{"id":21815,"date":"2018-06-14T11:31:19","date_gmt":"2018-06-14T15:31:19","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=21815"},"modified":"2018-06-14T11:31:19","modified_gmt":"2018-06-14T15:31:19","slug":"intel-fpu-may-spill-crypto-secrets-to-apps","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2018\/06\/14\/intel-fpu-may-spill-crypto-secrets-to-apps\/","title":{"rendered":"Intel FPU May Spill Crypto Secrets to Apps"},"content":{"rendered":"<p><a href=\"https:\/\/www.theregister.co.uk\/AMP\/2018\/06\/13\/intel_lazy_fpu_state_security_flaw\/\">Chris Williams<\/a>:<\/p>\n<blockquote cite=\"https:\/\/www.theregister.co.uk\/AMP\/2018\/06\/13\/intel_lazy_fpu_state_security_flaw\/\">\n<p>The security shortcoming involves what&rsquo;s known as lazy FPU state restore. Operating system kernels would only save and restore the floating-point unit (FPU) registers, and other context information, when programs were actually using the math unit.<\/p>\n<p>This, it turned out today, through a security gaffe in Intel&rsquo;s blueprints related to Spectre-Meltdown Variant 3A, allows a program to obtain scraps of the FPU context of another app. Variant 3A allows applications to read system registers that only privileged code should be allowed to peek at.<\/p>\n<p>The fix is to employ a mechanism called eager FPU state restore, which modern Linux, Windows and other kernels use. These mitigations do not carry a performance hit &#x2013; in fact, eager state switching can increase performance.<\/p>\n<\/blockquote>\n<p>It says that only older Windows and Linux versions are vulnerable&mdash;no mention of macOS.<\/p>\n<p>Previously: <a href=\"https:\/\/mjtsai.com\/blog\/2018\/01\/03\/intel-cpu-design-flaw-necessitates-kernel-page-table-isolation\/\">Intel CPU Design Flaw Necessitates Kernel Page Table Isolation<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>Chris Williams: The security shortcoming involves what&rsquo;s known as lazy FPU state restore. Operating system kernels would only save and restore the floating-point unit (FPU) registers, and other context information, when programs were actually using the math unit. This, it turned out today, through a security gaffe in Intel&rsquo;s blueprints related to Spectre-Meltdown Variant 3A, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2018-06-14T15:31:21Z","apple_news_api_id":"c3b79da1-9e8e-4e1b-a27c-55d59c7524b2","apple_news_api_modified_at":"2018-06-14T15:31:23Z","apple_news_api_revision":"AAAAAAAAAAD\/\/\/\/\/\/\/\/\/\/w==","apple_news_api_share_url":"https:\/\/apple.news\/Aw7edoZ6OThuifFXVnHUksg","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[],"tags":[669,261,845,30,260,48],"class_list":["post-21815","post","type-post","status-publish","format-standard","hentry","tag-floating-point","tag-intel","tag-kernel","tag-mac","tag-processors","tag-security"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/21815","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=21815"}],"version-history":[{"count":1,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/21815\/revisions"}],"predecessor-version":[{"id":21816,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/21815\/revisions\/21816"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=21815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=21815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=21815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}