This was the first Hot Chips presentation posted. I wished to ask about whether it would be joined by others. Calm down - not everything is about Intel...
No that not what I mean, It just seems like when Intel is brought up - every one try to discuss other things like AMD and ARM.. people should say in focus.
"This was the first Hot Chips presentation posted."
That is incorrect - actually the one about Google Pixel was the first one.
"Intel at Hot Chips 2018: Showing the Ankle of Cascade Lake by Ian Cutress on August 19, 2018 7:30 PM EST"
"Hot Chips 2018: The Google Pixel Visual Core Live Blog (10am PT, 5pm UTC) by Ian Cutress on August 20, 2018 12:45 PM EST"
So... yeah, no. This was posted Sunday night. The PVC presentation wasn't until Monday morning. Unless you think Ian has a time machine, you're demonstrably and provably wrong.
Regarding the "money hand gesture" in the caption of the Intel tweet on the last page, do an image search for "Korean finger heart" to see what they're actually doing. :D
That is real good question and thanks for the Link? - I would be curious about what CPU's will have these extensions. My guess initially it will be part of hardware / software changes mention here. From a quick look at document , it looks primary aim at OS developers especially with mention of task switch.
As for your original question, My guess is that AMD will be adding similar instruction in a future - it just makes it hard for OS developers - unless AMD Licenses the additions so it has similar instructions.
The main reason is likely that CPU R&D cycle normally takes some 2+ years, and the Spectre/Meltdown vulnerabilities were only fully understood sometime midways during Cascade Lake's hardware design cycle where only minor architectural changes could be made. I believe you can only expect full-scale fix in microarchitectures that entered its initial development phases in late 2017 or so. Which means they won't enter the market until mid-2019 at the earliest. So, come back for Ice Lake and its sister families I guess.
I believe the difference is "Mitigation" is actually done in software or microcode downloaded to chip - but "Fix" is actually a change in actual hardware
There is no "fix" without removing Speculative Execution just like there is no hardware "fix" for buffer over/underruns. The fix is in software design, the mitigation is in hardware to compensate for the change in software design.
I believe that with Spectra 1 - this appears not to required CPU change and others similar to this - Spectra 2 requires no instructions and Spectra 3 requires no hardware changes
Not sure about other changes but keep in mind kernal can prevent rogue programs for cause problems but will slow system down by using io protection technique - only thing is what kind of perormance hurt is does this cause - this can fix in hardware with new hardware that the OS
To me as OS developer in the late 80's and early 90's, my knowledge now maybe limited - but cause of change in job - but it pretty sick that OS developers and CPU have spend resource to correct issues for situation with hackers and such to exploit hardware. Keep in mind these problems don't just effect Intel but also include ARM and AMD cpus.
I did notice a real CPU defect in IBM 486SLC - when switching from 286 protected mode 386 protected mode te IBM 486SLC had a defect according to IBM that the cache was inverted causing exception and hard lock as occur. I believe this was track down in early 90's
"Variant 1 is still to be tackled at the OS level". I wish Intel were more clear about this. They clearly views variant 1 as a problem for any and all software to solve, not just OS/VMM software. The only thing magical about the OS/VMM is that they're more popular attack vectors.
Well, it's a problem for all software with secrets it wants to keep, and means of speculation involving access to them. The most common example of this is the OS/VMM.
The core issue is that the speed of access to data is non-deterministic in the x86 model. Nothing in the original design said "you can't *try* to go faster than you would if you had to load everything only at the point that it came up" - indeed, doing so has been viewed as a feature for decades.
Meanwhile timing attacks have been viewed as relatively hard to exploit. But there are many ways in which a timing gadget may be constructed, this is arguably just a newly-discovered pattern commonly used by privileged software.
Unfortunately today we have increase of hackers that will try to take advantage of such features to hamper system. Which cause headaches for both CPU designers and OS designers.
Also the following link as interesting statement about these attacks not being just Intel.
It actually states "This contradicts some early statements made about the Meltdown vulnerability as being Intel-only"
When Zen 2 comes, which is going to be slightly later than CLake I think, please test Clake with all those security measures fix and see how it fare against AMD.
So does this mean the Optane DIMMs won't be compatible with the consumer CPUs / chipset families? Cause I'd love to have it as a universal in-hardware RAM drive alternative with comparable latencies and IOPS performance but more convenience and far less compatibility issues.
We've known that for quite some time: the Optane DIMMs require dedicated hardware in the processor (where the memory controllers are) which is only currently present in Xeon scalable CPUs.
This is exactly wanted to here about the Spectrum - Meltdown stuff - we all know it that Intel has been under stress about this and the delay of 10nm - but some have reported that the hardware changes would be delay until 10nm - so this means that Intel does not have to have all 10nm to make those changes in hard. So 14nm++ or what every people is not same architecture as previous chips. To me it obvious that Intel has put fixing these security issues top priority.
As for some of problems requiring OS/VMM - as a former OS developer, it very possible that volubility is in designed of OS - Intel has given OS developers like Microsoft, Apple - and unix base community software recommendations for changes in code to prevent them in current hard.
“Showing the Ankle” and “drip feeding”? You r mixing your metaphors. You need to focus on one theme like ... “raising it’s skirt”, “showing more leg” ... u know ... like that! 👍 Another great article ... now let me get back to reading the rest! Haha
Intel did do something tricky in that while LGA 3647 exposes 48 PCIe lanes, the HCC and XCC dies actually contain 64 lane PCIe controller. The 16 lanes are for on package accelerators or fabric. While I doubt Intel did increase this figures (or add an on-die UPI link), their wording appears to keep that possibility open.
For those people expecting an IDF-like substantial talk about the chips. The question arising are how the SKUs will be separated, How product stack will look like etc. I also think Intel will be drip feeding information about Cascade Lake.
Ya, Intel’s server and enterprise industry desperately want Spectre and Meltdown hardened processors. Intel also stated that they expect Cascade to be their fastest ramping processor, Its main target is making money.
We’ve updated our terms. By continuing to use the site and/or by logging into your account, you agree to the Site’s updated Terms of Use and Privacy Policy.
Facebook
Twitter
RSS
31 Comments
Back to Article
SarahKerrigan - Sunday, August 19, 2018 - link
Thanks for posting this! Any chance we'll see uploads of the presentations for Tachyum, Xavier, Power9 SU, or SX-Aurora?Ian Cutress - Sunday, August 19, 2018 - link
Live Blogs for sure, more in depth analysis will depend on time. Hopefully write another one up tonight.Yojimbo - Sunday, August 19, 2018 - link
I'd like to hear about the SX-Aurora.HStewart - Monday, August 20, 2018 - link
What does these have to do with Intel presentation - or you just curious about presentations of event in generalSarahKerrigan - Tuesday, August 21, 2018 - link
This was the first Hot Chips presentation posted. I wished to ask about whether it would be joined by others. Calm down - not everything is about Intel...HStewart - Tuesday, August 21, 2018 - link
No that not what I mean, It just seems like when Intel is brought up - every one try to discuss other things like AMD and ARM.. people should say in focus."This was the first Hot Chips presentation posted."
That is incorrect - actually the one about Google Pixel was the first one.
https://www.anandtech.com/show/13241/hot-chips-201...
SarahKerrigan - Tuesday, August 21, 2018 - link
"Intel at Hot Chips 2018: Showing the Ankle of Cascade Lakeby Ian Cutress on August 19, 2018 7:30 PM EST"
"Hot Chips 2018: The Google Pixel Visual Core Live Blog (10am PT, 5pm UTC)
by Ian Cutress on August 20, 2018 12:45 PM EST"
So... yeah, no. This was posted Sunday night. The PVC presentation wasn't until Monday morning. Unless you think Ian has a time machine, you're demonstrably and provably wrong.
grahad - Saturday, August 25, 2018 - link
It's HStewart. If you're not praising Intel in Intel articles he'll go after your jugular (and miss).TetrisChili - Sunday, August 19, 2018 - link
Regarding the "money hand gesture" in the caption of the Intel tweet on the last page, do an image search for "Korean finger heart" to see what they're actually doing. :DAlistair - Sunday, August 19, 2018 - link
Yeah it's kind of crazy every Korean person I know doing that now. It's a thing. In TV shows also.Yojimbo - Sunday, August 19, 2018 - link
It's also very big in China.abufrejoval - Monday, August 20, 2018 - link
What about the Control Flow Integrity extensions announced in 2016? Are they mentioned anywhere? Does anyone know what AMD is doing about them?https://software.intel.com/sites/default/files/man...
HStewart - Monday, August 20, 2018 - link
"Does anyone know what AMD is doing about them?"That is real good question and thanks for the Link? - I would be curious about what CPU's will have these extensions. My guess initially it will be part of hardware / software changes mention here. From a quick look at document , it looks primary aim at OS developers especially with mention of task switch.
As for your original question, My guess is that AMD will be adding similar instruction in a future - it just makes it hard for OS developers - unless AMD Licenses the additions so it has similar instructions.
iAPX - Monday, August 20, 2018 - link
Why and how "Mitigation" becomes "Fix"?!?Intel is clear about their lack of Fix again, but only mitigations. In the article it's not the same story.
moozooh - Monday, August 20, 2018 - link
The main reason is likely that CPU R&D cycle normally takes some 2+ years, and the Spectre/Meltdown vulnerabilities were only fully understood sometime midways during Cascade Lake's hardware design cycle where only minor architectural changes could be made. I believe you can only expect full-scale fix in microarchitectures that entered its initial development phases in late 2017 or so. Which means they won't enter the market until mid-2019 at the earliest. So, come back for Ice Lake and its sister families I guess.HStewart - Monday, August 20, 2018 - link
I believe the difference is "Mitigation" is actually done in software or microcode downloaded to chip - but "Fix" is actually a change in actual hardwareedzieba - Monday, August 20, 2018 - link
There is no "fix" without removing Speculative Execution just like there is no hardware "fix" for buffer over/underruns. The fix is in software design, the mitigation is in hardware to compensate for the change in software design.HStewart - Monday, August 20, 2018 - link
I believe that with Spectra 1 - this appears not to required CPU change and others similar to this - Spectra 2 requires no instructions and Spectra 3 requires no hardware changesNot sure about other changes but keep in mind kernal can prevent rogue programs for cause problems but will slow system down by using io protection technique - only thing is what kind of perormance hurt is does this cause - this can fix in hardware with new hardware that the OS
To me as OS developer in the late 80's and early 90's, my knowledge now maybe limited - but cause of change in job - but it pretty sick that OS developers and CPU have spend resource to correct issues for situation with hackers and such to exploit hardware. Keep in mind these problems don't just effect Intel but also include ARM and AMD cpus.
HStewart - Monday, August 20, 2018 - link
A link for the top part - of course part of this is just my opinion based on my previous experience as OS developerhttps://en.wikipedia.org/wiki/Meltdown_(security_v...
I did notice a real CPU defect in IBM 486SLC - when switching from 286 protected mode 386 protected mode te IBM 486SLC had a defect according to IBM that the cache was inverted causing exception and hard lock as occur. I believe this was track down in early 90's
Elstar - Monday, August 20, 2018 - link
"Variant 1 is still to be tackled at the OS level". I wish Intel were more clear about this. They clearly views variant 1 as a problem for any and all software to solve, not just OS/VMM software. The only thing magical about the OS/VMM is that they're more popular attack vectors.HStewart - Monday, August 20, 2018 - link
It very possibility that Variant 1 is not volubility in the hardware designed but how OS developers use the code.GreenReaper - Monday, August 20, 2018 - link
Well, it's a problem for all software with secrets it wants to keep, and means of speculation involving access to them. The most common example of this is the OS/VMM.The core issue is that the speed of access to data is non-deterministic in the x86 model. Nothing in the original design said "you can't *try* to go faster than you would if you had to load everything only at the point that it came up" - indeed, doing so has been viewed as a feature for decades.
Meanwhile timing attacks have been viewed as relatively hard to exploit. But there are many ways in which a timing gadget may be constructed, this is arguably just a newly-discovered pattern commonly used by privileged software.
HStewart - Monday, August 20, 2018 - link
Unfortunately today we have increase of hackers that will try to take advantage of such features to hamper system. Which cause headaches for both CPU designers and OS designers.Also the following link as interesting statement about these attacks not being just Intel.
It actually states "This contradicts some early statements made about the Meltdown vulnerability as being Intel-only"
https://en.wikipedia.org/wiki/Meltdown_(security_v...
iwod - Monday, August 20, 2018 - link
When Zen 2 comes, which is going to be slightly later than CLake I think, please test Clake with all those security measures fix and see how it fare against AMD.moozooh - Monday, August 20, 2018 - link
So does this mean the Optane DIMMs won't be compatible with the consumer CPUs / chipset families? Cause I'd love to have it as a universal in-hardware RAM drive alternative with comparable latencies and IOPS performance but more convenience and far less compatibility issues.edzieba - Monday, August 20, 2018 - link
We've known that for quite some time: the Optane DIMMs require dedicated hardware in the processor (where the memory controllers are) which is only currently present in Xeon scalable CPUs.HStewart - Monday, August 20, 2018 - link
This is exactly wanted to here about the Spectrum - Meltdown stuff - we all know it that Intel has been under stress about this and the delay of 10nm - but some have reported that the hardware changes would be delay until 10nm - so this means that Intel does not have to have all 10nm to make those changes in hard. So 14nm++ or what every people is not same architecture as previous chips. To me it obvious that Intel has put fixing these security issues top priority.As for some of problems requiring OS/VMM - as a former OS developer, it very possible that volubility is in designed of OS - Intel has given OS developers like Microsoft, Apple - and unix base community software recommendations for changes in code to prevent them in current hard.
wpapolis - Monday, August 20, 2018 - link
“Showing the Ankle” and “drip feeding”? You r mixing your metaphors. You need to focus on one theme like ... “raising it’s skirt”, “showing more leg” ... u know ... like that! 👍 Another great article ... now let me get back to reading the rest! HahaKevin G - Monday, August 20, 2018 - link
Intel did do something tricky in that while LGA 3647 exposes 48 PCIe lanes, the HCC and XCC dies actually contain 64 lane PCIe controller. The 16 lanes are for on package accelerators or fabric. While I doubt Intel did increase this figures (or add an on-die UPI link), their wording appears to keep that possibility open.nirmal12 - Monday, October 8, 2018 - link
For those people expecting an IDF-like substantial talk about the chips. The question arising are how the SKUs will be separated, How product stack will look like etc. I also think Intel will be drip feeding information about Cascade Lake.nirmal12 - Monday, October 8, 2018 - link
Ya, Intel’s server and enterprise industry desperately want Spectre and Meltdown hardened processors. Intel also stated that they expect Cascade to be their fastest ramping processor, Its main target is making money.