back to article Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign

A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug. Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes …

  1. MysteryGuy

    Does Windows 7 have PCID optimization?

    Is PCID supported for Windows 7? I've updated two Windows 7 systems on CPUs that claim to have both PCID and INVPCID support, but that support doesn't show as enabled.

    I used the Powershell 5.1 Get-SpeculationControlSettings function to check. (See https://support.microsoft.com/en-hk/help/4073119/guide-to-protect-against-speculative-execution-side-channel-vulnerabil ).

    "Speculation control settings for CVE-2017-5754 [rogue data cache load]

    Hardware requires kernel VA shadowing: True

    Windows OS support for kernel VA shadow is present: True

    Windows OS support for kernel VA shadow is enabled: True

    Windows OS support for PCID optimization is enabled: False

    Suggested actions

    ...

    BTIHardwarePresent : False

    BTIWindowsSupportPresent : True

    BTIWindowsSupportEnabled : False

    BTIDisabledBySystemPolicy : False

    BTIDisabledByNoHardwareSupport : True

    KVAShadowRequired : True

    KVAShadowWindowsSupportPresent : True

    KVAShadowWindowsSupportEnabled : True

    KVAShadowPcidEnabled : False"

    I booted Mobile Windows 10 on one of these systems, and under Windows 10 it does show

    "Windows OS support for PCID optimization is enabled: True".

    So, I was wondering if they've omitted PCID optimization under Windows 7.

  2. anonymous boring coward Silver badge

    I would hate to defend Intel, but let's face it, most of our performance hits so far have been thanks to the WWW and browsers allowing lot's of sh*t (see: Google). Spying and tracking costs massive amounts of cycles, and irritating latencies.

  3. rpark
    Alert

    Unleashed

    ...and we're all still waiting for the power of the Pentium to be 'unleashed'.

  4. EnternalOptimist

    Boffins?

    Great article, even though it's going to cause a lot of nuisance work for me. Never heard of the word "Boffins" before. Apparently it's British, but now I can use it on my nerdy friends here in the US. They will claim offense, but none should be taken!

  5. Brabus
    IT Angle

    2 vulnerabilities down, how many more to go?

    The question now is?

    1>Will new chips be vulnerable?

    2>When will we get new chips woyout the vulnerabilty?

    3>When to buy your new PC, as if your like me I just cancelled the order of my new iMac.

    How much more can we take? It's all getting a bit boring!

  6. stefanreich2

    What if we stopped running untrusted code? It's possible.

  7. Anonymous Coward
    Anonymous Coward

    Can we stop running speculatively running that code though?

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2018