Will Intel design flaw influence P3D performance?

[Guest]

4 hours ago, simbol said:

For Windows 10 1709 the patch number is KB4056892

Odd, I don't see anything mentioned in this KB that is specific to this exploit?  https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892

To be noted there are actually two "bugs/exploits" in hand, one is "Meltdown" and the other is "Spectre"

Quote

On the upside for consumers, desktop computing and gaming may not be as affected as other intensive tasks more commonly seen in server and database applications.

I read this as they (apps/games) are still affected but not as seriously ... keep in mind an app or game is just another set of executable code like all other types of executable code (from services to drivers) that can move in/out of Kernel mode.

Quote from TechCrunch:

Quote

Meltdown and Spectre are two techniques researchers have discovered that circumvent those protections, exposing nearly any data the computer processes, such as passwords, proprietary information, or encrypted communications.

Meltdown affects Intel processors, and works by breaking through the barrier that prevents applications from accessing arbitrary locations in kernel memory. Segregating and protecting memory spaces prevents applications from accidentally interfering with one another’s data, or malicious software from being able to see and modify it at will. Meltdown makes this fundamental process fundamentally unreliable.

Spectre affects Intel, AMD, and ARM processors, broadening its reach to include mobile phones, embedded devices, and pretty much anything with a chip in it. Which, of course, is everything from thermostats to baby monitors now.

It works differently from Meltdown; Spectre essentially tricks applications into accidentally disclosing information that would normally be inaccessible, safe inside their protected memory area. This is a trickier one to pull off, but because it’s based on an established practice in multiple chip architectures, it’s going to be even trickier to fix.

Chips going back to 2011 were tested and found vulnerable, and theoretically it could affect processors as far back as those released in 1995.

Quote from Digital Trends:

Quote

The issue is related to how programs access memory, specifically information that should only be accessible to the operating system kernel that maintains the highest level of privileges. The exploits are ones where malicious programs can access the protected kernel memory space and “see” information that should be locked away.

The full details, which are not yet available, are quite technical and relate to how a CPU moves in and out of protected kernel mode. Keeping the kernel in virtual memory makes the process as fast as possible. If the CPU doesn’t have to dump and then reload the kernel, then it can achieve faster performance. Unfortunately, it also makes kernel contents vulnerable to being accessed by nefarious programs.

The fix for Meltdown, has to be implemented by the operating system in a process labeled Kernel Page Table Isolation (KPTI), which puts the kernel in an area of protected memory space that cannot be accessed by other programs. That creates extra processing steps — dumping and then reloading kernel data — that can slow things down, although according to Intel, the impact is limited to specific workflows and typical users will not notice much impact. Machines using Intel’s Skylake or later CPUs will see less of an impact than older systems. Spectre will take longer to resolve but is also much more difficult to exploit.

Microsoft has already issued an emergency patch, which it apparently had been testing in earlier Windows Insider builds, to address the issue. Google has also provided a fix in the latest Android security updates, which so far have primarily rolled out to Google’s Nexus and Pixel smartphones, and more generally, ARM has provided patches to companies using its processors. Linux and MacOS will also need to be updated, meaning this is an equal-opportunity bug, although AMD has stated that there is “near zero risk to AMD products at this time.”

 

But again, my understanding is "read only" not write access ... but that still is not good, because it means reading passwords and/or any other type of data since nothing in encrypted yet.

Now, the much bigger risk/concern is with:

Quote

Not only that, but Meltdown in particular could conceivably be applied to and across cloud platforms, where huge numbers of networked computers routinely share and transfer data among thousands or millions of users and instances.

The good news is that the attack is easiest to perform by code being run by the machine itself — it’s not easy to pull this off remotely.

Meltdown can be fixed essentially by building a stronger wall around the kernel; the technical term is “kernel page table isolation.” This solves the issue, but there’s a cost. Modern CPU architectures assume certain things about the way the kernel works and is accessed, and changing those things means that they won’t be able to operate at full capacity.

The Meltdown fix may reduce the performance of Intel chips by as little as 5 percent or as much as 30 — but there will be some hit. Whatever it is, it’s better than the alternative.

Spectre, on the other hand, is not likely to be fully fixed any time soon. The fact is that the practice that leads to this attack being possible is so hard-wired into processors that the researchers couldn’t find any way to totally avoid it.

Apparently these flaws were known over a year ago.  It's also rather disturbing that Intel CEO has been selling off his stock ($39M over this time period leaving him the minimum required stock options under the terms of his employment).

It's obviously not good news, but the world is not ending, however the challenges to fully resolve Spectre does seem somewhat daunting for the immediate future, but where there's a will, there's a way ... and this will eventually be resolved, it just may take a few years.

Cheers, Rob.

[Bobsk8 12,681]

Just turned off auto update in windows 7. This affects phones, tablets as well as computers. 

[simbol 5,819]

37 minutes ago, Rob Ainscough said:

Odd, I don't see anything mentioned in this KB that is specific to this exploit?  https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892

And yet that is the number reported by MS security advisory ADV180002:  https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV180002

Simbol

[thibodba57 462]

2 hours ago, sbs9 said:

No need to panic, it seems that games and desktop apps are not affected at all:

https://www.techspot.com/article/1554-meltdown-flaw-cpu-performance-windows/

Last article I read they have benchmarked games not running DirectX.  Or it seems that they have updated this overnight.  So thats a plus.

Quote

Will my games get slower?

Probably not. Phoronix also tested Dota 2, Counter-Strike: Global Offensive, Deus Ex: Mankind Divided, Dawn of War III, F1 2017, and The Talos Principleon a Linux 4.15-rc6 machine with a Core i7-8700K and Radeon Vega 64. None saw a frame rate change outside the margin of error range.

Hardware Unboxed tested a handful of DirectX-based Windows games in the video linked above. With DirectX hooking so deeply into Windows, gamers were worried about a potential performance degradation there. Fortunately, Hardware Unboxed observed virtually no frame rate loss in Ashes of the Singularity, Assassin’s Creed: Origins, or Battlefield 1. Phew.

https://www.pcworld.com/article/3245606/security/intel-x86-cpu-kernel-bug-faq-how-it-affects-pc-mac.html

[simbol 5,819]

Folks, 

I just patched my Windows 10  version 1709 with KB4056892 and confirmed that my OS is now protected against the Meltdown bug (note the 3 green text below):

However as expected I need now to apply BIOS firmware updates in order to protect my system against the Spectre bug, Intel just notified that firmware updates should be available by the end of next week: https://www.bleepingcomputer.com/news/hardware/intel-promises-firmware-updates-for-most-modern-cpus-by-the-end-of-next-week/

So far my PC seems stable without any performance impact and I will launch P3D in a moment to check how stable it is, @Rob Ainscough you are much better than me on this, what do you think would it be the best thing to look for under P3D V4.1 after the patch to report back to everybody? I was thinking launching Fly Tampa EHAM with the PMDG loaded +UTL + the dynamic lighting enabled and perform a takeoff and a landing to see if I get any noticeable performance drop or issues in comparison to my last flight.

Best Regards,
Simbol

[Guest]

I'm in the office coding away so no time to test today ... but I would test using:

1.  Photoreal scenery (Ortho4XP or PR scenery for P3D)

2.  Network setups (i.e. if you run AS4 across a network or do any multiplayer or any shared cockpit)

Since reports are 5-30% performance degradation on the CPU, I would select CPU intensive tasks for your Flight Simulator of choice and most important make sure you don't run DL, run no AA, no reflections, limit shadows, no Water High or Ultra.  If you have FSLabs A320 that would probably be a good test aircraft but try to start at higher FPS because if the impact is only 5%, you'll not notice any FPS difference if you are already around 30 FPS (Vsync OFF and unlimited) as 5% reduction is only 1.5 FPS less.

Of course I'm assuming a before and after KB test scenario.  If you've already applied the update, then you'd have to remove the KB (if you can) do do BEFORE and AFTER testing.

Cheers, Rob.

[simbol 5,819]

15 minutes ago, Rob Ainscough said:

I'm in the office coding away so no time to test today ... but I would test using:

1.  Photoreal scenery (Ortho4XP or PR scenery for P3D)

2.  Network setups (i.e. if you run AS4 across a network or do any multiplayer or any shared cockpit)

Since reports are 5-30% performance degradation on the CPU, I would select CPU intensive tasks for your Flight Simulator of choice and most important make sure you don't run DL, run no AA, no reflections, limit shadows, no Water High or Ultra.  If you have FSLabs A320 that would probably be a good test aircraft but try to start at higher FPS because if the impact is only 5%, you'll not notice any FPS difference if you are already around 30 FPS (Vsync OFF and unlimited) as 5% reduction is only 1.5 FPS less.

Of course I'm assuming a before and after KB test scenario.  If you've already applied the update, then you'd have to remove the KB (if you can) do do BEFORE and AFTER testing.

Cheers, Rob.

Thanks, 

I don't have Photoreal Scenary, or FSLabs, also I don't run on 4K so perhaps it is better to leave these test and reports for you.

What I can right now is to post some pics of my FPS, as it stand I don't see any difference against my previous flight.

Regards,

Simbol

 

 

[simbol 5,819]

Preliminary tests after installing the windows 10 Patch:

Hardware:

• EVGA Z170
• Intel I6-6600K OC 4.5GHz, Watercooled
• GPU: 980GTI
• Memory: 16GB Corsair at 2800
• Screen Resolution: 1680x1050

Software Active:

• Kaspersky Antivirus Internet Security 2018
• Google Chrome
• Skype
• P3D V4.1
• EZDok
• Rechade with custom effects
• FlyTampa EHAM
• PMDG 737 NGX
• Active Sky + ASCA
• UTL Live
• AI Lights Reborn
• GSX
• PRO-ATC-X

PMDG with all lights active 61 - 65 FPS:

FPS remained the same while GSX was active

44.3 FPS inside the cabin while taking off:

50 FPS during climb and changing views:

Figures remained the same for the rest of the flight, this is withing the range of performance I get normally, so it seems with my current system workload and P3D settings I don't see any significant performance impact, however I would advise to wait until Rob performs much more deep tests as he has better equipment, more demanding add-on's and higher video resolutions that would really help to test the overall performance impact that this patch might have for our beloved hobby.

I hope this helps.

Best Regards,
Simbol

[pmb 5,137]

Thanks a lot for the test, Simbol. Maybe, I can avoid trashing my 1 yr old system  Your results give some hope fps will not fall by 30 %.

Kind regards, Michael

[z06z33 763]

I'm taking my chances and not updating in fact windows update has been disabled. Considering this issue has been around for 10 years and nothing has happened I don't see the sky falling tomorrow without this update. I just built a new rig at great expense..I'm not going backwards in performance. Besides I don't keep important info on my pc,and will stop the use of it for anything important. Worst thing that will happen is they will get my CC info but I've had that stolen at restaurants so no way to protect everything

[simbol 5,819]

21 minutes ago, pmb said:

Thanks a lot for the test, Simbol. Maybe, I can avoid trashing my 1 yr old system  Your results give some hope fps will not fall by 30 %.

Kind regards, Michael

No Problem, but remember this preliminary test is with only the Meltdown patch active, I need to wait until EVGA provide me with the microcode update BIOS updates in order to enable the Spectre patch, although I have installed also the Spectre Patch it will remain disabled until my BIOS is updated.

I hope to get the firmware update withing a week and when I do I will be performing the same test as above to see the results.

Best Regards,
Simbol

[simbol 5,819]

25 minutes ago, z06z33 said:

I'm taking my chances and not updating in fact windows update has been disabled. Considering this issue has been around for 10 years and nothing has happened I don't see the sky falling tomorrow without this update. I just built a new rig at great expense..I'm not going backwards in performance

David,

The difference is now the exploit are well known and Hackers are aware that not everybody is patching given the complexity and risks involved, they also known that there is not current fix for the Spectre vulnerability for at least one week or perhaps more.

There is also public documents now available explaining how the exploits work, in other words we just handed over to cyber-criminals the recipe and ingredients to create a weapon without having proper counter measures available in place.

Just be extra careful with what you do online, as a security adviser I am expecting an imminent attack of these exploits very soon as hackers will try to get their hands on this before the world can stop them.

Best Regards,
Simbol

[Uteman 51]

2 hours ago, Rob Ainscough said:

6 hours ago, simbol said:

For Windows 10 1709 the patch number is KB4056892

Odd, I don't see anything mentioned in this KB that is specific to this exploit?  https://support.microsoft.com/en-us/help/4056892/windows-10-update-kb4056892

Hi Rob & Simbol,

I have begged off this whole discussion since I posted on Tuesday about the issue largely because some of us would know that the industry has been wringing hands on the two issues since early October.

For those who want a small insight into the scale of the problem you should read Mozilla's explanation of their "temporary" patch for Firefox that you would have received in the last 24 hrs ( located in your whats new tab in the FFox nameplate. They have more to come yet they have already affected their Firefox performance (minimally at this time) Most people wont notice it because the margin is much smaller than ISP/ network lag.

https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/

3 minutes ago, z06z33 said:

Considering this issue has been around for 10 years and nothing has happened I don't see the sky falling tomorrow without this update.

This is incorrect - the flaw was discovered in October 2017 and impact all CPUs that use a particular architecture and based on some reports that includes AMD and ARM processors as well as Intel. It is an absolute race between the white and black hats - it always is with these discoveries that why the white hats try to keep it quiet till they have proved the fix.

Simbol look forward to your FW update report.

[strider1 575]

7 hours ago, pmb said:

Me.

I COULD do it but would avoid the risk. I'd ask the shop instead.

Kind regards, Michael

bios updates are easy as 1,2,3 ! Getting your pc hacked is a worse nightmare.......

[Uteman 51]

2 minutes ago, strider1 said:

bios updates are easy as 1,2,3 ! Getting your pc hacked is a worse nightmare.......

Eric you are correct however some of us remember ( or never forget - depending on the outcome) the trepidation of the "first time"