[LIST] of CPU's most likely immune to Spectre

If theres a test I can run on machines I can throw a bunch of shit to the list

There is.

for windows

https://support.microsoft.com/en-hk/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

looking into a Linux script for it now

Well I know I’m not going to install windows on powerpc :T

2 Likes

What about this guy?
It combines PI and Arduino tech to run linux, android, or windows

1 Like

Referring to the following:

  1. ARM Security matrix: https://developer.arm.com/support/security-update
  2. Intel Information disclosure: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00088&languageid=en-fr

I hope that answers your question. :smiley:

Sorry, but you’re wrong about “old” stuff. PowerPC uses speculative execution since the first CPU, the PowerPC 601 (the year was 1991!), thus it is affected by Spectre. Meltdown is Intel-only as far as we know anyhow.

Proof? From the TenFourFox developer (blog post): “Power ISA is fundamentally vulnerable going back even to the days of the original PowerPC 601, as is virtually all current architectures, and there are no simple fixes.”

The same is true for IBM POWER and OpenPOWER.

2 Likes

First of all welcome to the forums and thank you for your information.
I will have a look. :smiley:

But one thing that is wrong.

See ARM Cortex-A75.

Ok so I found some more info on PPC603 that states it performing speculative exection past unresolved branches.

http://ieeexplore.ieee.org/document/363093/

Power 6 however I included because it did things very differently from its prior and subsequent similarly named brethren.

As far as I could tell from specifications it only performed limited speculation. - But I was wrong. It is vulnerable. As TenFourFox testing has shown.

http://www.cs.wm.edu/~kemper/cs654/slides/power6.pdf

Or refer to

Systems Architecture | 6th Edition
ISBN-13: 9781133171324

For a Power 6 overview.

On further inspection.
I meant to include the PowerPC 603q.
This CPU was a ground up recreation of PPC 603 by Quantum Effect Devices.

It lacked the speculative execution functionality and used an in-order execution pipeline.

http://www.cpushack.com/CIC/announce/1996/QEDPowerPCq.html

So, yeah it’s so obscure it’s irrelevant. Hence I’ve removed it from the list. :smiley:

Output of my 1225V3

~/Desktop$ time ./spectre
Reading 23 bytes:
Reading at malicious_x = 0xffffffffffdfedf8... Success: 0x48=’H’ score=51 (second best: 0x00 score=23)
Reading at malicious_x = 0xffffffffffdfedf9... Success: 0x65=’e’ score=2 
Reading at malicious_x = 0xffffffffffdfedfa... Success: 0x6C=’l’ score=47 (second best: 0x00 score=21)
Reading at malicious_x = 0xffffffffffdfedfb... Success: 0x6C=’l’ score=37 (second best: 0x00 score=16)
Reading at malicious_x = 0xffffffffffdfedfc... Success: 0x6F=’o’ score=2 
Reading at malicious_x = 0xffffffffffdfedfd... Success: 0x20=’ ’ score=2 
Reading at malicious_x = 0xffffffffffdfedfe... Success: 0x4C=’L’ score=89 (second best: 0x00 score=42)
Reading at malicious_x = 0xffffffffffdfedff... Success: 0x65=’e’ score=35 (second best: 0x00 score=15)
Reading at malicious_x = 0xffffffffffdfee00... Success: 0x76=’v’ score=271 (second best: 0x00 score=133)
Reading at malicious_x = 0xffffffffffdfee01... Success: 0x65=’e’ score=241 (second best: 0x00 score=118)
Reading at malicious_x = 0xffffffffffdfee02... Success: 0x6C=’l’ score=177 (second best: 0x00 score=86)
Reading at malicious_x = 0xffffffffffdfee03... Success: 0x31=’1’ score=51 (second best: 0x00 score=23)
Reading at malicious_x = 0xffffffffffdfee04... Success: 0x54=’T’ score=67 (second best: 0x00 score=31)
Reading at malicious_x = 0xffffffffffdfee05... Success: 0x65=’e’ score=207 (second best: 0x00 score=101)
Reading at malicious_x = 0xffffffffffdfee06... Success: 0x63=’c’ score=31 (second best: 0x00 score=13)
Reading at malicious_x = 0xffffffffffdfee07... Success: 0x68=’h’ score=103 (second best: 0x00 score=49)
Reading at malicious_x = 0xffffffffffdfee08... Success: 0x73=’s’ score=41 (second best: 0x00 score=18)
Reading at malicious_x = 0xffffffffffdfee09... Success: 0x00=’?’ score=2 
Reading at malicious_x = 0xffffffffffdfee0a... Success: 0x25=’%’ score=2 
Reading at malicious_x = 0xffffffffffdfee0b... Success: 0x70=’p’ score=23 (second best: 0x00 score=9)
Reading at malicious_x = 0xffffffffffdfee0c... Success: 0x00=’?’ score=2 
Reading at malicious_x = 0xffffffffffdfee0d... Success: 0x25=’%’ score=37 (second best: 0x00 score=16)
Reading at malicious_x = 0xffffffffffdfee0e... Success: 0x64=’d’ score=37 (second best: 0x00 score=16)

real	0m0.067s
user	0m0.065s
sys	0m0.000s
3 Likes

For your home network this is going to means nothing.

the whole debacle is because intel specially has focused so much on data centers lately, which is where the performance is going to hurt.
The fact you got a raspberry pi making a harddrive share, or you got a r-pi lighting up some led strip somewhere in your living room, means nothing.
It is a Fked up situation that someone finally broke through Intels ivory shell, but as all companies no ones perfect, but most of the whole problems is focused on data centers where Intel has “alot of explainin todo”, where as your home network is next to untouched, even if you’re gaming.

I know its an edge case but what about x86 consoles / spectre?

Hence why I asked if someone could test one of the desktop variant jaguar cpus

Yes, you’re right, I missed the ARM A75 design… Apple has confirmed that all current iOS devices are affected by Spectre AND Meltdown except for the Apple Watch, and those iOS devices all use ARM designs.

The POWER4+ design is definitely affected by Spectre as is the PPC970 aka G5 due to speculative execution and the type of branch prediction they’ve implemented. I didn’t know that the Power6 made things so differently. Anyhow, IBM also confirmed that POWER7+, POWER8 and POWER9 systems are indeed vulnerable.

I wonder how Itanium is not affected at all. What does IA-64 different compared to the other modern architectures? AFAIK Itanium is also a RISC design. Is it because predictive branches have to be known when compiling the code beforehand, hence it isn’t relying on speculation in the same manner as the other designs?

Also I wonder how AMD Zen Memory Encryption could be used to harden a system against this type of vulnerability and if it would have a negative performance impact. But I think this is something the future will show… I fear it won’t work because SME/SEV is made for virtualization, not for native running systems, hence it would cause other issues, meaning incompatibilities, meaning instabilities and performance loss… Nightmare…

1 Like

A quick search on my end resulted in this document about Itanium 2

The Itanium 2 processor designers took advantage of explicit parallelism to design an in-order, six-instruction-issue, parallel-execution pipeline.

These structures include the instruction buffer, which decouples the front end, where instruction fetch and branch prediction occur, from the back end, where instructions are dispersed and executed.

So, in-order execution but with branch prediction; I’m forgetting if out-of-order is needed for Spectre/Meltdown or not, but the branch prediction sounds like its normal, the “explicit parallelism” is what needs to be compiled for and takes the place of out-of-order execution.

So, in theory, Intel could try to expand on the Itanium 2 architecture to create a modern Spectre/Meltdown proof CPU?
I really wonder how these issues are going to effect the mainstream CPU market. Probably will effect server CPU’s first I imagine, but maybe other CPU companies might take advantage of this and somehow make it into home PC’s again, like Texas Instruments maybe?

1 Like

Sure, intel would LOVE that

then its a complete monopoly with amd not getting a look in.

I just hope they make them compatible with LGA 1151 sockets if they do decide to go that route. It would really suck to have to replace both the CPU and the motherboard on my new desktop

You are aware that itanium is not x86 compatible?

It’s the reason the industry chose amd64 over itanium in the first place.

2 Likes

Ah, I see. Would they be able to make Itanium 64 bit or would they be limited to 32 bit?

Itanium is 64bit. Its just IA64 instead of amd64.
And the architectural redesigns required to make that work, mean its easier to just build a new CPU.

Also Itanium is crazy power hungry. Double what standard Intel x86 uses at ~2.4ish GHz.

Here are intels latest 2017 itaniums.