Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
AMD Bug Linux

T2 Linux Discovers (Now Patched) AMD Zen 4 Invalid Opcode Speculation Bug (youtube.com) 13

T2 SDE is not just a Linux distribution, but "a flexible Open Source System Development Environment or Distribution Build Kit," according to a 2022 announcement of its support for 25 CPU architectures, variants, and C libraries. ("Others might even name it Meta Distribution. T2 allows the creation of custom distributions with state of the art technology, up-to-date packages and integrated support for cross compilation.")

And while working on it, Berlin-based T2 Linux developer René Rebe (long-time Slashdot reader ReneR) discovered random illegal instruction speculation on AMD Ryzen 7000-Series and Epyc Zen 4 CPU.

ReneR writes: Merged to Linux 6.6 Git is a fix for the bug now known at AMD as Erratum 1485.

The discovery was possible through continued high CPU load cross-compiling the T2 Linux distribution with support for all CPU architectures from ARM, MIPS, PowerPC, RISC-V to x86 (and more) for 33 build variants. With sustained high CPU load and various instruction sequences being compiled, pseudo random illegal instruction errors were observed and subsequently analyzed.

ExactCODE Research GmbH CTO René Rebe is thrilled that working with AMD engineers lead to a timely mitigation to increase system stability of the still new and highest performance Zen4 platform.

"I found real-world code that might be similar or actually trigger the same bugs in the CPU that are also used for all the Spectre Meltdown and other side-channel security vulnerability mitigations," Rebe says in a video announcement on YouTube.

It took Rebe a tremendous amount of research, and he says now that "all the excessive work changed my mind. Mitigations equals considered harmful... If you want stable, reliable computational results — no, you can't do this. Because as Spectre Meltdown and all the other security issues have proven, the CPUs are nowadays as complex as complex software systems..."
This discussion has been archived. No new comments can be posted.

T2 Linux Discovers (Now Patched) AMD Zen 4 Invalid Opcode Speculation Bug

Comments Filter:
  • What does that mean? Is it a grammatical error?

    • Re: (Score:3, Informative)

      by flynnieous ( 1542191 )
      It's an allusion to the Turing award winning computer scientist Edsger Dijkstra's letter "'Go to' considered harmful" which detailed the many problems inherent in the use of the goto command when programming. "Goto" as such has largely been eliminated from most modern programming languages.
      • by HBI ( 10338492 )

        Goto is still technically there. Just effectively hidden from the noobs. Even those languages that eliminated it, someone wrote a module generally that reimplements it. I'm hard pressed to identify an instruction set (even a p-code interpreter) that doesn't have an unconditional jump within it, so the potential is always there via inlined assembly or an external library if inlining is not possible.

        It's actually useful in some cases. Without question, Djikstra had a point. Actual spaghetti code was unre

    • by youn ( 1516637 )

      The whole sentence seems like an exercise in linguistic puzzles... IMHO, a lot of cut and paste while doing something else at the same time

    • Someone has set us up the bomb.

    • What does that mean? Is it a grammatical error?

      I expect what it means is - his native language is German. And while his English may not be perfect, it is far, far better than my German.

    • He means you can't design a CPU with a bunch of wild OOE branches that you don't have a good handle on and then whenever somebody discovers an exploit just issue an OS mitigation for that particular case.

      A CPU that doesn't speculate as much would be considerably slower and much more secure.

      The cool thing is with RISC-V somebody could test this market - disable most OOE, mask it out, and see how many buyers you can find. Lots of embedded and industrial control systems would be happy to have the option.

      And T2

      • by tlhIngan ( 30335 )

        The cool thing is with RISC-V somebody could test this market - disable most OOE, mask it out, and see how many buyers you can find.

        No you can't. RISC-V is just an ISA. Implement the (mandatory) integer core and you can call it RISC-V officially.

        There are no official RISC-V implementations - there are various open-source implementations but that's just like saying there are TTL implementations of it as well (yes, there's a TTL implementation of RISC-V using standard 74xx chips).

        You do not buy a RISC-V desi

Never test for an error condition you don't know how to handle. -- Steinbach

Working...