Overclock.net banner

[TH] Patch-Induced Reboot Errors Impact Kaby Lake, Skylake, Ivy And Sandy Bridge, Too

8K views 55 replies 34 participants last post by  Blameless 
#1 ·
Well, Kaby Lake, Skylake, and the newer chips are also getting reboots. This thing may be ballooning out of control for Intel. It has to be hitting the data center hard if servers are rebooting.
Quote:
ntel released a new update on the state of the Meltdown and Spectre patches to reveal that the reboot errors it previously disclosed, which plague Broadwell and Haswell systems, also impact Kaby Lake, Skylake, Ivy Bridge, and Sandy Bridge processors.

Intel issued the update as part of a broader update on the performance impact of the patches on data center workloads. The rolling nature of the updates and the early teething pains highlight that the patches for the vulnerabilities are still very much in their infancy. This means that the performance impact is far from a settled matter.
http://www.tomshardware.com/news/intel-reboot-meltdown-spectre-processors,36359.html
 
#2 ·
Thanks for posting. I"m not sure how anyone can say these vulnerabilities are settled and they're just a blimp in the radar. Its still a 'wait and see' matter regarding post performance. Many ppl are assuming this a one patch fix, which it isnt.
 
  • Rep+
Reactions: kyrie74
#4 ·
Quote:
Originally Posted by keikei View Post

Thanks for posting. I"m not sure how anyone can say these vulnerabilities are settled and they're just a blimp in the radar. Its still a 'wait and see' matter regarding post performance. Many ppl are assuming this a one patch fix, which it isnt.
Yep. Firmware will undergo revisions in the coming months; operating systems will implement and refine patches and mitigations like retpoline; many drivers and applications will be recompiled to better protect against the CPU flaws and it's still to be seen what kind of firmware support older CPUs will get and whether that's strictly necessary or if it's most important in servers, but much more difficult to exploit in a consumer, non shared system, where OS level patches + web browsers' less precise timers, sandboxing, site isolation + script blocking (noscript) and Anti-virus solutions will do a good enough job.

There are still way too many questions to answer.
 
#5 ·
So seems I'm okay for Meltdown but vulnerable to Spectre and Slower performance. Is the only way to fix this a BIOS update that may never come? What are the chances of them updating something as old as as Rampage IV E??
 
#6 ·
Quote:
Originally Posted by DoomDash View Post

So seems I'm okay for Meltdown but vulnerable to Spectre and Slower performance. Is the only way to fix this a BIOS update that may never come? What are the chances of them updating something as old as as Rampage IV E??
Nobody knows. Intel is probably trying to get away with only patching systems that came out in the last five years, since they've mentioned that time frame multiple times. Having said that, in this article they did mention Sandy Bridge and Ivy Bridge. Now, that seems to imply that they have provided firmware and some company has deployed them, hence the reboots and the complaints, so, again, it's still too soon to say. We should be asking Intel to patch systems from the last ten years and right after that say the same thing to the motherboard makers (with Intel footing part of the bill). At the very least the OS makers, for them to deliver the microcode updates instead.

Anyway, as to fixes, Spectre Variant 1 is already patched at the OS level. The problem is Spectre Variant 2. If you're using a fully up to date Firefox, IE 11 or Edge, you're already benefiting from mitigations:
Quote:
Jann Horn of Google Project Zero Security reported that speculative execution performed by modern CPUs could leak information through a timing side-channel attack. Microsoft Vulnerability Research extended this attack to browser JavaScript engines and demonstrated that code on a malicious web page could read data from other web sites (violating the same-origin policy) or private data from the browser itself.

Since this new class of attacks involves measuring precise time intervals, as a partial, short-term, mitigation we are disabling or reducing the precision of several time sources in Firefox. The precision of performance.now() has been reduced from 5μs to 20μs, and the SharedArrayBuffer feature has been disabled because it can be used to construct a high-resolution timer.
https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/

IE 11 and Edge are using the exact same precision reductions.
 
#7 ·
#8 ·
Can confirm issues with the latest bios issued for my B250M-HDV paired with a G4650

Random restarts... Great...
 
#9 ·
Quote:
Originally Posted by DoomDash View Post

So seems I'm okay for Meltdown but vulnerable to Spectre and Slower performance. Is the only way to fix this a BIOS update that may never come? What are the chances of them updating something as old as as Rampage IV E??
I already updated the microcode for the Rampage IV boards. Unfortunately they only released a microcode update for Ivy Bridge/E. Intel still hasn't released a Microcode for Sandy Bridge/E. If Intel ever releases a Microcode update for Sandy Bridge I will update the UEFIs.

http://www.overclock.net/t/1151946/official-asus-rog-rampage-iv-x79-owners-club/9830

These are the ones that have been patched so far.

IVT C0 (06-3e-04:ed) 428->42a
SKL-U/Y D0 (06-4e-03:c0) ba->c2
BDW-U/Y E/F (06-3d-04:c0) 25->28
HSW-ULT Cx/Dx (06-45-01:72) 20->21
Crystalwell Cx (06-46-01:32) 17->18
BDW-H E/G (06-47-01:22) 17->1b
HSX-EX E0 (06-3f-04:80) 0f->10
SKL-H/S R0 (06-5e-03:36) ba->c2
HSW Cx/Dx (06-3c-03:32) 22->23
HSX C0 (06-3f-02:6f) 3a->3b
BDX-DE V0/V1 (06-56-02:10) 0f->14
BDX-DE V2 (06-56-03:10) 700000d->7000011
KBL-U/Y H0 (06-8e-09:c0) 62->80
KBL Y0 / CFL D0 (06-8e-0a:c0) 70->80
KBL-H/S B0 (06-9e-09:2a) 5e->80
CFL U0 (06-9e-0a:22) 70->80
CFL B0 (06-9e-0b:02) 72->80
SKX H0 (06-55-04:b7) 2000035->200003c
GLK B0 (06-7a-01:01) 1e->22
 
#10 ·
I was about to update my BIOS .. I guess I'll still wait.
 
#17 ·
Quote:
Originally Posted by djriful View Post

As I am typing here now, I am running backup image of my drive in case this hit the fan...
Quite sure that image won't help.
 
#18 ·
And everyone was up an arms when AMD had memory issues saying intel never has issues
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
 
#20 ·
Quote:
Originally Posted by Shiftstealth View Post

And everyone was up an arms when AMD had memory issues saying intel never has issues
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
Of course Intel has erratas but these patches affect every architecture. The patches that AMD released were causing blue screens. Also lets not forget AMD's initial reaction to spectre "there is a near zero risk to AMD processors." now they're facing a lawsuit for artificially inflating its stock.

https://www.cnbc.com/2018/01/09/microsoft-halts-some-amd-chip-meltdown-patches-after-pcs-freeze.html

Research has already been done and AMD is at risk:
https://spectreattack.com/spectre.pdf
 
#21 ·
Quote:
Originally Posted by WannaBeOCer View Post

Quote:
Originally Posted by Shiftstealth View Post

And everyone was up an arms when AMD had memory issues saying intel never has issues
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
rolleyes.gif
Of course Intel has erratas but these patches affect every architecture. The patches that AMD released were causing blue screens. Also lets not forget AMD's initial reaction to spectre "there is a near zero risk to AMD processors." now they're facing a lawsuit for artificially inflating its stock.

https://www.cnbc.com/2018/01/09/microsoft-halts-some-amd-chip-meltdown-patches-after-pcs-freeze.html

Research has already been done and AMD is at risk:
https://spectreattack.com/spectre.pdf
Context is important sometimes
Quote:
Variant Two Branch Target Injection Differences in AMD architecture mean there is a near zero risk of exploitation of this variant. Vulnerability to Variant 2 has not been demonstrated on AMD processors to date.
https://www.amd.com/en/corporate/speculative-execution

That quote is only for variant two. See other statements made by AMD.
 
#23 ·
Quote:
Originally Posted by TinyRichard View Post

I trust Intel to catch, fix, and re-update CPU / hardware patches more than I trust replacing my existing hardware with AMD components.

I would offer that opinion is reflected in a greater number of people than currently reflected in the blogosphere.
Sandy and Ryzen systems here. I keep the former turned off for the time being.
redface.gif


Till the dust settles.
 
  • Rep+
Reactions: lovetobuild
#24 ·
Quote:
Originally Posted by Yttrium View Post

Context is important sometimes
https://www.amd.com/en/corporate/speculative-execution

That quote is only for variant two. See other statements made by AMD.
I am referring to their statement made on 1/03/2018
Quote:
To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time.
https://www.tweaktown.com/news/60580/amd-hit-class-action-lawsuit-over-spectre-meltdown/index.html
 
#25 ·
Quote:
Originally Posted by TinyRichard View Post

I am referring to their statement made on 1/03/2018
Quote:
To be clear, the security research team identified three variants targeting speculative execution. The threat and the response to the three variants differ by microprocessor company, and AMD is not susceptible to all three variants. Due to differences in AMD's architecture, we believe there is a near zero risk to AMD processors at this time.
Wasn't this debated already? Companies always use semantics and vague language to their advantage. and strictly speaking the statement is true. AMD is only affected by one of the variants with limited exploitation of the second(?) variant. Thus """Not susceptible to all three variants."""
 
#26 ·
Quote:
Originally Posted by Yttrium View Post

Wasn't this debated already? Companies always use semantics and vague language to their advantage. and strictly speaking the statement is true. AMD is only affected by one of the variants with limited exploitation of the second(?) variant. Thus """Not susceptible to all three variants."""
That's why they are being slapped with a lawsuit for artificially inflating its stock. Poor choice of words are going to bite them. Also the statement isn't true that is why they updated their page and released patches.
 
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top