{"id":25301,"date":"2019-05-17T16:39:05","date_gmt":"2019-05-17T20:39:05","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=25301"},"modified":"2019-06-09T08:49:21","modified_gmt":"2019-06-09T12:49:21","slug":"microarchitectural-data-sampling-mds-mitigation","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2019\/05\/17\/microarchitectural-data-sampling-mds-mitigation\/","title":{"rendered":"Microarchitectural Data Sampling (MDS) Mitigation"},"content":{"rendered":"

Ross Mcilroy et al.<\/a> (via Hacker<\/a> News<\/a>):<\/p>\n

\n

This paper explores speculative side-channel attacks and their implications for programming languages. These attacks leak information through micro-architectural side-channels which we show are not mere bugs, but in fact lie at the foundation of optimization. […] As a result of our work, we now believe that speculative vulnerabilities on today’s hardware defeat all language-enforced confidentiality with no known comprehensive software mitigations, as we have discovered that untrusted code can construct a universal read gadget to read all memory in the same address space through side-channels. In the face of this reality, we have shifted the security model of the Chrome web browser and V8 to process isolation.<\/p>\n<\/blockquote>\n\n

Liam Tung<\/a> (via Reddit<\/a>):<\/p>\n

\n

Major slowdowns caused by the new Linux 4.20 kernel have been traced to a mitigation for Spectre variant 2 that Linux founder Linus Torvalds now wants restricted.<\/p>\n<\/blockquote>\n\n

Pierre Lebeaupin<\/a>:<\/p>\n

It’s hard to believe it has now been more than one year since the disclosure of Meltdown and Spectre. There was so much frenzy in the first days and weeks that it has perhaps obscured the fact any solutions we currently have are temporary, barely secure, spackle-everywhere stopgap mitigations, and now that the dust has settled on that, I thought I’d look at what researchers and other contributors have come up with in the last year to provide secure processors – without of course requiring all of us to rewrite all our software from scratch.<\/p><\/blockquote>\n\n

Apple<\/a> (via Benjamin Mayo<\/a>):<\/p>\n

\n

Intel has disclosed vulnerabilities called Microarchitectural Data Sampling (MDS)<\/a> that apply to desktop and notebook computers with Intel CPUs, including all modern Mac computers.<\/p>\n

Although there are no known exploits affecting customers at the time of this writing, customers who believe their computer is at heightened risk of attack can use the Terminal app to enable an additional CPU instruction and disable hyper-threading processing technology, which provides full protection from these security issues.<\/p>\n

[…]<\/p>\n

Testing conducted by Apple in May 2019 showed as much as a 40 percent reduction in performance with tests that include multithreaded workloads and public benchmarks.<\/p>\n<\/blockquote>\n\n

John Gruber<\/a>:<\/p>\n

\n

It’s good that there are no known exploits using these techniques, but even if there were, the overwhelming majority of Mac users — almost everyone — would not need to enable this mitigation. These MDS vulnerabilities enable malware on your computer to do bad things. But these vulnerabilities are not ways for malware to get onto your computer.<\/p>\n<\/blockquote>\n\n

However, it sounds like the fix is finally a way to work around the hyper-threading bug that can lead to data corruption on my iMac, amongst other Macs.<\/p>\n\n

Previously:<\/p>\n