Announcement

**Alexmitter** · 29 April 2021, 10:43 AM

I wonder why they did not think about slightly delaying the readout.
To exploit the hardware issue after all, precise timing is needed and a short delay of the readout would make that impossible.

But I have to agree, AMD should rather fix their hardware.

**cb88** · 29 April 2021, 10:51 AM

Originally posted by Alexmitter View Post

I wonder why they did not think about slightly delaying the readout.
To exploit the hardware issue after all, precise timing is needed and a short delay of the readout would make that impossible.

But I have to agree, AMD should rather fix their hardware.

They did ... and a few other things, but that also makes it less useful. This isn't hardware bug. Its a general problem that all CPUS will have as long as they happen to consume power when doing work, and also are capable of reporting that somewhat accurately. The problem is that power consumption stats... can be used to increase the strength of other attacks.

**zxy_thf** · 29 April 2021, 10:54 AM

Originally posted by bug77 View Post

iotop is not in the kernel

AMD has fixed their hardware "problems", I hope this frees them from upping their software game.

iotop uses kernel interfaces, so you're right the ultimate solution is to chop off all APIs related to iotop from the kernel.

**zxy_thf** · 29 April 2021, 10:57 AM

Originally posted by cb88 View Post

They did ... and a few other things, but that also makes it less useful. This isn't hardware bug. Its a general problem that all CPUS will have as long as they happen to consume power when doing work, and also are capable of reporting that somewhat accurately. The problem is that power consumption stats... can be used to increase the strength of other attacks.

The funny situation is, being precise is now considered as bugs by paranoids.
Someday they're gonna welcome processors that randomly yield 3 when computing 1+1 in the name of security.

**loganj** · 29 April 2021, 11:00 AM

i'm not sure if i understand correctly
they remove it because you needed root access to use it?
if so whats wrong with that? there are tons of feature that needs root access on any OS. and not using it because you don't have root access will not make your linux work worse than not having it at all in the linux

**patrakov** · 29 April 2021, 11:13 AM

DKMS to the rescue.

**milkylainen** · 29 April 2021, 11:16 AM

The end result is just stupid. Overly reactive devs.
Sure, don't build it as default if you think it's that bad as a distro developer.
But if _I_ need it and have no security issues on a closed system. I'd like to have an option to use it.
This is just backwards.
In that case we can disable all hardware support. Because most of them are going to be security-defunct in one way or another?

**DanL** · 29 April 2021, 11:23 AM

Originally posted by patrakov View Post

DKMS to the rescue.

it87 all over again?

**willmore** · 29 April 2021, 11:52 AM

It seems the better solution is to remove Guenter Roeck.

**skeevy420** · 29 April 2021, 12:28 PM

Originally posted by cb88 View Post

They did ... and a few other things, but that also makes it less useful. This isn't hardware bug. Its a general problem that all CPUS will have as long as they happen to consume power when doing work, and also are capable of reporting that somewhat accurately. The problem is that power consumption stats... can be used to increase the strength of other attacks.

Technically speaking, with the right math all stats can be used to increase the strength of other attacks.

I'd rather this be root only or hidden behind a kernel command line; not the nuclear option.

How long until Phoronix is made illegal in the name of security? All these benchmarks provide a lot of statistics for the legion of evil indoor hoodie wearing hackers.

Announcement

AMD Energy Driver Booted From The Linux 5.13 Kernel

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment