• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

Intel Processors Hit with LVI, Mitigation Hits Performance

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.
Kenrou

Kenrou

Member
Joined
Aug 14, 2014
https://www.techpowerup.com/264676/...nerabilities-mitigation-hits-performance-hard - https://lviattack.eu/

"A new class of security vulnerabilities affect Intel processors, which can cause them to leak out sensitive information if probed in a certain way, but that's not the worst news for Intel and its users. The software- or firmware-level mitigation for this vulnerability can inflict performance reductions "ranging from 2x to 19x" according to a report by The Register. A full mitigation for the new Load Value Injection (LVI) class of vulnerabilities requires Intel to redesign software compilers. The vulnerability is chronicled under CVE-2020-0551 and Intel-SA-00334. It is not a remote code execution threat, however, it puts multi-tenant machines, such as physical servers handling multiple tenants via virtual servers."
 
Kenrou said:
https://www.techpowerup.com/264676/...nerabilities-mitigation-hits-performance-hard - https://lviattack.eu/

"A new class of security vulnerabilities affect Intel processors, which can cause them to leak out sensitive information if probed in a certain way, but that's not the worst news for Intel and its users. The software- or firmware-level mitigation for this vulnerability can inflict performance reductions "ranging from 2x to 19x" according to a report by The Register. A full mitigation for the new Load Value Injection (LVI) class of vulnerabilities requires Intel to redesign software compilers. The vulnerability is chronicled under CVE-2020-0551 and Intel-SA-00334. It is not a remote code execution threat, however, it puts multi-tenant machines, such as physical servers handling multiple tenants via virtual servers."
Click to expand...

2x to 19x what?
 
2x to 19x less... but I highly doubt that value...it has to be in some extremely specific function. A 5p% drop in performance would put us back to amd fx days, lol.
 
From the linked website - "Unlike all previous Meltdown-type attacks, LVI cannot be transparently mitigated in existing processors and necessitates expensive*software patches, which may slow down Intel SGX enclave computations 2 up to 19 times."

A little more in depth - "Intel Software Guard Extensions*(SGX) is a set of*security-related*instruction codes*that are built into some modern*Intel*central processing units*(CPUs). They allow*user-level*as well as*operating system*code to define private regions of memory, called*enclaves, whose contents are protected and unable to be either read or saved by any process outside the enclave itself, including processes running at higher*privilege levels. SGX is disabled by default and must be opted in to by the user through their motherboard settings on a supported system.
SGX involves*encryption*by the CPU of a portion of memory. The enclave is decrypted*on the fly*only within the CPU itself, and even then, only for code and data running from within the enclave itself. The processor thus protects the code from being "spied on" or examined by other code. The code and data in the enclave utilize a*threat model*in which the enclave is trusted but no process outside it can be trusted (including the*operating system*itself and any*hypervisor), and therefore all of these are treated as potentially hostile. The enclave contents are unable to be read by any code outside the enclave, other than in its encrypted form. Applications running inside of SGX must be written to be side channel resistant as SGX does not protect against side channel measurement or observation.
SGX is designed to be useful for implementing secure*remote computation, secure*web browsing, and*digital rights management*(DRM).*Other applications include concealment of*proprietary algorithms*and of*encryption keys."

So if I read this right, the exploit messes with the on-the-fly encrypt/decrypt of instructions by the CPU.
 
So the equivalent of lowering the CPU multiplier by 2x-19x for these type of computations. Is this what is meant?
 
A 5p% drop in performance would put us back to amd fx days, lol.
Click to expand...

At the rate Intel is suffering from "mitigation" of security issues they'll be selling Pentium IIs equivalents soon. LOL
Intel jokes aside, it seems a lot of this stuff requires access to the physical computer, and the odds of the stuff possible by remote are slim. I haven't applied any of the fixes and I sleep like a baby at night. An old, grouchy, beer swilling and profanity laced baby, but a baby nonetheless.
 
You must log in or register to reply here.

Similar threads

]-[itman
New Hardware Exploit for Intel CPUs
Replies
1
Views
576
trents
trents
ihrsetrdr
Intel rips up microcode security fix
Replies
1
Views
676
EarthDog
EarthDog
C
squidguard hates me
Replies
1
Views
6K
CougarSE
C
Back