[Beowulf] [upgrade strategy] Intel CPU design bug & security flaw - kernel fix imposes performance penalty
hearnsj at googlemail.com
Sat Jan 6 03:05:35 PST 2018
Disabling branch prediction - that in itself will have an effect on
One thing I read about the hardware is that the table which holds the
branch predictions is shared between processes running on the same CPU core.
That is part of the attack process - the malicious process has knowledge of
what the 'sharing' process will branch to.
I float the following idea - perhaps this reinforces good practice for
running HPC codes. Meaning cpusets and process pinning,
which we already do for reasons of performance and for better resource
I expose my ignorance here, and wonder if we will see more containerised
workloads, which are strictly contained within their own memory space.
I then answer myself by saying I am talking nonsense, because the kernel
routines need to be run somewhere and this exploit is all about being able
areas of memory which you should not be able to do by speculatively running
some instructions and capturing what effect they have.
And ""their own memory space" is within virtual memory.
On 6 January 2018 at 02:26, Christopher Samuel <chris at csamuel.org> wrote:
> On 06/01/18 12:00, Gerald Henriksen wrote:
> For anyone interested this is AMD's response:
> Cool, so variant 1 is likely the one that SuSE has firmware for to
> disable branch prediction on Epyc.
> Chris Samuel : http://www.csamuel.org/ : Melbourne, VIC
> Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing
> To change your subscription (digest mode or unsubscribe) visit
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Beowulf