>is hard to believe they ignored the risky aspects. I bet they were instructed to ignore the risk
The specific issue that Pentium line CPUs: a) do privilege check asynchronously; b) do it only for the "winning" execution branch was very well known among CPU design community.
Intel architects even bragged about that as their "innovation" in industry journals and filled a number of patents for that (this is the reason amd privilege checker runs on all branches)
The specific issue that Pentium line CPUs: a) do privilege check asynchronously; b) do it only for the "winning" execution branch was very well known among CPU design community.
Intel architects even bragged about that as their "innovation" in industry journals and filled a number of patents for that (this is the reason amd privilege checker runs on all branches)
AMD checks permissions on every TLB access while Intel delays the permission check (or result) until instruction retirement which is when faults are acted on. It does not make any sense to act on a fault on a speculated branch until the branch is resolved.
Since AMD never does the speculated load, there is no data for the speculated branch to use making them immune to Meltdown. The speculated instructions past the load never get executed.
I do not understand why Intel's method would be any faster. Reloading TLBs and doing housekeeping for privilege changes are a separate issue.
Correction needed (Score:5, Informative)
>is hard to believe they ignored the risky aspects. I bet they were instructed to ignore the risk
The specific issue that Pentium line CPUs: a) do privilege check asynchronously; b) do it only for the "winning" execution branch was very well known among CPU design community.
Intel architects even bragged about that as their "innovation" in industry journals and filled a number of patents for that (this is the reason amd privilege checker runs on all branches)
Re:Correction needed (Score:2)
The specific issue that Pentium line CPUs: a) do privilege check asynchronously; b) do it only for the "winning" execution branch was very well known among CPU design community.
Intel architects even bragged about that as their "innovation" in industry journals and filled a number of patents for that (this is the reason amd privilege checker runs on all branches)
AMD checks permissions on every TLB access while Intel delays the permission check (or result) until instruction retirement which is when faults are acted on. It does not make any sense to act on a fault on a speculated branch until the branch is resolved.
Since AMD never does the speculated load, there is no data for the speculated branch to use making them immune to Meltdown. The speculated instructions past the load never get executed.
I do not understand why Intel's method would be any faster. Reloading TLBs and doing housekeeping for privilege changes are a separate issue.