Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > AMD CPU and Platfrom Discussion Episode IV: A New Hope is Ryzen
 
  • Post
  • Reply
Wiggly Wayne DDS
Sep 11, 2010



 since there's a ton of misinformation going around:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5aa90a84589282b87666f92b6c3c917c8080a9bf
code:
 /*
- * User space process size. 47bits minus one guard page.  The guard
- * page is necessary on Intel CPUs: if a SYSCALL instruction is at
- * the highest possible canonical userspace address, then that
- * syscall will enter the kernel with a non-canonical return
- * address, and SYSRET will explode dangerously.  We avoid this
- * particular problem by preventing anything from being mapped
- * at the maximum canonical address.
+ * User space process size.  This is the first address outside the user range.
+ * There are a few constraints that determine this:
+ *
+ * On Intel CPUs, if a SYSCALL instruction is at the highest canonical
+ * address, then that syscall will enter the kernel with a
+ * non-canonical return address, and SYSRET will explode dangerously.
+ * We avoid this particular problem by preventing anything executable
+ * from being mapped at the maximum canonical address.
+ *
+ * On [b]AMD CPUs in the Ryzen family[/b], there's a nasty bug in which the
+ * CPUs malfunction if they execute code from the highest canonical page.
+ * They'll speculate right off the end of the canonical space, and
+ * bad things happen.  This is worked around in the same way as the
+ * Intel problem.
+ *
+ * With page table isolation enabled, we map the LDT in ... [stay tuned]
  */
also not sure where people are getting the thursday disclosure from unless it's been brought forward, it's meant to be announced friday

* # ¿ Jan 2, 2018 23:55
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 14, 2024 07:50
  • Quote
Wiggly Wayne DDS
Sep 11, 2010

repiv posted:

There's a bunch of reports on Reddit saying Window's Meltdown mitigation is not enabled on AMD systems so there should be no difference.
yeah take all of that with a grain of salt as there's steps required to activate the mitigations:

https://twitter.com/GossiTheDog/status/948833769963900929

essentially don't trust any benchmarks as there's too many ways for them to gently caress up and misinform people atm

* # ¿ Jan 4, 2018 18:37
  • Quote
Wiggly Wayne DDS
Sep 11, 2010

dont be mean to me posted:

You misread his tweet, and he may have misread the article.

Windows Update needs to know that the antivirus isn't going to take down the entire system with that patch. This happens because some antivirus vendors are worse actors than virus makers are. Until it can determine that it won't deploy the patch. Since Windows 8 and 10 come with Windows Defender, the average user is going to get the patch.

Windows 7 and Server 2008 R2 users have to have a registry key set because Windows Update on a client that old needs a registry key to know things because it can't go examine the antivirus on its own. Microsoft Security Essentials exist but isn't the default (Windows 7 still ships without built-in antivirus), so things could get interesting.

That this leaves Windows 7 users with no antivirus out in the cold isn't something I'm going to lose much sleep over.
No I didn't misread the tweet and he understood the article. Defender users are covered, but I doubt benchmarkers are following good security practices and just want to rush out benchmarks to get early hits.

* # ¿ Jan 4, 2018 19:38
  • Quote
Wiggly Wayne DDS
Sep 11, 2010

Paul MaudDib posted:

Catching up on this:
please stop embarrassing yourself. none of those people have credibility in the security industry and look how many have quietly said they were paid or know cts-labs (which no one in sec has)

* # ¿ Mar 14, 2018 08:22
  • Quote
Wiggly Wayne DDS
Sep 11, 2010

Alpha Mayo posted:

Lol. You are so loving retarded. You called this a "serious escalation exploit" when this involves no exploit allowing for escalation, considering root access at metal level is a prerequisite to even attempting it.

You have no idea what you are talking about.. And your linked vulnerabilities were vulnerabilities because they worked in conjunction with vulnerabilities with AMT allowing for bypassing authorization.
there are more layers of access at 'bare metal' than you're willing to acknowledge or you're just unaware, it's hard to tell at this stage.

chaining vulnerabilities exists, but context is key to defining the risk and there are very constrained privilege escalation issues mentioned. that the prereq is higher than a regular user doesn't stop these from being escalation issues to address

* # ¿ Mar 22, 2018 12:29
  • Quote
Wiggly Wayne DDS
Sep 11, 2010



 /from/ $699. also bundled with DMC5, RE2 and Div2. when was the last time a gpu flagship released with 3 new titles at once?

i thought i misheard but nope all 3

* # ¿ Jan 9, 2019 19:06
  • Quote
Wiggly Wayne DDS
Sep 11, 2010



 the liquid metal solution was known to be in the pipeline for a few years on paper, and it's not something you can knock together to cover a design thermal issue. the work involved in making this practical at the scale they're operating at has been glossed over by the tech media at large imo

* # ¿ Aug 29, 2021 13:58
  • Quote
Wiggly Wayne DDS
Sep 11, 2010

gradenko_2000 posted:

https://videocardz.com/newz/amd-ryzen-7000-mobile-series-now-confirmed-to-feature-zen4-zen3-and-zen2-cpus

what the gently caress, AMD!
oh if you're surprised by that then you missed AMD give out a decoder wheel to press for their upcoming mobile series a month ago:
https://www.youtube.com/watch?v=MipuN4RU4m8

* # ¿ Oct 14, 2022 11:27
  • Quote
Wiggly Wayne DDS
Sep 11, 2010

Subjunctive posted:

If I’m upgrading from 5800X3D, I don’t have to worry about the “contamination” of AMD drivers that the GN video found when switching from the 7950X3D, right?

I’m ready.
it sounded like an issue that'd only affect reviewers jumping around the 7-series x3d cpus on a single setup

* # ¿ Apr 5, 2023 17:07
  • Quote
Wiggly Wayne DDS
Sep 11, 2010



 what raised my eyebrow in their first statement and hasn't been improved in that clarification are their implications about simulation and ui logic not being entirely decoupled with priority given to the ui...

it's impressive to look at this release compared to cities skylines 1's release against sim city loving everything up, i presume they've had a complete change in employees since then

* # ¿ Oct 25, 2023 17:30
  • Quote
Adbot
ADBOT LOVES YOU

# ¿ May 14, 2024 07:50
  • Quote
Wiggly Wayne DDS
Sep 11, 2010

Klyith posted:

AFAIK none of the discovered UEFI rootkits were from the supply chain. They were post install, leveraging smaller compromises into Advanced Persistent Threats. It's about security, you're just wrong.
lol

* # ¿ Mar 14, 2024 15:38
  • Quote
  • 1
  • 2
  • 3
  • 4
  • 5
  • Post
  • Reply
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > AMD CPU and Platfrom Discussion Episode IV: A New Hope is Ryzen