Downfall, or as Intel prefers to call it is GDS: Gather Data Sampling. GDS/Downfall affects the gather instruction with AVX2 and AVX-512 enabled processors. At least the latest-generation Intel CPUs are not affected but Tigerlake / Ice Lake back to Sandy Bridge is confirmed to be impacted. There is microcode mitigation available but it will be costly for AVX2/AVX-512 workloads with GATHER instructions in hot code-paths and thus widespread software exposure particularly for HPC and other compute-intensive workloads that have relied on AVX2/AVX-512 for better performance.
People just generally don’t understand design or manufacturing at all it might as well be magic to the layman “all you gotta do is…” yeah sure that would make a better product in absolute quality terms, if it’s possible at all, but you have to balance it against 100 other things.
There’s a reason there are rooms full of relatively high paid individuals with fancy degrees or decades of experience.
And speculative execution is the stuff you do on top of your fancy ALU to make sure you waste less time – so it’s not like we haven’t already tried the simple idea, but that we’ve moved on from it
Speculative execution seems to be an unending source of woes, especially for Intel (but not just them.) Not all that surprising considering how hard it is to not leak eg. timing information accidentally, but you’d sort of expect that CPU manufacturers would have learned from the N+1 previous speculative execution vulnerabilities. Then again, they’re in the business of making faster CPUs, so it’s not like they’ll just swear off speculation forever
A lot of those patches aren’t really needed if you “trust” the software that you run. Obviously, some are, but a lot of these are only interesting to exploit in shared environments.
If it ends up in intel-ucode I may not get much of a choice. If it becomes a matter of a BIOS update, then I might just not bother. I don’t know which way these things typically go.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@beehaw.org
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
I think this is missing an article link: https://www.phoronix.com/review/downfall
Rough day for CPU makers…
Update: Of course there is a dedicated page for it: https://downfall.page/
Yep sorry, I made the post while I was in a hurry. Thank you for the link!
Zen blead and now this? Why is SIMD so hard? All you have to do is add a wide ALU to process more data at once.
Oh that’s all? 😄
People just generally don’t understand design or manufacturing at all it might as well be magic to the layman “all you gotta do is…” yeah sure that would make a better product in absolute quality terms, if it’s possible at all, but you have to balance it against 100 other things.
There’s a reason there are rooms full of relatively high paid individuals with fancy degrees or decades of experience.
And speculative execution is the stuff you do on top of your fancy ALU to make sure you waste less time – so it’s not like we haven’t already tried the simple idea, but that we’ve moved on from it
Speculative execution seems to be an unending source of woes, especially for Intel (but not just them.) Not all that surprising considering how hard it is to not leak eg. timing information accidentally, but you’d sort of expect that CPU manufacturers would have learned from the N+1 previous speculative execution vulnerabilities. Then again, they’re in the business of making faster CPUs, so it’s not like they’ll just swear off speculation forever
My poor home server’s ancient Xeon processors are about to be even more painfully slow than before. 😩
Are you sure that your server even uses AVX extensions for performance-critical operations?
Yes. Although in my case it’s less of a critical concern and more of an annoyance.
A lot of those patches aren’t really needed if you “trust” the software that you run. Obviously, some are, but a lot of these are only interesting to exploit in shared environments.
If it ends up in intel-ucode I may not get much of a choice. If it becomes a matter of a BIOS update, then I might just not bother. I don’t know which way these things typically go.