LinkBack URL
About LinkBacksIf you own a Nvidia GPU its suggested you download this driver as apparently Nvidia drivers are vulnerable to Spectre:
http://www.techradar.com/news/spectr...graphics-cards
http://nvidia.custhelp.com/app/answers/detail/a_id/4611
If you own a Nvidia GPU its suggested you download this driver as apparently Nvidia drivers are vulnerable to Spectre:
http://www.techradar.com/news/spectr...graphics-cards
http://nvidia.custhelp.com/app/answers/detail/a_id/4611
adidan (10-01-2018)
At this rate I'll be told I have to patch my pc desk too.
Grab that. Get that. Check it out. Bring that here. Grab anything useful. Take anything good.
Is your pc desk doing speculative execution?Originally Posted by adidan
I wonder if Radeons are also affected?
Either you download a stack of fixes that make your PC secure but slow as dialup... or you buy the latest tech and make these companies an absolute fortune.
Pretty cunning, don'tcha think?
Love the fact that techradar have publish an "update" at the top of the article apologising for mistakenly thinking nvidia hardware was affected, but then left the original article unchanged. Someone just scanning the page might still take away the message that their GPU is vulnerable to the attacks.
The driver update is simply a further software mitigation against Spectre attacks against the CPU. I'm not sure if that means that OS kernel patches can't cover all the attack vectors, or if this is just a bit of belt-and-braces from nvidia. But the security update is not for a vulnerability in GPUs. It's for the known vulnerability in CPUs.
Time for new benchmarks then, again
Emm,I linked to the Nvidia webpage too,plus I seriously doubt Intel,AMD or Nvidia are releasing security fixes if there was NO issue anyway. You only have to look at the last 10 years of any of these companies to go past all the PR guff.
Considering Nvidia relies far more on CPU based scheduling than AMD does,I suspect there might be an issue they have discovered. I seriously doubt Nvidia really gives a monkeys about patching issues with Intel CPUs considering the history they have had in the past.
Yeah, not questioning your input CAT, just pointing out that people scanning the techradar story might skip the update. Responsible journalism would involve changing the incorrect content in the actual story, not just tagging on an "oops" at the top.
My impression when this first came out was that the OS kernel patches should mitigate against the threats sufficiently by improving the segregation of data during speculative execution, but if some software could be vulnerable even after patching it's a much bigger issue. Although this could always be nvidia offering some protection for users who decide not to patch their OS...? *shrug* basically the thing's a phenomenal charlie foxtrot...
I suppose as mentioned earlier,will AMD RTG release a security update too??
It is an interesting question.
I did some digging around, I didn't realise that modern Windows drivers were back in userland (and have been for some time) so that would explain the minimal performance impact of Meltdown on gaming graphics. There will always be some kernel mode hardware setup though, so I guess that is what they have messed with.
If the driver is for something USB or network connected then there won't be any hardware setup so hopefully most modern hardware will be OK. Stuff that plugs into a motherboard slot like graphics cards, do they all need patching?
Edit: My current quest for a graphics card was edging towards a 1070ti, but this makes me want to stick with the Linux AMD open source stack still. I should just learn to be happy with what I have shouldn't I...
Last edited by DanceswithUnix; 11-01-2018 at 04:46 PM.
I think the bigger question is "are AMD graphics drivers a potential channel for the vulnerabilities?". As you say, nvidia does more scheduling etc. in software than AMD, so it may be that AMD's drivers don't present the same kind of risk...
Downloaded latest drivers, had first ever kernel stopped and restarted. Wasn't doing anything at the time.
Super.
Grab that. Get that. Check it out. Bring that here. Grab anything useful. Take anything good.
Something's just occurred to me while replying to another thread:
As CAT pointed out, nvidia moved heavily towards software scheduling for their gaming line. It seems to me that that could be a reasonable explanation for why an nvidia GPU driver might provide an exploitable channel for attack.
But what if the OS kernel mitigations - which we know will have performance implications - hit nvidia's software scheduling hard? Could the latest "security" patch actually be an attempt to mitigate the performance hit of other security updates as well?
I'm not sure it would be noticeable as (afaik) the scheduler feeds data to the SMMs pipelines on the GPU and normally there's already a certain amount of jobs waiting in those queues, it may effect latency but probably not throughput, however as there's already a degree of latency involved in the time it takes for a job to reach the front of the queue and be processed adding latency to that may not effect the final outcome, effectively adding jobs to each queue would take longer but they'd still have to wait.
Of course that's just based on my laymens understanding of how Nvidia's normal (driver/software) scheduler, SMM queues and dispatching of jobs operates.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote