Intel in Battle Between Performance and Security
THE PAST TWO YEARS have been rough on Intel CPUs. As if AMD’s sudden increased competitiveness with Ryzen and the repeated delays of Intel’s 10nm process weren’t enough, security researchers continue to find new and interesting ways to compromise systems via side-channel attacks.
It started with Meltdown and Spectre in early 2018, but those were just the tip of the iceberg. Since then, numerous other exploits have been discovered, with the latest MDS attacks (Microarchitectural Data Sampling) of RIDL and Fallout affecting Intel CPUs as far back as the first-gen Core i7 parts.
Patches and mitigations have mostly addressed the problems, but performance has taken a hit in some workloads. And we’re likely to continue seeing similar exploits—not just for Intel CPUs.
Where do these exploits come from, and how could these vulnerabilities go undiscovered for so long? It’s a complex subject, and the difficulty is that these side-channel attacks don’t go after data directly, using other methods to “trick” CPUs into divulging secrets. These attacks use knowledge of low-level CPU features that help processors run faster. Intel—and other processor companies, including AMD and Nvidia—are stuck fighting a battle between performance and security, with users caught in the crossfire. Here’s a very quick rundown of some of the exploits so far. • Meltdown: Caches are a great way to speed up CPUs, by avoiding delays accessing slow DRAM or hard drives. Meltdown used a cache timing attack to access protected data. The KPTI fixes applied at the OS level help prevent this form of attack. • Spectre: Every time a branch occurs in code, a CPU has to guess where the next instructions will come from. It “speculates” and starts executing those instructions, so that all the hardware isn’t just twiddling its thumbs. Spectre uses knowledge of branch prediction and speculative execution to get at protected data. • RIDL, MDS: CPUs break the work for each machine instruction into 20-30 stages. To make all these stages work together, CPUs have lots of buffers to hold data, so everything can run as fast as possible. MDS-class attacks can use the buffers to leak data. • Fallout, MDS: Finding six independent instructions per clock to dispatch is hard. HyperThreading (or Simultaneous Multi-Threading) allows two instruction threads to run concurrently on the same core, sharing some resources. Finding three independent instructions from each thread is easier, leading to better use of resources and potentially improving performance. Fallout and other MDS attacks are easier to implement with Hyper-Threading.
For decades, CPU designs have focused on making processors faster and more efficient, but the clever speed hacks leave potential vulnerabilities. The complexity of carrying out a side-channel attack is high, but it only takes one functioning solution to pave the way for many clones. With multiple proof of concept exploits, there’s a ripple effect where new approaches are also bearing fruit. It’s forcing CPU architects to go back and re-examine everything that’s done to ensure there are no critical flaws and exploits.
There’s no simple solution. Software mitigations can only go so far—we need new CPU designs built with security in mind. But that security may come at the cost of performance. Otherwise we may end up in a dystopian future where our data is increasingly vulnerable. Assuming we’re not already there. Jarred Walton has been a PC and gaming enthusiast for over 30 years.