| 1 |
On Tue, Jan 9, 2018 at 4:26 AM, Wols Lists <antlists@××××××××××××.uk> wrote: |
| 2 |
> On 08/01/18 13:52, Rich Freeman wrote: |
| 3 |
>> There is also a lot of discussion on lkml about the right fix. We |
| 4 |
>> might very well end up seeing both AMD- and Intel-specific fixes with |
| 5 |
>> conditional logic. The two vendors don't really seem to be |
| 6 |
>> coordinating on this. Intel is pushing patches that apparently don't |
| 7 |
>> work on AMD, or aren't necessary on AMD. AMD for its part hasn't been |
| 8 |
>> pushing much in public at all, but has made a few list posts, and they |
| 9 |
>> have that mystery microcode update. |
| 10 |
> |
| 11 |
> Probably not much point co-operating. The *internals* of AMD chips and |
| 12 |
> Intel chips are very different. I suspect both of them have a RISC core |
| 13 |
> with an x86 instruction set interpretation layer, but that's where the |
| 14 |
> similarities end ... |
| 15 |
> |
| 16 |
|
| 17 |
The fact that their internals are very different is EXACTLY why they |
| 18 |
need to cooperate. |
| 19 |
|
| 20 |
Spectre cannot be remediated in existing CPUs with a microcode update |
| 21 |
only. It might not even be possible to completely fix it in future |
| 22 |
CPUs with only a hardware change. Spectre remediation (at least at |
| 23 |
present) requires software changes as well. |
| 24 |
|
| 25 |
Software is written to the ISA, and both Intel and AMD share a common |
| 26 |
ISA for the most part. It is impossible for a programmer to know how |
| 27 |
the internals of the CPU actually work, so they write their code to |
| 28 |
the ISA specifications. If the ISA says to insert an LFENCE |
| 29 |
instruction immediately after every bounds check then programmers (or |
| 30 |
at least compiler designers) will do just that. If it says to insert |
| 31 |
a CPUID instruction after every bounds check then that is what |
| 32 |
programmers/compilers will do. |
| 33 |
|
| 34 |
However, if one of the major vendors tells everybody to do one thing, |
| 35 |
and the other tells everybody to do another, and each writes their |
| 36 |
microcode fixes to work only their way, then programmers are stuck |
| 37 |
trying to reconcile them. The two vendor CPUs are no longer truly |
| 38 |
instruction-set compatible for typical software. Adding a lot of |
| 39 |
conditional branching anytime there is a bounds check to try to detect |
| 40 |
the CPU and deal with it isn't a great workaround either, because |
| 41 |
branching is what causes the problem in the first place - it would be |
| 42 |
better to determine the correct fix at compile-time and not runtime. |
| 43 |
|
| 44 |
Intel and AMD don't need to agree on how to fix the internals of their |
| 45 |
CPUs. What they do need to agree on is the changes that need to be |
| 46 |
made in the ISA. |
| 47 |
|
| 48 |
Since AMD has been relatively quiet I suspect they intend to just let |
| 49 |
Intel define the fix, and then quietly patch their CPUs to accept the |
| 50 |
same fix, or at least to not have any issues when the Intel fix is |
| 51 |
used. However, the fact that they quietly issued a microcode update |
| 52 |
doesn't go along with that, especially since they haven't provided any |
| 53 |
clarification on what it does, or whether anything needs to be done |
| 54 |
with software to take advantage of it. Intel, while not being all |
| 55 |
that cooperative, has at least issued unambiguous statements on what |
| 56 |
needs to be done to remediate everything. |
| 57 |
|
| 58 |
-- |
| 59 |
Rich |
Archives