Hi Jerry

About why Intel is vulnerable to Meltdown and AMD, while Intel basically licensed the x64 instruction set from AMD the actual implementation of those instructions is completely different.


The instruction set for x86 and x64 is targeted at  Complex Instruction Set Computers (CISCs) however the underlying architecture of the Intel CPU is a hybrid CISC/RISC design. Intel can issue microcode updates to alter how x86/x64 instructions are mapped/translated into CISC/RISC architecture to fix execution issues and some security issues. As already been discussed widely the Meltdown security failure is core CPU functionality which has to be programmed around, so that OS Kernel Memory has to exist in a separate Virtual Machine from the User Programs. When an application needs to access the kernel it makes the function call which triggers the OS to save the request before switching to the kernel Virtual Machine which can then process the request,  but the process is reversed to return the results to the user application. Which is why Amazon have issued performance warnings, Microsoft Azure customers are complaining about broken servers.

AMD also has a combined CISC/RISC design but it is completely different from Intel which is why it is not susceptible to Meltdown and is susceptible to only one of the Spectre vulnerabilities.

In respect of ARM processors, Apple designs it own ARM processors which is why all their products are effected by Meltdown but only one of the standard ARM production cores is known to be susceptible. Equally Qualcomm designs its own ARM chips which have be reported to vulnerable to Meltdown.

In order to address vulnerabilities in speculative instruction execution the CPU should write the information into a separate L1 cache which implements process locking to stop other processes from accessing the speculative results.

Regards

Russell


_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
https://openindiana.org/mailman/listinfo/openindiana-discuss

Reply via email to