No, it's not a joke:
'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign (https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/)
Quotebug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.
The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. At one point, Forcefully Unmap Complete Kernel With Interrupt Trampolines, aka ####WIT, was mulled by the Linux kernel team, giving you an idea of how annoying this has been for the developers.
...
It seems it may be possible to craft software in such a way that the processor starts executing an instruction that would normally be blocked – such as reading kernel memory from user mode – and completes that instruction before the privilege level check occurs.
That would allow ring-3-level user code to read ring-0-level kernel data.
The article links to a blog post by a certain Anders Fogh (https://cyber.wtf/2017/07/28/negative-result-reading-kernel-memory-from-user-mode/), not to be confused with Agner Fog. (http://www.agner.org/optimize/blog/)
Update on technical details here (https://googleprojectzero.blogspot.it/2018/01/reading-privileged-memory-with-side.html).
I heard about this on the radio , but haven't read into the topic yet. I guess we will all have to buy new processors or take the performance hit that comes with the new OS patches. I also heard from Richard Stallman that any processor after the core 2 has a "management engine" back door https://boingboing.net/2016/06/15/intel-x86-processors-ship-with.html. :biggrin:
Not just Intel and Windows/Linux, Apple have admitted the same thing. Probably Android too, because the ARM CPU is affected...
The 30% drop in performance is only an estimate, if you only game/internet you won't notice. Only kernel mode switches are affected, so if you
do a lot of network/disk IO you will definitely notice it.
One story going around is that the Intel boss sold stock just before the announcement (they have known about it since June last year).
https://newsroom.intel.com/news-releases/intel-issues-updates-protect-systems-security-exploits/ (https://newsroom.intel.com/news-releases/intel-issues-updates-protect-systems-security-exploits/) :idea:
https://www.phoronix.com/scan.php?page=article&item=linux-more-x86pti&num=1