Announcement

Collapse
No announcement yet.

AMD Details "SQUIP" Side Channel Vulnerability For Zen's Execution Unit Scheduler

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #31
    Originally posted by archkde View Post
    Sure, that's actually how I do it myself due to a firmware bug. mitigations=auto,nosmt is simpler in most cases though.
    Can you describe that firmware bug?

    Comment


    • #32
      I don't like the way that AMD are responding to some of these issues.

      Sure there were many BS attempts like where Intel payed off companies like CTS-Labs to beat the drum over useless AMD vulnerabilties that required physical access... but Retbleed was a legitimate issue for zen1 and zen2 and AMD said: "As of the date of this disclosure, AMD is not aware of any active exploits in the wild of AMD products relating to CVE-2017-5715". This time it is a legitimate problem for zen1, zen2 and zen3. It might not affect many use cases but just stating people should write better code to avoid a potential vulnerability is a joke. That's not the right attitude AMD!

      I would like to know why the researchers did not publish non-absolutely-ideal conditions for example a threat model where co-location is not achieved and where full task-isolation mode is not enabled. IMO the report's reference to "Co-location detection on the Cloud" by Mehmet Sinan ̇Inci, Berk Gulmezoglu, Thomas Eisenbarth, Berk Sunar is not valid anymore. Operating systems have changed a lot since 2016 those methods are not applicable in 2022.


      Originally posted by Linuxxx View Post
      I guess the only mitigation to this would be to turn off SMT entirely, which would especially impact popular chips like the Ryzen 3300X & Steam Deck's Van Gogh APU, since it would then leave them with just 4 cores & threads, which is already too low for some newer games.
      Presumably that's why AMD doesn't want to take that route, similar to Intel.
      Not sure if this will concern low core count gamers.

      Big cloud providers have already solved this problem as this is not the first time they are facing it. Also big cloud providers paid for the research, so they knew about it in 2021 already. The only people that would be really effected by this are developers who do not understand how to work around the problem and smaller cloud providers who can't afford to limit users to specific parts of the system.

      This is a different problem than what Intel owners had in the past.

      Turning SMT off is not the only mitigation as the report explains. Please read sections 5.1 6.1 and 6.2.

      Originally posted by archkde View Post
      This is yet another reminder to use mitigations=auto,nosmt if you run any untrusted code.
      I prefer isolcpus/taskset/cset over "nosmt" since I am already running untrusted code within a single CCX/CCD domain.

      Originally posted by Raka555 View Post
      I am not really loyal to any brand, but I can't resist to point out to the AMD fanboys that we told them it will be just a matter of time before AMD vulnerabilities will be discovered.
      It is not just Intel. It happens to all of them.
      On the one side you have a (minority used) brand-X who provides self driving cars. The road safety organization payed for advanced testing and in that test people were able to make the car drive into a wall at a slow speed, resulting in a damaged bumper.

      On the other side you have a majority used brand-Y who also provides self driving cars. The road safety organization did not investigate this brand. These self driving cars drove into other cars in a head on collision causing many casualties all over the world in multiple crashes.

      Conclusion: It's not just brand-Y, all self driving cars have accidents.

      Yes, it was a matter of time and more AMD vulnerabilities will come. I doubt any other brand would have as much and as serious vulnerabilities as Intel's had in the past decade.

      Originally posted by Volta View Post

      Nice try fanboy. It matters how many and how impactful vulnerabilities there were. AMD wins so far.
      Yes, for now. The race is not over, but since Intel made the worst mistakes at the start... I doubt anyone else would waste the opportunity to learn from Intel's long list of mistakes.

      https://en.wikipedia.org/wiki/Transi..._vulnerability

      Comment


      • #33
        Originally posted by Mike Frett View Post
        Everyone is on a team. Amd/Intel, Windows/Linux, Republican/Democrat, Facebook/Twitter. It's part of human nature to join a team. Every now and then you get an oddball that wants to be Rambo.
        1. I use AMD/Intel/ARM daily, Power/RISC/MIPS once in a while.
        2. I use Windows/Linux/macOS/Android daily. iOS/xBSD once in a while.
        3. Why limit yourself to two ideologies?
        4. I don't use social media ... I'm in that team then ;-)

        Can I still be biased? Yes of course.

        Tribalism and group-think are real. It's wonderful that most of us don't live in a cave and kill others as we please.

        The problem we face today is that some people don't have the ability or desire to read. On the other hand some that are good at reading (mostly in management positions) have strong forms of hubris that fuels their cognitive dissonance. There are better ways to test and help people but it's extremely challenging and expensive to solve these problems.​

        Telling people it's ok to be wrong and motivating to lie less helps if you are able to convince.


        Comment


        • #34
          Code:
          if ['fanboy', 'fanboys', 'fanboi', 'fanbois'] in post:
              # Don't waste time reading
              skip to next post
          Last edited by domih; 10 August 2022, 11:22 AM.

          Comment


          • #35
            Originally posted by Volta View Post

            Nice try fanboy. It matters how many and how impactful vulnerabilities there were. AMD wins so far.
            Nice try, but when the first Intel vulnerabilities hit, some people were screaming that AMD would never experience *any* vulnerabilities. That clearly hasn't been true.

            Comment


            • #36
              Originally posted by Jabberwocky View Post

              Can I still be biased? Yes of course.

              Tribalism and group-think are real. It's wonderful that most of us don't live in a cave and kill others as we please.

              Telling people it's ok to be wrong and motivating to lie less helps if you are able to convince.
              You do know that we are the caveman and kill each other over belive systems on a daily basis right ? If a person chooses to think that way that person will do anything to defend that build up system. 90% of the humans will do anything to defend their little world, and the 10% left over are the outcasts that get the white eyes (huh whats with that strange guy). And those 10% are constantly under bombardment of the surroundings oh come to our side.

              Comment


              • #37
                Originally posted by Espionage724 View Post
                Can you describe that firmware bug?
                Yes, it's pretty easy to explain. When I suspend the system while some logical CPU is offline, the firmware will put that CPU in a very shallow idle state once the system resumes again. This leads to massively increased power usage. So I have a script that enables and immediataly disables SMT again on resume, which works around the bug because Linux puts the offline CPU in the deepest idle state properly.

                Comment


                • #38
                  Originally posted by archkde View Post

                  Yes, it's pretty easy to explain. When I suspend the system while some logical CPU is offline, the firmware will put that CPU in a very shallow idle state once the system resumes again. This leads to massively increased power usage. So I have a script that enables and immediataly disables SMT again on resume, which works around the bug because Linux puts the offline CPU in the deepest idle state properly.
                  That does not sound like a firmware bug, if smt is enabled in the uefi it will fireup all the logical cores when resuming from hibernation, but since linux expects only the real cores they dont get properly initalized on resume, because linux assumes the last running state is ok, wich then conflicts with the acpi/uefi settings and some of your cores stay running in realmode instead getting switched to protected or long mode when resuming, resulting in the higher power draw because they wait for instructions that are not comeing, running your script then tells them hey here are instructions we know you are there switch to long mode, and when turning off smt it tells them we dont need you just shut up, that´s one of those acpi misbehaviors or things that happen when you dont do a proper reboot.
                  Last edited by erniv2; 10 August 2022, 12:48 PM.

                  Comment


                  • #39

                    Originally posted by piotrj3 View Post

                    Because from certain point of view it does make sense, you have certain units that are existing in numbers bigger then 1 like FPU, integer operations units etc. They exist primarly to execute at the same time several operations at once if possible, but if this is not possible (or simply currently you use diffrent types of operations) .... well then those units are idle. But if you have 2 logical cores wired up to same units you could theoretically increase utilization so from same sand you can produce higher performance. if you had 4 logical cores, utilization would be even higher.

                    Issue with SMT/HT is exactly abusing of that timing issues, cache, and fact you are generally not improving power efficiency.
                    What's the benefits of having those units in numbers bigger than 1 instead of just splitting them into separate cores? I assume you have different numbers for different types of units so that probably wouldn't really work out though.

                    Thank you!


                    Originally posted by kvuj View Post

                    Fun fact, IBM has been offering SMT8 on their POWER CPUs for a while now.

                    I'm not sure what workload favors it though. It seems like hyper specialized applications like their Db2 database can make use of it. I guess that's the main benefit of having a company making the hardware and software.
                    Oh wow, is 8 the optimal number for most cases? Can you tweak it, whether in BIOS or on the fly, to a smaller number if it works out better?

                    Thanks!

                    Comment


                    • #40
                      Originally posted by erniv2 View Post

                      You do know that we are the caveman and kill each other over belive systems on a daily basis right ?
                      Yes people are still getting killed: In active wars, by their government, by tribes, by religions etc...

                      It is nowhere near what has been documented in the past. Living conditions in the past few decades are much better than it ever was.

                      https://en.wikipedia.org/wiki/List_o...ters_by_death_ toll

                      Originally posted by erniv2 View Post

                      If a person chooses to think that way that person will do anything to defend that build up system. 90% of the humans will do anything to defend their little world, and the 10% left over are the outcasts that get the white eyes (huh whats with that strange guy). And those 10% are constantly under bombardment of the surroundings oh come to our side.
                      I live in a country that's big on tribalism and crime. We more death during peace time than others that are at war. The robbers here raid police stations and even armed military gets robbed. I personally have been held at gun point and attacked on the roads by armed people in the past 5 years alone. I know someone who's whole family was tortured and brutally murdered in their own home. My country now has places 2, 6, 7, 12 and 21 in crime index by city for 2022 Mid-Year: https://www.numbeo.com/crime/ranking...isplayColumn=0 The only place (in the world) that is rated worse is Caracas, Venezuela. I have traveled all over my country and lived in, at the time rural, townships: 1, Khayelitsha (Xhosa for New Home), Cape Flats, Western Cape 2, Seshego - Zone3, Polokwane, Limpopo 3. Kayamandi (Xhosa for nice home), Stellenbosch, Western Cape. With all the experiences that I have had I would have been a "tribal fool" or even a murderer if it wasn't for the education that I received. I am able to place myself in the perspective of those that have done harm to me and so I was able to turn the other cheek. All that said...

                      It's not easy to educate people but that's the best way to help people progress from more savage violent ways. The big proponent of savage tribalism is usually a charismatic leader but that's true for any group e.g. Hitler, Stalin, Mao etc. not only for people that live in rural areas or tribes.

                      Majority of people I have met are no longer the savage cavemen that we were many years ago.

                      Comment

                      Working...
                      X