Another vulnerability discovered for Intel chips: Special Register Buffer Data Sampling (CVE-2020-0543)

By KaoDome
in Back Page News

 Share

Recommended Posts

Experienced

KaoDome

Posted
Posted

Intel Advisory INTEL-SA-00320 has some general info on it, but their Dive Deep page explains it better: Dive Deep: Special Register Buffer Data Sampling Advisory

 

Here's an excerpt:

Quote

Certain processor operations (such as RDRAND) microarchitecturally need to read data from outside the physical core (for example, from a random number generator shared between cores). This is often performed through an internal microarchitectural operation called a special register read.

 

On some processors, the data returned for a special register read is staged in a shared microarchitectural buffer and then transferred to the microarchitectural fill buffer within the physical core that performed the read. That core can then use the value from the microarchitectural fill buffer (for example, the core could copy the value into software-visible registers). This shared buffer is often larger than the data being read (the buffer is usually the size of a cache line), and different special register reads may use different offsets within the shared buffer.

 

...

 

When the shared staging buffer is updated on a read, only the portion of the staging buffer needed for that read is updated. The other portions of the staging buffer are not modified. The unmodified portions of the staging buffer may contain stale data from previous special register reads, including those done by other cores.

There are plenty of CPUs affected by this going back to Haswell, while a microcode update seems to be enough to mitigate it, RDRAND and RDSEED will be slower (and RDRAND serialized) according to the the article. It also states that many client systems don't use those instructions often enough to have a significant performance impact, so... there's that.

 

I wonder which kinds of workloads are using random numbers continuously for it to be a problem, crypto related maybe (like certificate generation)?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing