Linked by Thom Holwerda on Wed 3rd Jan 2018 00:42 UTC

A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features - such as PCID - to reduce the performance hit.

That's one hell of a bug.

Permalink for comment 652453
To read all comments associated with this story, please click here.
RE[3]: Overhyped
by Alfman on Wed 3rd Jan 2018 14:53 UTC in reply to "RE[2]: Overhyped"
Member since:


No. Let me put is like this: Microkernels are already talking a similar hit as their context switches are from user to user, now Macrokernels get a similar hit by having to dump the virtual tables before going to user mode, just like each user's table are dropped when moving to another user.

Indeed, this workaround will make a macrokernel perform like a "naive" microkernel, which could be potentially worse than a microkernel that's undergone design efforts to mitigate the userspace transition overhead (like vectored IO and memory mapped IPC, etc).

Intel will hopefully fix the flaw (whatever it is) for future CPUs, but realistically new CPUs could end up being cost prohibitive for many consumers who typically are multiple generations behind intel's latest architectures, even after purchasing new computers since most of us cannot afford to pay several hundred dollars for intel's latest CPU offerings. So unless intel gives some kind of credit to replace faulty CPUs previously sold & inventory, many consumers are going to be negatively impacted for the medium to long term.

It's too early to know what's going on, but assuming one's workloads aren't terribly effected by this workaround, it could potentially be good news for people wanting to buy the faulty systems at a discounted price. For example this could instantly render tons of enterprise equipment completely worthless to their original owners. It may no longer be good enough for them, but it might be good for a home lab.

Edited 2018-01-03 15:09 UTC

Reply Parent Score: 3