massive performance improvement alongside using less power. The EPP "balance_performance" is the default out-of-the-box setting for many Linux distributions. Users manually setting the "performance" mode in the EPP are not expecting any increase from this patch, as the "balance_performance" mode had issues balancing power and efficiency. Introducing this new setting yields more performance for machines that run at default settings, and this is especially important for data centers where the need for lower power and increased performance is constantly surging. Especially at hyperscalers like Amazon, Google, and Meta, which may run tens of thousands of these CPUs at default settings to keep them stable and well-cooled, who can now enjoy a massive performance increase with less power consumed.Below, you can see the patch quote as well as more performance/power measurements.

Just a few months after hiring Ben Skeggs, a lead maintainer of the open-source NVIDIA GPU driver for Linux kernel, NVIDIA has announced a complete transition to open-source GPU kernel modules in its upcoming R560 driver release for Linux. This decision comes two years after the company's initial foray into open-source territory with the R515 driver in May 2022. The tech giant began focusing on data center compute GPUs, while GeForce and Workstation GPU support remained in the alpha stages. Now, after extensive development and optimization, NVIDIA reports that its open-source modules have achieved performance parity with, and in some cases surpassed, their closed-source counterparts. This transition brings a host of new capabilities, including heterogeneous memory management support, confidential computing features, and compatibility with NVIDIA's Grace platform's coherent memory architectures.

The move to open-source is expected to foster greater collaboration within the Linux ecosystem and potentially lead to faster bug fixes and feature improvements. However, not all GPUs will be compatible with the new open-source modules. While cutting-edge platforms like NVIDIA Grace Hopper and Blackwell will require open-source drivers, older GPUs from the Maxwell, Pascal, or Volta architectures must stick with proprietary drivers. NVIDIA has developed a detection helper script to guide driver selection for users who are unsure about compatibility. The shift also brings changes to NVIDIA's installation processes. The default driver version for most installation methods will now be the open-source variant. This affects package managers with the CUDA meta package, run file installations and even Windows Subsystem for Linux.

Phoronix has spotted intriguing new Linux kernel patches for Intel Core Ultra "Meteor Lake" processors—the Monday morning notes reveal in-house software engineers are implementing default power profile adjustments. Meteor Lake CPUs have been operating on a default "balanced_performance" mode since their December 2023 launch—Linux adjustments will affect the processor's Energy Performance Preference (EPP) under Linux (similar to Windows Power Plans). Michael Larabel (Phoronix head honcho) laid out some history: "We've seen EPP overrides/tuning in the past within the Intel P-State driver for prior generations of Intel processors and this is much the same here. The ACPI EPP value is typically a range from 0 to 255 for indicating the processor/system power to performance preference."

He continued onto present day circumstances: "To date though the Intel P-State EPP override/tuning has been focused on the default "balanced_performance" mode while the first patch (from Monday) allows for model-specific EPP overrides for all pre-defined EPP strings. The second patch then goes ahead and updates the EPP values for Meteor Lake so that the balanced_performance default is now treated as 115 rather than 128 and the "performance" EPP is set to 16 rather than 0." Larabel is hopeful that a public release will coincide with the "upcoming Linux v6.9 cycle." Intel software engineers reckon that their tweaks/overrides have produced higher performance results—for "small form factor devices"—while reducing CPU temperatures and thermal throttling. Meteor Lake is considered to be quite energy inefficient when compared to the closest mobile processor architectures from AMD and Apple. Team Blue's next-gen Arrow Lake family is expected to launch later this year, but the current crop of CPUs require a bit of TLC and optimization in the meantime.

Hi everyone, my name is Peter Lindgren and I'm the Technical Director of Helldivers 2. I've been making games at Arrowhead since the Magicka days and I've been involved in every game we've released to date. I will do my best in this post to address the concerns and confusion that's come up recently regarding the choice of Anti-Cheat software in Helldivers 2. So, let's start off with the more urgent questions:

Is GameGuard a kernel-level / administrator-priviledge anti-cheat?
Yes, GameGuard is a "kernel-level", aka rootkit, anti-cheat. Most anti-cheat run at "kernel-level", especially all of the popular ones. It's unfortunately one of the more effective ways to combat cheating. There are some anti-cheat systems that can run in "user-mode," but they are much less effective and tend to be cracked very quickly, resulting in widespread cheating.

AMD released its latest PMC (power management controller) driver patches for the Linux kernel, which reference a yet unreleased "Family 1Ah" processors. Phoronix believes this is the first reference to AMD's next generation "Zen 5" microarchitecture in the PMC driver. We've already seen AMD EPYC "Turin" server processors based on "Zen 5" in the flesh, and it's likely that AMD is handing these out to some of its biggest data-center customers for testing and evaluation, before giving them some final touches and green-lighting mass-production in 2024. The patches themselves are barely two new lines of code, and talk about a new sleep state called "s2idle." This is a software-defined system sleep state. The EPYC "Turin" processor comes in two packages, one with up to 128 "Zen 5" cores, and another with up to 192 "Zen 5c" cores for cloud applications.

Today marks the end of support for Itanium's IA-64 architecture in the Linux kernel's 6.7 update—a significant milestone in the winding-down saga of Intel Itanium. Itanium, initially Intel's ambitious venture into 64-bit computing, faced challenges and struggled throughout its existence. It was jointly developed by Intel and HP but encountered delays and lacked compatibility with x86 software, a significant obstacle to its adoption. When AMD introduced x86-64 (AMD64) for its Opteron CPUs, which could run x86 software natively, Intel was compelled to update Xeon, based on x86-64 technology, leaving Itanium to fade into the background.

Despite ongoing efforts to sustain Itanium, it no longer received annual CPU product updates, and the last update came in 2017. The removal of IA-64 support in the Linux kernel will have a substantial impact since Linux is an essential operating system for Itanium CPUs. Without ongoing updates, the usability of Itanium servers will inevitably decline, pushing the (few) remaining Itanium users to migrate to alternative solutions, which are most likely looking to modernize their product stack.

According to the Linux Kernel Mailing List, AMD started to enable next-generation processors by submitting patches to the Linux kernel. Codenamed Family 1Ah or Family 26 in decimal notation, the set of patches corresponds to the upcoming AMD Zen 5 core, which is the backbone of the upcoming Ryzen 8000 series processors. The patches have a few interesting notes, namely few of them being: added support for the amd64_edac (Error Detection and Correction) module and temperature monitoring; added PCI IDs for these models covering 00h-1Fh and 20h; added required support in k10temp driver.

The AMD EDAC driver also points out that the Zen 5 server CPUs will max out with 12-channel memory. Codenames 0-31 correspond to next-generation EPYC, while 40 to 79 are desktop and laptop SKUS. Interestingly, these patches are just the start, as adding PCI IDs and temperature drivers are basic enablement. With the 2024 launch date nearing, we expect to see more Linux kernel enablement efforts, especially with more complicated parts of the kernel.

The Linux 6.3 Kernel has been patched and a couple of developer notes indicate that support for Intel's upcoming Meteor Lake-S Desktop CPU lineup has been added. The subject matter of this memo is "Add support for Meteor Lake-S SPI serial flash," and the driver list of supported devices has been updated with Meteor Lake-S PCI IDs. Intel is ramping up for the launch of its 14th generation processors, scheduled for a possible second half of 2023 release window, and is ready to roll out some new product naming spiel at the same time.

A "P" type 14th generation range is also discussed in the patch notes: "Intel Meteor Lake-S has the same SPI serial flash controller as Meteor Lake-P. Add Meteor Lake-S PCI ID to the driver list of supported devices." Meteor Lake-P likely refers to mobile variants, with a lot of previously leaked information providing an in-depth look at Intel's "Tile" chip design. Rumors of the desktop variants getting canned have persisted (in 2022 and early 2023) due to a lack of insider info, but last month it emerged that the Meteor Lake-S family was alive and well to some degree - Intel has restricted the product range with offerings of budget "i3" and mid-range "i5" SKUs only. Who knows what sort of branding/naming scheme they have in mind to distinguish between desktop and portable processors.

In the latest Linux Kernel patches, Intel engineers are submitting initial support for Meteor Lake processor generation, with some interesting potential features. In a patch submitted yesterday, the Intel engineer noted, "On MTL, GT can no longer allocate on LLC - only the CPU can. This, along with the addition of support for ADM/L4 cache, calls a MOCS/PAT table update." What this translates to is that starting from Meteor Lake, the integrated graphics can no longer allocate on the last-level cache (LLC), the highest numbered cache accessed by the cores before fetching from memory. Instead, only the CPU cores can allocate to it. Even more interesting is the mention of the Meteor Lake platform's level 4 (L4) cache. For the first time since Haswell and Broadwell, Intel may be planning to bring back the L4 cache and integrate it into the CPU.

Usually, modern processors use L1, L2, and L3 caches where the L1 version is the fastest and smallest, while the others are larger but slower. The inclusion of L4 caches often is unnecessary, as this type of cache can consume a big area on the processor die while bringing little benefit, translating to the cost of manufacturing drastically soaring. However, with Meteor Lake and its multi-die tile design, we wonder where the L4 cache will end up. We could see integration into the base tile, which holds the compute cores and essential compute elements. This makes the most sense since the logic needs access to fast memory, and L4 could improve the performance in specific applications.

Intel commemorated Linux creator Linus Torvalds with the first Intel InnovatiON Lifetime Achievement Award. Torvalds needs little introduction, as he created the first successful Unix-like operating system that sparked off a community-led development effort toward the Linux of today, an OS that runs everything from servers and supercomputers, down to smartwatches. With Torvalds on stage, Intel CEO Pat Gelsinger presented him with a signed copy of an Intel 80386 manual he authored—a book that played a role in Torvalds's understanding of the machine architecture and the development of code that would go on to become the Linux kernel. When asked by Gelsinger on how he envisions the next 20 years, Torvalds replied that he doesn't consider himself a visionary, and can't see past the next six months. He affirmed that the secret to the success of the Linux Kernel project is the shared responsibility of the community toward its development and maintenance.

Intel and Google are working together to drive high performance computing (HPC) forward on Google Cloud with the release of the Cloud HPC Toolkit. This new resource provides access to tools from the Intel oneAPI Base and HPC Toolkits to optimize performance through Intel Select Solutions for Simulations & Modeling. These new tools improve compile times, speed of results and offer multi-vendor acceleration in SYCL.

"Using Cloud HPC Toolkit with an Intel Select Solutions for Simulations & Modeling blueprint brings the added benefit of automatically spinning up a hardware-software configuration that has been rigorously tested and optimized for real-world performance, eliminating guesswork," said Ilias Katsardis, HPC solution lead, Google.

QNAP Systems, Inc. (QNAP) today officially released the QuTS hero h5.0 operating system, the latest version of the ZFS-based NAS operating system. Including an upgraded Linux Kernel (5.10), improved security, WireGuard VPN support, snapshot instant clone, and free exFAT support, QNAP's QuTS hero NAS provides exceptional solutions for data storage/backup, virtualization, or time-sensitive collaborative media editing.

"Data security is a top priority for QNAP, and we have implemented a major system kernel update for QuTS hero to enhance NAS security and reliability," said Sam Lin, Product Manager of QNAP, adding "In QuTS hero h5.0, we have also optimized the overall performance to meet larger and complex business workloads."

Intel's upcoming Xeon "Sapphire Rapids" processors which debut in the second half of 2021, will feature up to 80 "Golden Cove" CPU cores, and not the previously rumored "Willow Cove." This was clarified by an Intel developer in a Linux Kernel code e-mail chain. "Golden Cove" CPU cores are more advanced than the "Willow Cove" cores found in current-generation Intel products, such as the client "Tiger Lake" processors. Intel stated that "Golden Cove" introduces an IPC gain over "Willow Cove" (expressed as "ST perf"), increased AI inference performance from an updated GNI component, "network and 5G perf," which is possibly some form of network stack acceleration, and additional security features.

Over in the client segment, the 12th Gen Core "Alder Lake" processor debuts a client variant of "Golden Cove." The "Alder Lake-S" silicon features eight "Golden Cove" cores serving as the "big" performance cores, next to eight "little" low-power "Gracemont" cores. The client- and server implementations of "Golden Cove" could differ mainly in the ISA, with the client chip receiving a slightly skimmed AVX-512 and DLBoost instruction-sets, with only client-relevant instructions. The server variant, in addition being optimized for a high core-count multi-core topology; could feature a more substantial AVX-512 and DLBoost implementation relevant for HPC use-cases.

Apple's M1 custom processor has been widely adopted among the developer community. However, it is exactly this part of the M1 customer base that wants something different. For months, various developers have been helping with the adoption of the M1 processor for the Linux Kernel, which has today received preliminary support for the processor. The latest 5.13-RC1 release of the Linux Kernel is out, and it adds some basic functionality for the M1 processor. For now, it is some basic stuff like a simple bring up, however, much more has to be added. For example, the GPU support is still not done. Not even half-done. The M1 SoC is now able to boot, however, it takes a lot more work to get the full SoC working correctly.

Mr. Linus Torvalds, the Linux kernel developer, and its creator highlights that "This was - as expected - a fairly big merge window, but things seem to have proceeded fairly smoothly. Famous last words." According to one of the main activists for Linux on M1, Mr. Hector Martin, "This is just basic bring-up, but it lays a solid foundation and is probably the most challenging up-streaming step we'll have to do, at least until the GPU stuff is done." So it is still a long way before the M1 processor takes a full Linux kernel for a spin and the software becomes usable.

Linux and Git creator Linus Torvalds revealed that he upgraded to an AMD Ryzen Threadripper 3970X processor powered machine after 15 years of upgrading among Intel processors. This is likely his main machine from which he does pioneering work on the future of Linux and his other creations. His May 24 dated "State of the Kernel" blog post reveals that his hardware upgrade was the most exciting piece of news to share among the community.

"In fact, the biggest excitement this week for me was just that I, upgraded my main machine, and for the first time in about 15 years, my desktop isn't Intel-based. No, I didn't switch to ARM yet, but I'm now rocking an AMD Threadripper 3970x. My 'allmodconfig' test builds are now three times faster than they used to be, which doesn't matter so much right now during the calming down period, but I will most definitely notice the upgrade during the next merge window," he stated. What makes this story big is the fact that the "Zen 2" microarchitecture, and a processor with a similar multi-core architecture to AMD's EPYC enterprise processors, is now being used by the creator of the most popular enterprise operating system.

Dutch researcher from the Eindhoven University of Technology has found a new vulnerability in Thunderbolt port that allows attackers with physical access to unlock any PC running Windows or Linux kernel-based OS in less than 5 minutes. The researcher of the university called Björn Ruytenberg found a method which he calls Thunderspy, which can bypass the login screen of any PC. This attack requires physical access to the device, which is, of course, dangerous on its own if left with a person of knowledge. The Thunderbolt port is a fast protocol, and part of the reason why it is so fast is that it partially allows direct access to computer memory. And anything that can access memory directly is a potential vulnerability.

The Thunderspy attack relies on just that. There is a feature built into the Thunderbolt firmware called "Security Level", which disallows access to untrusted devices or even turns off Thunderbolt port altogether. This feature would make the port be a simple USB or display output. However, the researcher has found a way to alter the firmware setting of Thunderbolt control chip in a way so it allows any device to access the PC. This procedure is done without any trace and OS can not detect that there was a change. From there, the magic happens. Using an SPI (Serial Peripheral Interface) programmer with a SOP8 clip that connects the pins of the programmer device to the controller, the attacker just runs a script from there. This procedure requires around $400 worth of hardware. Intel already put some protection last year for the Thunderbolt port called Kernel Direct Memory Access Protection, but that feature isn't implemented on PCs manufactured before 2019. And even starting from 2019, not all PC manufacturers implement the feature, so there is a wide group of devices vulnerable to this unfixable attack.

There were many rumors about Intel's 10 nm CPUs, many of them indicating that Intel will not manufacture 10 nm CPUs for desktop users, due to the 10 nm manufacturing process being in a bad shape. Those rumors were later countered by Intel, claiming that 10 nm is doing very well on improving yields and that we will see desktop CPUs based on the new node very soon.

Thanks to the Linux kernel mailing list (LKML), we now know that support for Ice Lake desktop and server CPUs has been added. A Patch titled "Add more CPU model number for Ice Lake" has many details about variants of Ice Lake with names like Ice Lake X for server Xeon CPU, Ice Lake D for Xeon D CPUs, Ice Lake L for mobile, and regular Ice Lake for desktop series of CPUs. This confirms Intel's claims that Ice Lake is on its way to desktop and server users in the near future. Possible launch date on these CPUs would be sometime in 2020, when Xe graphics cards are launched in July/August, so Intel could bundle both processors on the same 10 nm node.

As we are nearing the launch of USB4, which will feature Thunderbolt 3 like speeds of up to 40 Gbps, PCIe and DisplayPort support within USB-C form factor, there are already drivers showing up to support the new standard and ensure the launch and transition to the newest USB version will go smoothly.

According to the finds of Phoronix, Intel's open-source engineers have been working on a patch to support the new standard in the Linux kernel. Being based on Thunderbolt 3, the bring-up of USB4 isn't very difficult as it allows for a lot of code reuse, making things easier for kernel developers. Only 22 patches were submitted that resulted in under 4,000 lines of new code in total. For now, the support is in the stage of a pull request, so it should go mainstream very soon, most likely with the release of Linux kernel 5.5, if other features like power management are worked out soon.

Intel's stock pricing has taken a 6.19% dip at time of writing, in a regress that analysts say has everything to do with the reported VT flaw in Intel's central processing units. The flaw, which Intel has been silently firefighting and which we've covered extensively here on TPU, is a hardware-level vulnerability which has the potential to allow unauthorized memory access between two virtual machines (VMs) running on a physical machine, due to Intel's flawed implementation of its hardware-level virtualization instruction sets. Kernel patches are already being deployed that mitigate the issue; however, these should incur in performance losses for Intel processors, and are being deployed in an apparent "spray and pray" method that also affects performance in AMD-based machines, which are expected to be immune to the Intel flaw.