[Phoronix] Intel's Mitigation For CVE-2019-14615 Graphics Vulnerability Obliterates Gen7 iGPU Performance - Page 3 - Overclock.net - An Overclocking Community
Forum Jump: 

[Phoronix] Intel's Mitigation For CVE-2019-14615 Graphics Vulnerability Obliterates Gen7 iGPU Performance

Reply
 
Thread Tools
post #21 of 36 (permalink) Old 01-16-2020, 08:29 PM
New to Overclock.net
 
Paradigm Shifter's Avatar
 
Join Date: Aug 2009
Location: Japan
Posts: 2,908
Rep: 252 (Unique: 201)
Quote: Originally Posted by Imouto View Post
It doesn't bode well.

https://www.phoronix.com/scan.php?pa...CVE-2019-14615

Red Hat recommends to disable the Intel iGPU driver.
Basically Red Hat are saying "stop using your computer" then. This isn't really a server vulnerability (they aren't likely to be running Intel GPU in the first place)... this is disastrous for anyone with an Intel-based laptop, especially, where there 99.99% chance of not being able to disable the thing.

Joys. And I was so impressed with my new laptop, too...


Paradigm Shifter is offline  
Sponsored Links
Advertisement
 
post #22 of 36 (permalink) Old 01-16-2020, 10:57 PM
Not a linux lobbyist
 
rluker5's Avatar
 
Join Date: Feb 2014
Location: Wisconsin
Posts: 1,978
Rep: 52 (Unique: 39)
Quote: Originally Posted by Imouto View Post
It doesn't bode well.

https://www.phoronix.com/scan.php?pa...CVE-2019-14615

Red Hat recommends to disable the Intel iGPU driver.
The author strengthened his statement that it seems very unlikely to be exploited in any fashion other than with direct local access. Seemed like his only reason to withhold certainty on the matter was Intel being tight lipped about details.

So what I'm reading is Red Hat wants you to disable your igpu drivers to protect against someone already on your computer, with full access and control, from trying some elaborate scheme to gain your cpu's information out of the data your igpu is processing. When they can already see everything, screenshot it, record it, edit it, post it on reddit without even logging out.

That is also apparently mitigated and the guy who made the statement at Red Hat hasn't stated that the mitigation didn't work. But still recommends disabling the kernel graphics driver just to let windows fix it with whatever at a time of window's choosing. Oh right, so no windows either. Even though the exploit would be stopped by the mitigation between steps 4 and 5 by having the EU cleared at context switch per the first article.
Quote:
In particular, here is the explanation of how this vulnerability works based upon their information:
1 - Userspace creates a batchbuffer
2 - Batchbuffer sent to kernel via ioctl
3 - ioctl issues it as an "Execution Unit" for the hardware.
4 - The kernel schedules another process to run.
5- Another process (running as user) can access the previous Execution Unit results by re-using Execution Units results.

L5
(17 items)
Lea2
(11 items)
L7
(11 items)
CPU
5775c
Motherboard
Maximus VII Hero
GPU
Aorus 1080ti Waterforce
RAM
16 Gb Gskill Trident @ 2400,cas10,1.575v
RAM
8 Gb Gskill Trident @ 2400,cas10,1.575v
Hard Drive
1Tb Team ssd
Hard Drive
seagate barracuda 3T
Hard Drive
Optane 900p 480G OS
Optical Drive
Asus BW-16D1HT
Power Supply
EVGA Supernova 1300 G2
Cooling
Cooler Master MasterLiquid Pro 120 (cpu)
Cooling
2 140mm case fans, 2 120mm
Case
Fractal Design R4 (no window)
Operating System
W10 64 pro
Monitor
panasonic TC-58AX800U
Audio
Focal Elear, Nova 40, 598se, HE4xx, DT990pro w b.boost earpads
Audio
SoundbasterX AE-5, onboard
CPU
4770k
Motherboard
Asus Z87 Deluxe
GPU
Fury Nitro
RAM
8Gb klevv urbane 2133
Hard Drive
ROG Raidr 240Gb pcie
Hard Drive
1Tb WD blue
Power Supply
Pc Power&Cooling silencer Mk2 950w
Cooling
Deepcool Lucifer V2
Case
DIYPC P48-W
Operating System
W10 64 pro
Monitor
40"tv
CPU
4980hq
Motherboard
Asus H81T/CSM
RAM
8Gb 1600 samsung
Hard Drive
Samsung 850 evo 120gb
Power Supply
Skyvast 90w brick for hp pavilion something
Cooling
SilverStone Tek Super Slim
Case
SilverStone Tek PT13B
Operating System
W10 64 pro
Monitor
24" samsung 1080p
Keyboard
Logitech K400+
Other
Intel wifi ac card and noname antennas
▲ hide details ▲
rluker5 is offline  
post #23 of 36 (permalink) Old 01-17-2020, 01:33 AM
New to Overclock.net
 
Liranan's Avatar
 
Join Date: Nov 2010
Location: Soviet China... Oh wait..
Posts: 8,782
Rep: 616 (Unique: 300)
Well done Intel, well done.

Quote:
Quote:
Originally Posted by faraz1729 go_quote.gif
Haha, Liranan, you creep.

Tacitus - The more corrupt the state, the more numerous the laws

Only when the last tree has died and the last river been poisoned and the last fish been caught will we realise we cannot eat money. - Cree Indian Proverb
Liranan is online now  
Sponsored Links
Advertisement
 
post #24 of 36 (permalink) Old 01-17-2020, 02:17 AM
New to Overclock.net
 
Paradigm Shifter's Avatar
 
Join Date: Aug 2009
Location: Japan
Posts: 2,908
Rep: 252 (Unique: 201)
Since a kernel landed today (that I presume has the mitigations for this vulnerability, although the changelogs are lacking clarity on this point) I am seeing regular soft-locks of the GUI on an Iris Pro 655. I can't detect any performance decrease, but the soft locks are not an improvement. It recovers after a few seconds with the corresponding entries in dmesg, but this is very annoying.


Paradigm Shifter is offline  
post #25 of 36 (permalink) Old 01-17-2020, 03:10 AM
New to Overclock.net
 
deepor's Avatar
 
Join Date: Feb 2013
Posts: 4,905
Rep: 483 (Unique: 328)
Quote: Originally Posted by Paradigm Shifter View Post
Since a kernel landed today (that I presume has the mitigations for this vulnerability, although the changelogs are lacking clarity on this point) I am seeing regular soft-locks of the GUI on an Iris Pro 655. I can't detect any performance decrease, but the soft locks are not an improvement. It recovers after a few seconds with the corresponding entries in dmesg, but this is very annoying.

That might be unrelated to the mitigation. The Intel driver seems to have been getting more buggy in general. People with Intel graphics complain about hangs in kernel 5.3 and 5.4 more than usual.
deepor is offline  
post #26 of 36 (permalink) Old 01-17-2020, 03:53 AM
New to Overclock.net
 
Paradigm Shifter's Avatar
 
Join Date: Aug 2009
Location: Japan
Posts: 2,908
Rep: 252 (Unique: 201)
Quote: Originally Posted by deepor View Post
That might be unrelated to the mitigation. The Intel driver seems to have been getting more buggy in general. People with Intel graphics complain about hangs in kernel 5.3 and 5.4 more than usual.
Acknowledged, thanks. Bit like kernel 5.0.0 a while ago caused me grief with 2080Tis constantly dropping off the PCI-E bus. Was solid on 4.15, 4.18 or 4.19.

I'll keep an eye out.


Paradigm Shifter is offline  
post #27 of 36 (permalink) Old 01-17-2020, 11:05 PM
there is no easy way out
 
sumitlian's Avatar
 
Join Date: Jun 2011
Location: India
Posts: 3,236
Rep: 312 (Unique: 177)
Quote: Originally Posted by Liranan View Post
Well done Intel, well done.
The interesting this is; how do we know for sure that the Gen9 iGPUs don't suffer from the similar vulnerabilities and its performance won't be "obliterated" in future; say after 2 or 3 years?

It just works
(13 items)
CPU
Intel Xeon E3-1246 V3 with TSX - The "debut" of Remote Attack Edition :D
Motherboard
Asus B85M-G Rev 1.01, BIOS version: Pre August-2014
GPU
Intel HD P4600/P4700
RAM
16 GB 1600 MHz DDR3
Hard Drive
Samsung 750 EVO
Hard Drive
1 TB + 500 GB + 500 GB
Power Supply
(8+ years old) Corsair TX850 V2
Cooling
(7+ years old) Corsair H70
Case
CoolerMaster Elite 430 Black
Operating System
Windows 10 64 bit
Monitor
Samsung A300N 20" 1600 x 900 60Hz 5ms 19Watt
Keyboard
(9+ years old) PS/2 Microsoft Wired Keyboard 500
Mouse
Shitty Logitech M170 mouse (scroller went kaput within a year)
▲ hide details ▲
sumitlian is offline  
post #28 of 36 (permalink) Old 01-18-2020, 11:03 AM
New to Overclock.net
 
EniGma1987's Avatar
 
Join Date: Sep 2011
Posts: 6,424
Rep: 344 (Unique: 253)
Quote: Originally Posted by ThrashZone View Post
Hi,
Who is using onboard graphic's now days ?
Besides maybe a cheap laptop.
I have some friends who play CS in the office on Fridays when work is slow and they all use integrated intel graphics from Ivy Bridge CPUs.

EniGma1987 is online now  
post #29 of 36 (permalink) Old 01-18-2020, 01:54 PM
Not a linux lobbyist
 
rluker5's Avatar
 
Join Date: Feb 2014
Location: Wisconsin
Posts: 1,978
Rep: 52 (Unique: 39)
Quote: Originally Posted by sumitlian View Post
The interesting this is; how do we know for sure that the Gen9 iGPUs don't suffer from the similar vulnerabilities and its performance won't be "obliterated" in future; say after 2 or 3 years?
They tested the mitigation on gen 9 in the article. Minimal performance impact.

L5
(17 items)
Lea2
(11 items)
L7
(11 items)
CPU
5775c
Motherboard
Maximus VII Hero
GPU
Aorus 1080ti Waterforce
RAM
16 Gb Gskill Trident @ 2400,cas10,1.575v
RAM
8 Gb Gskill Trident @ 2400,cas10,1.575v
Hard Drive
1Tb Team ssd
Hard Drive
seagate barracuda 3T
Hard Drive
Optane 900p 480G OS
Optical Drive
Asus BW-16D1HT
Power Supply
EVGA Supernova 1300 G2
Cooling
Cooler Master MasterLiquid Pro 120 (cpu)
Cooling
2 140mm case fans, 2 120mm
Case
Fractal Design R4 (no window)
Operating System
W10 64 pro
Monitor
panasonic TC-58AX800U
Audio
Focal Elear, Nova 40, 598se, HE4xx, DT990pro w b.boost earpads
Audio
SoundbasterX AE-5, onboard
CPU
4770k
Motherboard
Asus Z87 Deluxe
GPU
Fury Nitro
RAM
8Gb klevv urbane 2133
Hard Drive
ROG Raidr 240Gb pcie
Hard Drive
1Tb WD blue
Power Supply
Pc Power&Cooling silencer Mk2 950w
Cooling
Deepcool Lucifer V2
Case
DIYPC P48-W
Operating System
W10 64 pro
Monitor
40"tv
CPU
4980hq
Motherboard
Asus H81T/CSM
RAM
8Gb 1600 samsung
Hard Drive
Samsung 850 evo 120gb
Power Supply
Skyvast 90w brick for hp pavilion something
Cooling
SilverStone Tek Super Slim
Case
SilverStone Tek PT13B
Operating System
W10 64 pro
Monitor
24" samsung 1080p
Keyboard
Logitech K400+
Other
Intel wifi ac card and noname antennas
▲ hide details ▲
rluker5 is offline  
post #30 of 36 (permalink) Old 01-19-2020, 07:00 PM
New to Overclock.net
 
Paradigm Shifter's Avatar
 
Join Date: Aug 2009
Location: Japan
Posts: 2,908
Rep: 252 (Unique: 201)
Quote: Originally Posted by rluker5 View Post
They tested the mitigation on gen 9 in the article. Minimal performance impact.
I think the point was that what impact will a future mitigation have on Gen.9 performance? Obsolescence by security mitigation? Too many people still using old systems? Need a quick injection of cash from companies replacing their kit? Announce security vulnerability, "mitigate" it (and destroy performance in the process), tell everyone "new chips don't see a performance drop!".... profit?


Paradigm Shifter is offline  
Reply

Quick Reply
Message:
Options

Register Now

In order to be able to post messages on the Overclock.net - An Overclocking Community forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.
User Name:
If you do not want to register, fill this field only and the name will be used as user name for your post.
Password
Please enter a password for your user account. Note that passwords are case-sensitive.
Password:
Confirm Password:
Email Address
Please enter a valid email address for yourself.
Email Address:

Log-in



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page


Forum Jump: 

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off