Another SMT side-channel attack has been discovered, allowing the extraction of OpenSSL keys from Intel Skylake and Kaby Lake processors. Researchers speculate that Ryzen might also be affected, but have not confirmed.
“This is the main reason we released the exploit – to show how reproducible it is,” Brumley told us, “and help to kill off the SMT trend in chips. Security and SMT are mutually exclusive concepts,” he added. “I hope our work encourages users to disable SMT in the BIOS or choose to spend their money on architectures not featuring SMT.”
I don’t care what anyone else says, but this makes the i7-9700K look really enticing. Natively no SMT, and can clock to 5Ghz with an overclock to regain performance.
Zen 2 with 12 SMT-less cores is actually still a great deal too.
But that doesn’t exist yet, and we don’t know that it will. Let’s also focus on keeping this about the security flaws rather than turning this into AMD vs Intel already. I’d like to at least try to have a productive discussion.
High IPC with +8 physical cores without SMT already is good enough for most people, since SMT only realistically gains 15-25% performance. The 9700K with the ability to single core Cinebench above 200 is already really impressive.
For core limited VMs, it makes a little sense to squeeze a little more for performance, but as you said, if the trend is only upward for physical core counts on non-HEDT platforms, SMT in practice bare metal will start to go on a downward trend.
Well, I’m only thinking on consumer systems. SMT is absolutely a requirement on enterprise systems. We need extra threads for IO and over provisioned VM hosts and host operations, etc… SMT is nice because it allows the kernel to weave that stuff into the normal execution of the VMs, so it doesn’t interrupt them too much.
Can I do something other than disable SMT? It sounds like a similar vulnerability can also be possible on the Zen architecture or am I wrong about that?
My read on this is that they happened to target TLS keys in this particular exploit and that specific application hardened against it, but that any memory shared on the same CPU through SMT is ultimately vulnerable because timing attacks are unavoidable by design. This is why OpenBSD stopped supporting SMT period.
Well no, not really. Unless you host a bunch of VMs for third parties or run on shared infrastructure, this really isn’t a big deal.
Both google cloud and azure “Hyperclear” have mitigations against this as well. They essentially fence off VMs so they’re all running on physical cores. It’s not entirely clear how that’s different from just plain disabling SMT-- I guess their VM host can still use SMT.
Yeah, I’m not doing anything like that. The public facing stuff is mostly my Nextcloud instance and a small webpage. But I also have a tool for scraping web pages. One thing I can’t avoid is running some JavaScript. It’s not running stuff from obscure sites but you never know.
I have to read up on that, what you are describing there sounds like pure magic to me .