Apple Implemented Fix for Serious Intel Processor Design Flaw in macOS 10.3.2

Apple Implemented Fix for Serious Intel Processor Design Flaw in macOS 10.3.2

Posted by · 9237 views · Translate
A fundamental design flaw in Intel's processor chips that is forcing a redesign of the Linux and Windows kernels has already been mitigated by Apple in macOS 10.3.2, according to software engineer Alex Ionescu.

Yesterday, The Register reported that a bug is present in Intel processors produced in the past decade that allows normal user programs to discern to some extent the layout or contents of protected kernel memory areas. This has programmers scrambling to overhaul the Linux kernel's virtual memory system. Microsoft has been working on a fix since at least November.

Python Sweetness writes, "There is presently an embargoed security bug impacting apparently all contemporary CPU architectures that implement virtual memory, requiring hardware changes to fully resolve. Urgent development of a software mitigation is being done in the open and recently landed in the Linux kernel, and a similar mitigation began appearing in NT kernels in November. In the worst case the software fix causes huge slowdowns in typical workloads. There are hints the attack impacts common virtualization environments including Amazon EC2 and Google Compute Engine, and additional hints the exact attack may involve a new variant of Rowhammer."

The fixes for Linux and Windows are estimated to have a major effect on performance with The Register estimating a 5 - 30% slow down, depending on the task and the processor model.

Following the report, Mac users were left wondering how they would be affected. Thankfully, Apple has already addressed the issue, according to a tweet from kernel expert Alex Ionescu.

The question on everyone's minds: Does MacOS fix the Intel #KPTI Issue? Why yes, yes it does. Say hello to the "Double Map" since 10.13.2 -- and with some surprises in 10.13.3 (under Developer NDA so can't talk/show you).

When asked if 10.13.3 was required for full bug mitigation, Ionescu said no.

No, sorry, did not mean to imply that. There are some changes in 10.13.3 but they shouldn't affect the quality of the mitigation _as far as I can see_

Also notable, Mac users should see much of a performance hit.

"The performance drop on a system with PCID is minimal," says Ionescu. "Most Macs have PCID."

Please follow iClarified on Twitter, Facebook, Google+, or RSS for updates.

Read More


Apple Implemented Fix for Serious Intel Processor Design Flaw in macOS 10.3.2

Apple Implemented Fix for Serious Intel Processor Design Flaw in macOS 10.3.2

Apple Implemented Fix for Serious Intel Processor Design Flaw in macOS 10.3.2

Apple Implemented Fix for Serious Intel Processor Design Flaw in macOS 10.3.2
nottooloud - January 4, 2018 at 1:19pm
Hey headline writer. 10.13.2, not 10.3.2.
1
Adam Dempsey - January 4, 2018 at 8:59am
"Also notable, Mac users should see much of a performance hit." Guessing that is meant to be "shouldn't"
D4xM4Nx - January 4, 2018 at 8:56am
Now we need to become modern Robin Hood heroes to f*ck these greedy, evil-intended sons of b*tches. An era of change is dawning on us, the return of Ovi by Nokia since all else failed... inmortal batteries, slowdown is virtually imposible and no more internet because the system will fall shortly xP
iSheep - January 4, 2018 at 2:54am
Just keep in mind that if Intel tanks because of this. Apple’s in a world of Shit! Especially that Qualcomm and Apple are suing each other.
Klinky - January 4, 2018 at 12:43am
People will notice when Intel is subjected to a massive class action that will make Apples’a battery gate look like a joke. The scope of this and impact to businesses that have sunk trillions into Intel hardware will be enormous. And they’re the ones with the cash to litigate. This is just hitting the wire and will become BIG news. 2018 story of the year?
1 More Comment
Recent