Karl`s PC Help Forums

Kernel memory leaks
marymary100 - 3-1-2018 at 22:59


It is understood the bug is present in modern Intel processors produced in the past decade. It allows normal user programs – from database applications to JavaScript in web browsers – to discern to some extent the layout or contents of protected kernel memory areas.
The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI. ...
Whenever a running program needs to do anything useful – such as write to a file or open a network connection – it has to temporarily hand control of the processor to the kernel to carry out the job. To make the transition from user mode to kernel mode and back to user mode as fast and efficient as possible, the kernel is present in all processes' virtual memory address spaces, although it is invisible to these programs. When the kernel is needed, the program makes a system call, the processor switches to kernel mode and enters the kernel. When it is done, the CPU is told to switch back to user mode, and reenter the process. While in user mode, the kernel's code and data remains out of sight but present in the process's page tables.
Think of the kernel as God sitting on a cloud, looking down on Earth. It's there, and no normal being can see it, yet they can pray to it.
These KPTI patches move the kernel into a completely separate address space, so it's not just invisible to a running process, it's not even there at all. Really, this shouldn't be needed, but clearly there is a flaw in Intel's silicon that allows kernel access protections to be bypassed in some way.
The downside to this separation is that it is relatively expensive, time wise, to keep switching between two separate address spaces for every system call and for every interrupt from the hardware. These context switches do not happen instantly, and they force the processor to dump cached data and reload information from memory. This increases the kernel's overhead, and slows down the computer.
Your Intel-powered machine will run slower as a result.
If you randomize the placing of the kernel's code in memory, exploits can't find the internal gadgets they need to fully compromise a system. The processor flaw could be potentially exploited to figure out where in memory the kernel has positioned its data and code, hence the flurry of software patching.

The Register

BBC Intel flaws

LSemmens - 3-1-2018 at 23:48

I wondered why my memory was failing....and here I was, just thinking I was getting old.

JackInCT - 3-1-2018 at 23:56

I am so glad that I still have my Underwood portable typewriter (is there some way that I could fax my replies to Karl's Forums?).

I can't remember every getting a single Critical Update from the manufacturer, AND lo and behold, yes indeed, my spelling (and grammar) was a thousand times better than it is now.

I recall one high school teacher who would not accept a paper with any typos or any erasures.

I somehow missed the introduction of correction fluid [one of the first forms of correction fluid was invented in 1956 by the secretary Bette NesmithGraham, founder of Liquid Paper--it was more commonly referred to as 'white out'].

It was also a certain generation's initial introduction to getting high by sniffing it as the first generation of Liquid Paper contained tolune. Tolune was for many years a common product in factories (as a degreasing agent I think) that some youth that I got to know well used to break into them, steal the stuff, etc.,.

Special education school programs back in that day could only presume that such youth became irrevocably brain damaged--institutionalization of one form or another was out of the question since the costs of such programs were astronomical. I lost touch with them when I moved, and I've often wondered what kinds of adults they turned out to be (if they lived that long).

The embedded pix is exactly the model that I have (AND the factory that it was made in was in my home town-"was" as in long closed down.

marymary100 - 4-1-2018 at 01:01

The woman who invented white out was the mother of one of The Monkees if memory serves - Mike Nesmith.

Katzy - 4-1-2018 at 11:28

Glad I took the AMD path... :D

Intel originally stated that they were "working with AMD", but their chips are OK, it appears.

marymary100 - 4-1-2018 at 12:15

Originally posted by Katzy
Glad I took the AMD path... :D

Intel originally stated that they were "working with AMD", but their chips are OK, it appears.

Business Insider says otherwise...


The vulnerability, which affects processors from Intel, AMD, and ARM and could allow malicious actors to steal passwords and other secret data, became public this week. The disclosure has left processor makers and operating system vendors including Intel and Microsoft scrambling to get on top of the story and patch their products.

imo this was a deliberate vulnerability to allow backdoor access by US government operatives to suspects' and/or foreign governments' information.

JackInCT - 4-1-2018 at 20:14

This has become nothing less than a media circus that anyone without an advanced degree in computer science is not going to be able to tell fact from fiction re consequences, to include whether there are really any.

My URL posts from Business Insider has hits that are written in mostly everyday non-tech language + Business Insider has more than one article on this in the last few days. I came across the following hits:

One article states that there is no known exploits of these flaws.

ADVISORY: URLs on these sites can become obsolete/inactive quickly, and it's anyone guess if an archival search on the site can find them, but that's why I included the article title in this post cause that may be the only way to find them. And finding them may likely be irrelevant, i. e., my characterization of this at the beginning of this being a media circus is that a search will find all kinds of CURRENT articles on this, some of which have a good deal of defacto c & p from articles elsewhere.

EXPLAINED: 'Meltdown' and 'Spectre' — the massive Google-discovered security exploits that have Silicon Valley in a tizzy

The inventor of Linux is furious at Intel

The US Government brutally laid out the magnitude of the Intel processor vulnerabilities that affect almost everyone (INTC, MSFT, AAPL, GOOG, GOOGL, AMZN)

Finally: if this flaw was deliberate, or even accidental, as part of some govt plot, does anyone really expect any govt to admit to either planning that, exploiting that, etc.,. I mean just what does anyone really know about just how "good" supercomputers are re having algorithms that can spot terrorists activities and in languages other than English. One lesson from history re military hardware is that the USA govt spends money hand over fist on expensive ongoing modifications to many hardware systems that didn't work correctly at their unboxing and never really succeeded at what they were originally intended to do.

marymary100 - 5-1-2018 at 11:30

Apple products too

JackInCT - 5-1-2018 at 14:36

The late Thursday and Friday AM TV news shows are all over this.

Of course nothing compares to the coverage of the Eastern USA Thursday snow storm that had many mainstream TV stations with around the clock non stop coverage (I kid thee not). For those into fashion, there was of course non-verbal cues (via the apparel makers, AND the TV station's, logo) of what the well dressed TV "newscaster" would, and should be wearing in the out-of-doors. I fear that those whose hair was whipping around in the wind will not have their contracts renewed (and NO WE don't allow the jacket's hood to obscure any significant part of the newscaster's puss whenever they are on live camera).