Spectre still unfixed, unlike what Intel says
Written by https://twitter.com/never_released , reviewed and corrected by Alex Ionescu
On January 4th, 3 separate vulnerabilities were released, the two first ones being named Spectre (Variant 1 and 2) and the third one being Meltdown (Variant 3).
Intel CPUs are affected by all vulnerabilities, as are Apple A-series CPUs used on iOS devices, nVidia Tegra X2, the ARM Cortex-A75 and the Qualcomm Snapdragon 845 CPUs. CPUs with speculative execution from other manufacturers (other ARM "big" cores, AMD CPUs, PowerPC, ...) are affected by Spectre but not Meltdown.
In-order CPUs (such as ARM Cortex-A7 or ARM Cortex-A53, as are Atoms before 2013) are not affected by Meltdown and Spectre.
Meltdown (Variant 3) : CVE-2017-5754
Meltdown has been fixed on the Linux kernel through a patchset named KPTI, which affects performance differently depending on the workload. The effects are negligible for typical desktop usage, but some server workloads are heavily impacted.
Windows was patched in November for Insider (beta) builds, and January 2018 for everyone else. The hit when having a CPU without the INVPCID feature (pre-Haswell CPUs) is bigger than more modern CPUs for Meltdown, the TLB has to be flushed on each interrupt or context switch on older CPUs.
PCID as implemented in Ivy Bridge and earlier isn't enough to use the faster path instead of a TLB flush, INVPCID as present on Haswell and later is required for Windows. On Linux, a faster path is used even when INVPCID isn't available.
KPTI is only available for 64-bit operating systems. Some 32-bit operating systems such as Mac OS X are immune because they use separate memory maps for kernel and userspace, at does Linux with a 4GB/4GB memory split.
Spectre (Variant 2) : CVE-2017-5715
Windows:
It's fixed on Windows on Intel and AMD systems with a microcode update delivered by the OEM, using IBPB and IBRS when available. If no microcode update is done, LFENCE is implemented on Windows as a mitigation for the kernel.
Linux:
It's fixed with a mitigation called retpoline (with 5-10% performance impact in server use, should be negligible for customers) on Intel CPUs, which requires recompiling applications for full protection.
On Skylake and later, retpoline is only "98%" effective, aka probably workaroundable in the future.
IBRS, a patchset with a performance impact which also requires newer microcode to work exists for security-concerned users who want to protect applications one from the other without individual per-app fixes (IBRS=2 setting). IBRS is currently available through microcode updates for Haswell and later.
On AMD CPUs, retpoline isn't needed and usage of the LFENCE instruction is enough to protect against Variant 2 of Spectre for the kernel. IBPB is available as a part of a microcode update to protect applications without recompiling (microcode update not currently fully rolled out, and kernel code not included in the official Linux tree yet).
Spectre (Variant 1) : CVE-2017-5753
Spectre (Variant 1) is a bounds-checking exploit during branching. This issue is fixed with a kernel patch which isn't mainlined yet in the Linux kernel according to Red Hat. The flaw shouldn't exist on Windows, but can exist on third-party drivers used on the operating system. It'll have to be fixed for JITs such as web browsers too, it allows reading all the data of the current process otherwise.
tl;dr
Meltdown is currently patched for Linux & Windows.
Windows:
Warning: _For Windows systems, microcode updates have to be shipped via the BIOS/UEFI to protect against Spectre (Variant 2) across applications. They are manually downloadable via Windows Update too. _
Warning 3: Windows XP/Vista and Windows Server 2003/2008 will never get Meltdown updates. Windows 8.0 is out of support, it'll not get Meltdown updates too.
Linux:
The kernel is protected against Spectre (Variant 2) but application-specific patches are required except when IBPB=2 + STIBP, IBRS=1 + IBPB=1, or IBRS=2 are used.
Application-specific updates will be required to mitigate against Spectre (Variant 2) when IBRS=1 without IBPB, LFENCE, or retpoline mitigations are used kernel-side. Retpoline isn't fully effective for Skylake and later microarchitectures.
Notes:
-
On Windows Server, KvaShadow (KPTI) and IBRS are disabled by default because of the performance impact, and have to be explicitly enabled by the administrator if he's concerned enough about security.
-
On Windows (client), the update is only downloaded if the antivirus vendor did set a registry key, for compatibility reasons.
-
macOS warning: The security flaw is not fixed in macOS 10.12 or 10.11, but only in High Sierra, Apple modified their support website to reflect this ( https://twitter.com/mikeymikey/status/949345240099377152 )
-
On pre-Ryzen AMD CPUs, IBRS=2 and IBPB=1 is enabled by default on Red Hat to provide protection. On Ryzen, IBPB=2 is enabled instead.
-
ibpb=2 doesn’t protect the kernel against attacks based on simultaneous multi-threading (SMT, also known as hyperthreading); therefore, ibpb=2 provides less complete protection unless SMT is also disabled or STIBP is used. IBPB addresses Spectre (Scenario 2).
-
About the microcode update for Zen 1 CPUs being described as "disabling branch prediction", this is a mistake in the description of the update. The update adds support for IBPB.
-
When Intel® OS Guard, also known as Supervisor-Mode Execution Prevention (SMEP), is enabled, the operating system will not be allowed to directly execute application code, even speculatively.
For Windows, there is something I don't understand : if retpoline was implemented dynamically, there would no reason to enable it on AMD.
So it means there is only one code path, so it is also used on Intel even if the microcode update is done (so performance impacts are added). Then perhaps the sentence should be "Windows always uses retpoline, so even if no microcode update is done, there is still a mitigation".
So it would be :
That is : retpoline slows down everyone, to protect older or non microcode-updated Intel CPUs.