I suspect this is:
a) a mitigation against a speculative route for data exfiltration that a big customer noticed and wanted to prevent before their LLM Secret Sauce leaked out;
b) the same, but before any such route was discovered, just to cover their asses
Announcement
Collapse
No announcement yet.
AMD "Cleaner Shader" Coming For GFX11.0.3 GPUs To Help Ensure User/App Isolation
Collapse
X
-
Originally posted by archkde View PostAs if using AI to detect patterns and then performing selective wiping would be any of more reliable, more efficient and faster than just zeroing everything…
The idea is that a third party software (like a video game) can allocate many framebuffers and run heuristics on captured content, and when a match occurs, it can then exfiltrate the data from the victim's computer running the game to the spy's computer. Here is where AI may help the spy job, to reduce bandwidth of what is extracted by being trained in advance and then matching interesting patterns on the victim's computer by processing the video memory without exfiltrating the whole video memory.
Leave a comment:
-
Originally posted by illwieckz View PostAlso I actually wonder if some AI can be used to help recognizing interesting patterns in said allocated memory.
Leave a comment:
-
Originally posted by Espionage724 View PostAnd what is this really to be needing black-box microcode to implement?
- Likes 1
Leave a comment:
-
Originally posted by varikonniemi View Post
Why would it be expensive to zero the framebuffer when allocated? It's not like you allocate new buffers in a hot path?
I agree that buffers are not expected to be allocated every now and then, so I would expect this to be somewhat minor (I hope it can be).
Leave a comment:
-
Originally posted by varikonniemi View Post
Why would it be expensive to zero the framebuffer when allocated? It's not like you allocate new buffers in a hot path?
Leave a comment:
-
Originally posted by illwieckz View Post
Michael There is something that affects all GPUs from any brand: when you allocate a framebuffer, it contains existing data, so for example it can contain the content of your terminal window displayed on the same desktop. Then you can capture the framebuffer content and you can run an OCR on it to extract text or do other things. It's not that different to do a malloc on CPU memory and then read the content of the allocated memory. The last time I spoke about it with some graphics driver developers I was told that preventing this would kill performance, and this would be true for any hardware. Also I actually wonder if some AI can be used to help recognizing interesting patterns in said allocated memory.
So I guess it's more about “some AMD Linux customer particularly concerned about security on said GPUs”, I would request that if I was an army (in the same way I would request that every memory allocation on CPU memory should zero the memory before returning the pointer).
- Likes 2
Leave a comment:
-
Originally posted by illwieckz View Post
Michael There is something that affects all GPUs from any brand: when you allocate a framebuffer, it contains existing data, so for example it can contain the content of your terminal window displayed on the same desktop. Then you can capture the framebuffer content and you can run an OCR on it to extract text or do other things. It's not that different to do a malloc on CPU memory and then read the content of the allocated memory. The last time I spoke about it with some graphics driver developers I was told that preventing this would kill performance, and this would be true for any hardware. Also I actually wonder if some AI can be used to help recognizing interesting patterns in said allocated memory.
So I guess it's more about “some AMD Linux customer particularly concerned about security on said GPUs”, I would request that if I was an army (in the same way I would request that every memory allocation on CPU memory should zero the memory before returning the pointer).
- Likes 1
Leave a comment:
-
The motivation isn't clear if there is some GFX11.0.3 security vulnerability, some AMD Linux customer particularly concerned about security on said GPUs, or some other motivation for focusing this latest cleaner shader work on GFX11.0.3 hardware.
So I guess it's more about “some AMD Linux customer particularly concerned about security on said GPUs”, I would request that if I was an army (in the same way I would request that every memory allocation on CPU memory should zero the memory before returning the pointer).
- Likes 1
Leave a comment:
Leave a comment: