New PortSmash vulnerability allows extraction of OpenSSL keys on Intel, possibly AMD CPUs

Another SMT side-channel attack has been discovered, allowing the extraction of OpenSSL keys from Intel Skylake and Kaby Lake processors. Researchers speculate that Ryzen might also be affected, but have not confirmed.

“This is the main reason we released the exploit – to show how reproducible it is,” Brumley told us, “and help to kill off the SMT trend in chips. Security and SMT are mutually exclusive concepts,” he added. “I hope our work encourages users to disable SMT in the BIOS or choose to spend their money on architectures not featuring SMT.”

1 Like

I don’t care what anyone else says, but this makes the i7-9700K look really enticing. Natively no SMT, and can clock to 5Ghz with an overclock to regain performance.

Zen 2 with 12 SMT-less cores is actually still a great deal too.

1 Like

Four days

But that doesn’t exist yet, and we don’t know that it will. Let’s also focus on keeping this about the security flaws rather than turning this into AMD vs Intel already. I’d like to at least try to have a productive discussion.

2 Likes

High IPC with +8 physical cores without SMT already is good enough for most people, since SMT only realistically gains 15-25% performance. The 9700K with the ability to single core Cinebench above 200 is already really impressive.

I’m starting to agree that SMT isn’t really as needed in these high core count systems. I think it’s worth having as an option though.

For core limited VMs, it makes a little sense to squeeze a little more for performance, but as you said, if the trend is only upward for physical core counts on non-HEDT platforms, SMT in practice bare metal will start to go on a downward trend.

Well, I’m only thinking on consumer systems. SMT is absolutely a requirement on enterprise systems. We need extra threads for IO and over provisioned VM hosts and host operations, etc… SMT is nice because it allows the kernel to weave that stuff into the normal execution of the VMs, so it doesn’t interrupt them too much.

## Fix

Disable SMT/Hyper-Threading in the bios

Upgrade to OpenSSL 1.1.1 (or >= 1.1.0i if you are looking for patches)

I’m a little confused here. Do you need to disable HT and upgrade OpenSSL, or are either of these effective on their own?

If it’s just a matter of updating OpenSSL, then it’s not so bad.

1 Like

From what it sounds, it’s like the person had a personal reason to include the SMT statement. Read over it and try to spot the opinion vs fact.

2 Likes

Yeah, sounds like they’re just exploiting flaws in openssl on systems with SMT here.

Not quite a hardware flaw, but hardware flaws get clicks these days.

1 Like

THIS JUST IN: OPENSSL RELEASES SECURITY UPDATE

It does make me want to revisit configuring a libressl reverse proxy in openbsd…

2 Likes

To everyone that knows how this works.

Can I do something other than disable SMT? It sounds like a similar vulnerability can also be possible on the Zen architecture or am I wrong about that?

It looks like updating/patching OpenSSL will fix it.

No need to disable SMT. (from my understanding of the problem, that is)

hmmm…

It sounds like this would only work for this specific exploit and potentially not others or am I reading too much into this?

My read on this is that they happened to target TLS keys in this particular exploit and that specific application hardened against it, but that any memory shared on the same CPU through SMT is ultimately vulnerable because timing attacks are unavoidable by design. This is why OpenBSD stopped supporting SMT period.

3 Likes

Yeah, I’ve read that. Seems like I have to restructure my home server setup. (that’s going to be a pain)

Well no, not really. Unless you host a bunch of VMs for third parties or run on shared infrastructure, this really isn’t a big deal.

Both google cloud and azure “Hyperclear” have mitigations against this as well. They essentially fence off VMs so they’re all running on physical cores. It’s not entirely clear how that’s different from just plain disabling SMT-- I guess their VM host can still use SMT.

1 Like

If you’re willing to deal with the risk, you can re-enable SMT via hw.smt (according to this email)

Other Architectures

marcan42 on Twitter was saying that this will also affect other architectures, including my beloved POWER chips:

If you too are curious about potential for this kind of exploit on Power, I’m trying to get a response from IBM and Raptor here:


Are there any ARM chips using SMT?

2 Likes

Yeah, I’m not doing anything like that. The public facing stuff is mostly my Nextcloud instance and a small webpage. But I also have a tool for scraping web pages. One thing I can’t avoid is running some JavaScript. It’s not running stuff from obscure sites but you never know.

I have to read up on that, what you are describing there sounds like pure magic to me :grin:.

Edit: thanks for the links @Ruffalo and @olddellian :+1: