View Feed
Coffee Room
Discuss anything here - everything that you wish to discuss with fellow engineers.
12892 Members
Join this group to post and comment.
Amol Agarwal
Amol Agarwal • Jan 3, 2018

Serious design flaw detected in Intel Processors; patches may hit performance by upto 30%

Intel has screwed up real big this time. A major chip-level bug which can adversely impact data security has been discovered in Intel CPUs. The real bad news is that the bug is supposedly present on all modern processors manufactured in the last ten years and cannot be addressed with a microcode update from Intel. The bug requires an OS level update which means all systems running Windows, Linux or Mac are going to be affected. There's some good news for AMD users though, as the bug is not present on processors designed by AMD.

Although the minute details of the flaw have not been released, what is known to us at this point is that the bug allows certain everyday user programs like web browsers(through malicious javascript code) and database applications to access restricted areas of the Kernel memory, let alone malicious programs. This could be a potential threat to data security as sensitive information of active users such as usernames and passwords, which are present in the hidden kernel memory can be hijacked.

The bug has forced major operating system developers to get into action and release security updates as early as possible. Linux has already released updates for closing the security hole in the chips. Microsoft is said to be working on the patch which it will release next Tuesday.

The bug present on the CPU's allows for unauthorized access to the Kernel memory as stated above. The fix for this is to implement a Kernel Page Table Isolation(PTI) which will move the entire Kernel to different address space, making it invisible to running processes. Experts believe that PTI is not required in normal scenarios but Intel's hardware flaw allows circumvention of the protection mechanisms for kernel access thereby making it necessary. The fix will have a major impact on the performance of the system as the processor will need to jump to two different addresses for each system call, making it a very time-consuming process.

It is believed that system performance will be severely affected, with some reports suggesting a drop of up to 30 percent, which is not something desirable. Latest Intel processors with PCID (Process-Context Identifiers) enabled, may, however, be somewhat less affected. If a better workaround is not found by Intel, the bug may cause huge financial losses to big organizations and data centers. Linux enthusiasts have even started reporting performance drops of 17-18% in benchmark results after applying patches. The picture below clearly shows the performance loss in Linux systems.

intel_bug_performancehit Benchmark results before and after applying patches (Credits: Phoronix)​

AMD has however ruled out the presence of any such bug in their processors. AMD informed that its microarchitecture does not allow memory or speculative references which access higher privileged data while running in a lesser privileged mode. If such an access is requested, a page fault occurs. To wrap it up, Intel has certainly made a very large mistake which is sure to hit the brand's image as a reliable chip maker.

Source: The register | Hothardware

Share this content on your social channels -