Meltdown/spectre notes

lion-mclionheadlion mclionhead wrote 01/05/2018 at 22:23 • 2 min read • Like

So basically, AWS automatically protected different customers from breaching other customers instances, but protecting different programs on a single instance from breaching other programs on the same instance requires a yum update kernel. If you're not running customer programs & everything you do run is known to not have an exploit, it's not necessary in the short term, but you could accidentally run a program in the future which does exploit it.

All our instances were automatically drop kicked 2 days ago for the press release, but the kernels were not automatically updated.  It must have been a last minute panic in Seattle. Suspect additional kernel updates will come along, as they figure out how to defeat SPECTRE & find better solutions.  Not sure why AWS doesn't automatically update their AMI images, since they don't keep any persistent data on an instance.

It's an interesting bug, taking advantage of the fact that multiple instructions can be executed on privileged memory before causing a segmentation fault & resetting the results of the instructions. 1 instruction reads the privileged memory. Another instruction uses the value of the privileged memory to compute another address to read, which is cached. Then, the CPU throws the segmentation fault & resets the reads, but does not clear the cache. By measuring the latency of accessing the addresses which are cached based on the values of the privileged memory, you can get the value of the privileged memory.

Every CPU in stock today is basically worthless. It's a good time to upgrade, if you just care about rendering videos but aren't doing any banking on it.