Subject: Processors | January 22, 2018 - 09:40 PM | Scott Michaud
Tagged: spectre, meltdown, Intel
A couple of weeks ago, Intel acknowledged reports that firmware updates for Spectre and Meltdown resulted in reboots and other stability issues. At the time, they still suggested that end-users should apply the patch regardless. They have since identified the cause and their recommendation has changed: OEMs, cloud service providers, system manufacturers, software vendors, and end users should stop deploying the firmware until a newer solution is released.
The new blog post also states that an early version of the updated patch has been created. Testing on the updated firmware started over the weekend, and it will be published shortly after that process has finished.
According to their security advisory, another patch that solved both Spectre 1 and Meltdown did not exhibit stability and reboot issues. This suggests that something went wrong with the Spectre 2 mitigation, which could be a fun course of speculation for tea-leaf readers to guess what went wrong in the patch. Ultimately, it doesn’t matter, though, because new code will be available soon.
Subject: Motherboards, Processors | January 19, 2018 - 01:39 PM | Sebastian Peak
Tagged: small form-factor, SFF, pentium, motherboard, mini ITX, Intel Pentium Silver, Intel, integrated CPU, gigabyte, gemini lake, fanless, embedded, celeron
GIGABYTE has announced motherboards for the new Gemini Lake platform featuring built-in Intel Pentium Silver and Intel Celeron processors. These fanless J/N series motherboards also offer the company's trademark "Ultra Durable" components and customizable performance settings.
As to the Gemini Lake platform, here are some of the details as reported by CNXSoft at last month's CPU launch:
"The models include two Pentium Silver quad core processor with N5000 for mobile, J5005 for desktop, and four Celeron dual/quad core processors with N4000 & N4100 for mobile, and Celeron J4005 & J4105 for desktop.
All processors share the same 4MB cache which will help with performance improvement, and dual channel DDR4-2400, LPDDR4-2400 memory. Pentium processors come with Intel UHD Graphics 605 clocked up to 750/800 MHz, and Celeron processors are instead equipped with UHD Graphics 600 up to 650/750 MHz which the exactly frequency depending on model."
Image credit: CNXSoft
"[our] newest J/N series motherboards utilize a fanless cooling solution and the built-in Intel Gemini Lake processors make them perfect for compact, mainstream builds. The motherboards support HDMI 2.0 4K at 21:9 resolution for high definition video quality. Integrated PCIe Gen2 x2 M.2 slots supporting high speed NVMe SSD allows for fast data transfer speeds. The board's native Intel WIFI via the M.2 Connector along with an independently sold Intel CNVi wireless networking solution can make way for impressive wireless connectivity exceeding 1 gigabit per second, traditionally found in wired connections. Additionally, its support for M.2 SATA SSD, UDIMM DDR4 modules rated for 2400MHz, and noise free configurations makes it a perfect option for school, business, and home usage."
Pricing and availability were not specified in the press release (full PR after the break).
Subject: Processors | January 18, 2018 - 01:17 PM | Sebastian Peak
Tagged: update, spectre, security, restart, reboot, processor, patch, meltdown, Intel, cpu
The news will apparently get worse before it gets any better for Intel, as the company updated their security recommendations for the Spectre/Meltdown patches for affected CPUs to address post-patch system restart issues. Specifically, Intel notes that issues may be introduced in some configurations with the current patches, though the company does not recommend discontinued use of such updates:
" Intel recommends that these partners, at their discretion, continue development and release of updates with existing microcode to provide protection against these exploits, understanding that the current versions may introduce issues such as reboot in some configurations".
Image credit: HotHardware
The recommendation section of the security bulletin, updated yesterday (January 17, 2018), is reproduced below:
- Intel has made significant progress in our investigation into the customer reboot sightings that we confirmed publicly last week
- Intel has reproduced these issues internally and has developed a test method that allows us to do so in a predictable manner
- Initial sightings were reported on Broadwell and Haswell based platforms in some configurations. During due diligence we determined that similar behavior occurs on other products including Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake based platforms in some configurations
- We are working toward root cause
- While our root cause analysis continues, we will start making beta microcode updates available to OEMs, Cloud service providers, system manufacturers and Software vendors next week for internal evaluation purposes
- In all cases, the existing and any new beta microcode updates continue to provide protection against the exploit (CVE-2017-5715) also known as “Spectre Variant 2”
- Variants 1 (Spectre) and Variant 3 (Meltdown) continue to be mitigated through system software changes from operating system and virtual machine vendors
- As we gather feedback from our customers we will continue to provide updates that improve upon performance and usability
Intel recommendations to OEMs, Cloud service providers, system manufacturers and software vendors
- Intel recommends that these partners maintain availability of existing microcode updates already released to end users. Intel does not recommend pulling back any updates already made available to end users
- NEW - Intel recommends that these partners, at their discretion, continue development and release of updates with existing microcode to provide protection against these exploits, understanding that the current versions may introduce issues such as reboot in some configurations
- NEW - We further recommend that OEMs, Cloud service providers, system manufacturers and software vendors begin evaluation of Intel beta microcode update releases in anticipation of definitive root cause and subsequent production releases suitable for end users
Intel recommendations to end users
- Following good security practices that protect against malware in general will also help protect against possible exploitation until updates can be applied
- For PCs and Data Center infrastructure, Intel recommends that patches be applied as soon as they are available from your system manufacturer, and software vendors
- For data center infrastructure, Intel additionally recommends that IT administrators evaluate potential impacts from the reboot issue and make decisions based on the security profile of the infrastructure
Intel has worked with operating system vendors, equipment manufacturers, and other ecosystem partners to develop software updates that can help protect systems from these methods. End users and systems administrators should check with their operating system vendors and apply any available updates as soon as practical.
The full list of affected processors from Intel's security bulletin follows:
- Intel® Core™ i3 processor (45nm and 32nm)
- Intel® Core™ i5 processor (45nm and 32nm)
- Intel® Core™ i7 processor (45nm and 32nm)
- Intel® Core™ M processor family (45nm and 32nm)
- 2nd generation Intel® Core™ processors
- 3rd generation Intel® Core™ processors
- 4th generation Intel® Core™ processors
- 5th generation Intel® Core™ processors
- 6th generation Intel® Core™ processors
- 7th generation Intel® Core™ processors
- 8th generation Intel® Core™ processors
- Intel® Core™ X-series Processor Family for Intel® X99 platforms
- Intel® Core™ X-series Processor Family for Intel® X299 platforms
- Intel® Xeon® processor 3400 series
- Intel® Xeon® processor 3600 series
- Intel® Xeon® processor 5500 series
- Intel® Xeon® processor 5600 series
- Intel® Xeon® processor 6500 series
- Intel® Xeon® processor 7500 series
- Intel® Xeon® Processor E3 Family
- Intel® Xeon® Processor E3 v2 Family
- Intel® Xeon® Processor E3 v3 Family
- Intel® Xeon® Processor E3 v4 Family
- Intel® Xeon® Processor E3 v5 Family
- Intel® Xeon® Processor E3 v6 Family
- Intel® Xeon® Processor E5 Family
- Intel® Xeon® Processor E5 v2 Family
- Intel® Xeon® Processor E5 v3 Family
- Intel® Xeon® Processor E5 v4 Family
- Intel® Xeon® Processor E7 Family
- Intel® Xeon® Processor E7 v2 Family
- Intel® Xeon® Processor E7 v3 Family
- Intel® Xeon® Processor E7 v4 Family
- Intel® Xeon® Processor Scalable Family
- Intel® Xeon Phi™ Processor 3200, 5200, 7200 Series
- Intel® Atom™ Processor C Series
- Intel® Atom™ Processor E Series
- Intel® Atom™ Processor A Series
- Intel® Atom™ Processor x3 Series
- Intel® Atom™ Processor Z Series
- Intel® Celeron® Processor J Series
- Intel® Celeron® Processor N Series
- Intel® Pentium® Processor J Series
- Intel® Pentium® Processor N Series
We await further updates and developments from Intel, system integrators, and motherboard partners.
Subject: Processors | January 8, 2018 - 07:24 PM | Jeremy Hellstrom
Tagged: meltdown, security, linux, nvidia
Thanks to a wee tech conference going on, performing a wide gamut of testing of the effect of the Meltdown patch is taking some time. Al has performed benchmarks focusing on the performance impact the patch has on your storage subsystem, which proved to be very minimal. Phoronix are continuing their Linux testing, the latest of which focuses on the impact the patch has on NVIDIA GPUs, specifically the GTX 1060 and GTX 1080 Ti. The performance delta they see falls within measurement error levels; in other words there is no measurable impact after the patch was installed. For now it seems the most impact this patch has is for scientific applications and hosting providers which use select high I/O workloads and large amounts of virtual machines. For now the cure to Meltdown is nowhere near as bad as what it protects against for most users ... pity the same cannot be said for Spectre.
"Earlier this week when news was still emerging on the "Intel CPU bug" now known as Spectre and Meltdown I ran some Radeon gaming tests with the preliminary Linux kernel patches providing Kernel Page Table Isolation (KPTI) support. Contrary to the hysteria, the gaming performance was minimally impacted with those open-source Radeon driver tests while today are some tests using the latest NVIDIA driver paired with a KPTI-enabled kernel."
Here are some more Processor articles from around the web:
- Patched Desktop PC: Meltdown & Spectre Benchmarked @ Techspot
- Benchmarking Linux With The Retpoline Patches For Spectre @ Phoronix
- Battle of the 16-cores: Intel’s Core i9-7960X vs. AMD’s Threadripper 1950X @ Techgage
Subject: Processors | January 8, 2018 - 12:00 AM | Jim Tanous
Tagged: Threadripper, ryzen, processor, price cut, cpu, CES 2018, CES, amd
AMD announced today a price drop for most of its Ryzen processor lineup, making the company's multi-core-focused parts even more competitive to Intel in terms of cost-to-performance. While not every Ryzen and Threadripper processor is seeing a price reduction, many parts are being reduced by up to 30 percent.
|Processor||Cores/Threads||Previous SEP||New SEP||Percent Reduction|
|Ryzen 7 1800X||8/16||$499||$349||-30.1%|
|Ryzen 7 1700X||8/16||$399||$309||-22.5%|
|Ryzen 7 1700||8/16||$329||$299||-9.1%|
|Ryzen 5 1600X||6/12||$249||$219||-12.0%|
|Ryzen 5 1600||6/12||$219||$189||-13.7%|
|Ryzen 5 1500X||4/8||$189||$174||-7.9%|
|Ryzen 5 2400G||4/8||$169||N/A|
|Ryzen 3 1300X||4/4||$129||$129||N/A|
|Ryzen 3 2200G||4/4||$99||N/A|
Note also in the price chart the new "G" series Ryzen APUs with integrated Radeon Vega graphics. Check pcper.com for more info on this new part.
Some of the new prices are already reflected, and in some cases reduced further, at retailers like Amazon.
To determine the new prices, AMD performed comparative price testing with its online retail partners last quarter, and determined that these new prices were the best balance between performance and value.
With second generation Ryzen processors not scheduled to launch until later this spring, the price drop not only helps AMD move existing inventory, it also keeps the company at the top of enthusiasts' minds in the midst of the fallout around the recent processor security issues, one of which primarily affects Intel processors.
Subject: Processors | January 8, 2018 - 12:00 AM | Ryan Shrout
Tagged: Zen+, Zen, ryzen 2000, ryzen, CES 2018, CES, amd
During AMD’s CES 2018 Tech Day, CEO Lisa Su announced the plans for the second-generation Ryzen processor roll-out in April. This is the revised design that has been rumored for months, with a process technology change and slight tweaks to features.
Details are expectantly short, but what we know is that these parts will move from a 14nm process technology to 12nm from GlobalFoundries. AMD is calling the design “Zen+” and this is NOT Zen 2 – that is coming next year. You should expect higher clocks for Ryzen 2000-series processors and improvements to Precision Boost that will enable more consistent and gradual clock speed shifts in workloads of interesting like gaming.
Also on the roadmap now are updated Threadripper processors with the same “Zen+” enhancements, coming out in 2H of 2018.
The great news for enthusiasts that have already bought into AMD’s current generation platform is existing motherboards will support this processor update, as long as you have the associated BIOS. Motherboards are already being updated today for the channel (to support the Ryzen APU launch) so there should be little concern with compatibility come April.
However, there IS a new chipset coming with “Zen+”, the AMD X470. Information on it is also slim, but it includes some optimizations and fixes. AMD had growing pains with the initial set of motherboard releases including power concerns and routing issues, both of which are addressed with the new design.
That’s all we know for now, but I am excited to get my hands on the Ryzen second-generation processors this spring to see how much performance and behavior has changed. Intel has definitely changed the landscape since Ryzen’s first release in March of 2017, so enthusiasts should welcome the back and forth competition cycle once again.
Subject: Processors | January 8, 2018 - 12:00 AM | Ryan Shrout
Tagged: Zen, Vega, ryzen, CES 2018, CES, APU, amd, 2400G, 2200G
Though AMD might not use the term APU anymore, that’s what we are looking at today. The Ryzen + Vega processor (single die implementation, to be clear) for desktop solutions will begin shipping February 12 and will bring high-performance integrated graphics to low cost PCs. Fully titled the “AMD Ryzen Desktop Processor with Radeon Vega Graphics”, this new processor will utilize the same AM4 socket and motherboards that have been shipping since March of 2017. Finally, a good use for those display outputs!
Though enthusiasts might have little interest in these parts, it is an important step for AMD. Building a low-cost PC with a Ryzen CPU has been difficult due to the requirement of a discrete graphics card. Nearly all of Intel’s processors have integrated graphics, and though we might complain about the performance it provides in games, the truth is that the value of not needing another component is crucial for reducing costs.
Without an APU that had both graphics and the company’s greatly improved Zen CPU architecture, AMD was leaving a lot of potential sales on the table. Also, the market for entry-level gaming in small form factor designs is significant.
Two models will be launching: the Ryzen 5 2400G and Ryzen 3 2200G. Clock speeds are higher than what exists on the Ryzen 5 1400 and Ryzen 3 1200 and match the core and thread count. The 2400G includes 11 Compute Units (704 stream processors) and the 2200G has 8 CUs (512 stream processors). The TDP of both is 65 watts.
The pricing configuration gives AMD some impressive placement. The $169 Ryzen 5 2400G will offer much better graphics performance than the $30 more expensive Core i5-8400 (based on current pricing) and has equivalent performance to the $100+ higher Core i5-8400 and NVIDIA GT 1030 discrete solution.
When looking at CPU performance, the new Ryzen processors offer higher scores than the units they are replacing. They do this while adding Vega graphics capability and matching or lower prices.
AMD even went as far to show the overclocking headroom that the Ryzen APU can offer. During an on-site demo we saw the Ryzen 5 2400G improve its 3DMark score by 39% with memory frequency and GPU clock speed increases. Moving the GPU clock from ~1100 MHz to 1675 MHz will mean a significant increase in power consumption, and I do question the size of the audience that wants to overclock an APU. Still – cool to see!
The Ryzen CPU with Vega graphics is a product we all expected to see, it’s the first perfect marriage of AMD’s revitalized CPU division and its considerable advantage in integrated graphics. It has been a long time since one of AMD’s APUs appeared interesting to me and stoked my desire to build a low-cost, mainstream gaming build. Looks for reviews in just a few short weeks!
The end of the world as we know it?
A surprise to most in the industry that such a thing would really occur, AMD and Intel announced in November a partnership that would bring Radeon graphics to Intel processors in 2018. The details were minimal at the time, and only told us specifics of the business relationship: this was a product purchase and not a license, no IP was changing hands, this was considered a semi-custom design for the AMD group, Intel was handling all the integration and packaging. Though we knew that the product would use HBM2 memory, the same utilized on the RX Vega products released last year, it was possible that the “custom” part was a Polaris architecture that had been retrofitted. Also, details of the processor side of this technology was left a mystery.
Today we have our answers and our first hands-on with systems utilizing what was previously known as Kaby Lake-G and what is now officially titled the “8th Generation Intel Core Processors with Radeon RX Vega M Graphics.” I’m serious.
For what I still call Kaby Lake-G, as it easier to type and understand, it introduces a new product line that we have not seen addressed in a very long time – high performance processors with high performance integrated graphics. Even though the combined part is not a single piece of silicon but instead a multi-chip package, it serves the same purpose in the eyes of the consumer and the OEM. The marriage of Intel’s highest performance mobile processor cores, the 8th Generation H-series, and one of, if not THE fastest mobile graphics core in a reasonable thermal envelope, the Vega M, is incredibly intriguing for all kinds of reasons. Even the currently announced AMD APUs and those in the public roadmaps don’t offer a combined performance package as impressive as this. Ryzen Mobile is interesting in its own right, but Kaby Lake-G is on a different level.
From a business standpoint, KBL-G is a design meant to attack NVIDIA. The green giant has become one of the most important computing companies on the planet in the last couple of years, leaning into its graphics processor dominance and turning it into cash and mindshare in the world of machine learning and AI. More than any other company, Intel is worried about the growth and capability of NVIDIA. Though not as sexy as “machine learning”, NVIDIA has dominated the mobile graphics markets as well, offering discrete GPU solutions to pair with Intel processor notebooks. In turn, NVIDIA eats up much of the margin and profitability that these mainstream gaming and content creation machines can generate. Productization of things like Max-Q give the market reason to believe that NVIDIA is the true innovator in the space, regardless of the legitimate answer to that question. Intel see that as no bueno – it wants to remain the leader in the market completely.
Subject: Processors | January 4, 2018 - 01:15 PM | Jeremy Hellstrom
Tagged: linux, spectre, meltdown, Intel
As the Linux patch for the Intel kernel issue is somewhat more mature than the Windows patch which was just pushed out, and because the patch may have more impact on hosting solutions than gaming machines, we turn to Phoronix for test results. Their testing overview looks at both Intel and AMD, as the PTI patch can be installed on AMD systems and it is not a bad idea to do so. The results are somewhat encouraging, CPUs with PCID (Process Context ID) such as Sandy Bridge and newer seem to see little effect from the patch, network performance seems unchanged and Xeon's see far less of an effect across the board than desktop machines. That is not to say there is no impact whatsoever, in synthetic benchmarks which make frequent system calls or depend on optimized access to the kernel they did see slowdowns; thankfully those workloads are not common for enthusiast software. Expect a lot more results from both Windows and Linux over the coming weeks.
"2018 has been off to a busy start with all the testing around the Linux x86 PTI (Page Table Isolation) patches for this "Intel CPU bug" that potentially dates back to the Pentium days but has yet to be fully disclosed. Here is the latest."
Here are some more Processor articles from around the web:
- Testing Windows 10 Performance Before and After the Meltdown Flaw Emergency Patch @ TechSpot
- 2nd-Gen Core i7 vs. 8th-Gen Core i7: RIP Sandy Bridge @ Techspot
- Intel Core i7 8700k @ Modders-Inc
- Ryzen Mobile Finally Arrives: AMD Ryzen 5 2500U @ Techspot
- Intel Core i9-7900X 3.3 GHz @ TechPowerUp
- The Best CPUs: This is what you should get @ Techspot
Subject: Processors | January 3, 2018 - 08:17 PM | Ryan Shrout
Tagged: Intel, amd, arm, meltdown, spectre, security
The following story was originally posted on ShroutResearch.com.
UPDATE 1 - 8:25pm
Just before the closing bell on Wednesday, Intel released a statement responding to the security issues brought up in this story. While acknowledging that these new security concerns do exist, the company went out of its way to insinuate that AMD, Arm Holdings, and others were at risk. Intel also states that performance impact on patched machines “should not be significant and will be mitigated over time.”
Intel’s statement is at least mostly accurate though the released report from the Google Project Zero group responsible for finding the security vulnerability goes into much more detail. The security issue concerns a feature called “speculative execution” in which a computer tries to predict work that will be needed beforehand to speed up processing tasks. The paper details three variants of this particular vulnerability, the first of which applies to Intel, AMD, Arm, any nearly every other modern processor architecture. This variant is easily patched and should have near-zero effect on performance.
The second variant is deeply architecture specific, meaning attackers would need a unique code for each different Intel or AMD processor. This example should be exceedingly rare in the wild, and AMD goes as far as to call it a “near-zero” risk for systems.
The third is where things are more complex and where the claim that AMD processors are not susceptible is confirmed. This one is the source of the leaks and information that filtered out and was the target of the information for the story below. In its statement, AMD makes clear that due to architectural design differences on its products, past and modern processors from its family are not at risk.
The final outlook from this story looks very similar to how it did early on Wednesday though with a couple of added wrinkles. The security report released by Project Zero indicates that most modern hardware is at risk though to different degrees based on the design of the chips themselves. Intel is not alone in this instance, but it does have additional vulnerabilities that other processor designs do not incur. To insinuate otherwise in its public statement is incorrect.
As for performance impact, most of the initial testing and speculation is likely exaggerating how it will change the landscape, if at all. Neither Intel nor AMD see a “doomsday” scenario of regressing computing performance because of this security patch.
At the end of 2017, Intel CEO Brian Krzanich said his company would be going through changes in the New Year, becoming more aggressive, and taking the fight to its competitors in new and existing markets. It seems that BK will have his first opportunity to prove out this new corporate strategy with a looming security issue that affects nearly 10 years of processors.
A recently revealed hardware bug in Intel processors is coming to light as operating system vendors like Microsoft and the Linux community scramble to update platforms to avoid potential security concerns. This bug has been rumored for some time, with updates to core Linux software packages indicating that a severe vulnerability was being fixed, but with comments redacted when published. Security flaws are often kept secret to avoid being exploited by attackers until software patches are available to correct them.
This hardware-level vulnerability allows user-mode applications, those run by general consumers or businesses, to potentially gain access to kernel-level memory space, an area that is handled by the operating system exclusively and can contain sensitive information like passwords, biometrics, and more. An attacker could use this flaw to potentially access other user-mode application data, compromising entire systems with bypass around integrated operating system firewalls.
At a time when Intel is being pressured from many different angles and markets, this vulnerability and hardware bug comes at an incredibly inopportune time. AMD spent its 2017 releasing competitive products in the consumer space with Ryzen and the enterprise space with EPYC. The enterprise markets in particular are at risk for Intel. The EPYC processors already offered performance and pricing advantages and now AMD can showcase security as none of its processor are affected by the same vulnerability that Intel is saddled with. Though the enterprise space works in cycles, and AMD won’t see an immediate uptick in sales, I would be surprised if this did not push more cloud providers and large scale server deployments to look at the AMD offerings.
At this point, only the Linux community has publicly discussed the fixes taking place, with initial patches going out earlier this week. Much of the enterprise and cloud ecosystem runs on Linux-based platforms and securing these systems against attack is a crucial step. Microsoft has yet to comment publicly on what its software updates will look like, when they will be delivered, and what impact they have might on consumer systems.
While hardware and software vulnerabilities are common in today’s connected world, there are two key points that make this situation more significant. First, this is a hardware bug, meaning that it cannot be fixed or addressed completely without Intel making changes to its hardware design, a process that can take months or years to complete. As far as we can tell, this bug will affect ALL Intel processors released in the last decade or more, including enterprise Xeon processors and consumer Core and Pentium offerings. And as Intel has been the dominate market leader in both the enterprise and consumer spaces, there are potentially hundreds of millions of affected systems in the field.
The second differentiating point for this issue is that the software fix could impact the performance of systems. Initial numbers have been claiming as much as a 30% reduction in performance, but those results are likely worst case scenarios. Some early testing of the updated Linux platforms indicate performance could decrease from 6-20% depending on the application. Other testing of consumer workloads including gaming show almost no performance impact. Linux founder and active developer Linus Torvalds claims performance impact would range from nothing to “double-digit slowdowns.”
Even though the true nature of this vulnerability is still tied behind non-disclosure agreements, it is unlikely that there will be a double-digit performance reduction on servers at a mass scale when these updates are pushed out. Intel is aware of this vulnerability and has been for some time, and financially it would need to plan for any kind of product replacement or reimbursement campaign it might undertake with partners and customers.