|About | APU2 | Flash | Tools | Shop | Support|
|About Spectre and Meltdown vulnerabilities|
|Meltdown||This vulnerability seems to be specific to Intel processors. See Wikipedia for a good summary.|
|Spectre||This vulnerability can be exploited on many modern processors. See Wikipedia for a good summary.|
|AMD statement ?||AMD has provided this semi-informative
update on these issues.
In my opinion, AMD CPUs are probably safe against the Meltdown vulnerability. The Spectre attack can probably be made to work on just about any modern CPU.
uncache a; // get variable a out of L1 data cache trick_branchcache; // do whatever it takes to get speculative execution to run // the following code if not_true then x=[kernel_memory]; // read memory that does not belong to us - normally this would // cause a fault, but exceptions caused by a speculative branch // will not be triggered, just the results discarded if (x and mask) then y:=a; // if a data bit in x is set, read variable a. // as a side effect, variable a will end up in L1 data cache again. end; start:=readtsr; // get high resolution time stamp z:=a; // read variable a stop:=readtsr; // another time stamp
Based on the timing of the read of variable a, we can deduce whether the kernel memory data bit was set or not. The process is probably not 100% reliable, but with a bit of retries we should be able to get at data we should not see.
This attack is not easy to prevent by CPU design, at least not without incurring a performance penalty.
|Proof of concept code||https://github.com/crozone/SpectrePoC - also demonstrated on the AMD CPU used on our boards.|
|OS update ?||The operating system can be reengineered to separate address spaces more clearly. This will cause a performance hit. Another option would be to make access to the CPU time stamp register a privileged operation.|
|BIOS update ?||Nothing the BIOS can do, the vulnerability must be handled at the OS level.|
|© 2002-2021 PC Engines GmbH. All rights reserved .|