With the launch of Intel’s latest 8th Generation Core mobile processors, the 15W Whiskey Lake U-series and the 5W Amber Lake Y-series, questions were left on the table as to the state of the Spectre and Meltdown mitigations. Intel had, previously in the year, promised that there would be hardware fixes for some of these issues in consumer hardware by the end of the year. Nothing was mentioned in our WHL/AML briefing, so we caught up with Intel to find out the situation.

There Are Some Hardware Mitigations in Whiskey Lake

The takeaway message from our discussions with Intel is that there are some hardware mitigations in the new Whiskey Lake processors. In fact, there are almost as many as the upcoming Cascade Lake enterprise parts. Intel told us that while the goal was to be transparent in general with how these mitigations were being fixed - we think Intel misread the level of interest in the specifics in advance of the Whiskey Lake launch, especially when the situation is not a simple yes/no.

For the mitigations, here is the current status:

Spectre and Meltdown on Intel
AnandTech Cascade
Lake
Whiskey
Lake
Amber
Lake
Spectre Variant 1 Bounds Check Bypass OS/VMM OS/VMM OS/VMM
Spectre Variant 2 Branch Target Injection Hardware + OS Firmware + OS Firmware + OS
Meltdown Variant 3 Rogue Data Cache Load Hardware Hardware Firmware
Meltdown Variant 3a Rogue System Register Read Firmware Firmware Firmware
  Variant 4 Speculative Store Bypass Firmware + OS Firmware + OS Firmware + OS
  Variant 5 L1 Terminal Fault Hardware Hardware Firmware

What this means is that Whiskey Lake is a new spin of silicon compared to Kaby Lake Refresh, but is still built on that Kaby Lake microarchitecture. Intel confirmed to us that Whiskey Lake is indeed built on the 14++ process node technology, indicating a respin of silicon.

As a result, both CPU families have the all-important (and most performance degrading) Meltdown vulnerability fixed. What remains unfixed in Whiskey Lake and differentiates it from Cascade Lake CPUs is Spectre variant 2, the Branch Target Injection. This vulnerability has its own performance costs when mitigated in software, and it has taken longer to develop a hardware fix.

What About Amber Lake?

The situation with Amber Lake is a little different. Intel confirmed to us that Amber Lake is still Kaby Lake – including being built on the 14+ process node – making it identical to Kaby Lake Refresh as far as the CPU die is concerned. In essence, these parts are binned to go within the 5W TDP at base frequency. But as a result, Amber Lake shares the same situation as Kaby Lake Refresh: all side channel attacks and mitigations are done in firmware and operating system fixes. Nothing in Amber Lake is protected against in hardware.

Performance

The big performance marker is tackling Spectre Variant 2. When fixed in software, Intel expects a 3-10% drop in performance depending on the workload – when fixed in hardware, Intel says that performance drop is a lot less, but expects new platforms (like Cascade Lake) to offer better overall performance anyway. Neither Whiskey Lake nor Amber Lake have mitigations for v2, but Whiskey Lake is certainly well on its way with fixes to some of the more dangerous attacks, such as v3 and L1TF. Whiskey Lake is also offering new performance bins as the platform is also on 14++, which will help with performance and power.

Intel’s Disclosure in the Future

Speaking with Intel, it is clear (and they recognise) that they appreciate the level of interest in the scope of these fixes. We’re pushing hard to make sure that with all future launches, detailed tables about the process of fixes will occur. Progress on these issues, if anything, is a good thing.

Related Reading

Title image from PC Watch

POST A COMMENT

107 Comments

View All Comments

  • V900 - Thursday, August 30, 2018 - link

    You got a point.

    If you’re an average gamer or consumer, there’s little reason to worry about Spectre & co. As of now, anyways.
    Reply
  • eva02langley - Thursday, August 30, 2018 - link

    Until another tree fall on the road and the bridge collapse.

    Buying a cripple and insecure product is not what I call a smart move.
    Reply
  • eva02langley - Thursday, August 30, 2018 - link

    No way I am to back this. Reply
  • V900 - Thursday, August 30, 2018 - link

    So you’re saying I shouldn’t buy an AMD CPU at all under the current circumstances? Reply
  • HStewart - Thursday, August 30, 2018 - link

    Yes the press has pressure on these issue a lot - and some people go so far to Ignore that Intel has work on making fixing them and assume that these fixes required 10nm, Also they make the false assumption that Intel is only company with these problems - in fact both AMD and even ARM have the problems.

    I have yet seen a real virus or malware that uses Spectre or Meltdown in the field.

    Hopefully we will see end such stuff - it not helpful in productivity of new computer technology - in fact it makes it more possible for more virus and malware.
    Reply
  • Manch - Friday, August 31, 2018 - link

    There are exploits in the wild already. Most are just seeing how viable the exploits are. A couple may be worrisome.

    Seriously, stop spreading FUD.

    Intel is vulnerable to MELTDOWN, A few ARM procs too. AMD is NOT
    Intel/AMD/ARM are vulnerable to Spectre. ARM is less susceptible. AMD even less so to the point its patches are OPTIONAL.

    Intel has had to respin silicon to eliminate the bugs in HW. SW fixes tend to have perf hits. MOST aren't bad, but a couple are significant. With 10nm, all bugs will be fix in silicon as some require a good bit of re engineering.
    Reply
  • HStewart - Friday, August 31, 2018 - link

    This is not FUD, this is from the following site which looks like good information

    https://meltdownattack.com/

    I don't believe Meltdown is only Intel but that could be wrong, Spectra is ALL CPUs.

    https://thehackernews.com/2018/01/meltdown-spectre...

    Meltdown appears to fix in hardware for this cpus.

    If you so insisting on telling this is fud, then provide just one real example of virus that uses this Meltdown and Spectra stuff.
    Reply
  • boeush - Friday, August 31, 2018 - link

    Non-business people should care too (at least those for whom performance matters), since Microsoft has pushed out mitigation patches for Windows 10 without allowing anyone to opt out. That means performance nerf with current-gen hardware for *everyone*. So anyone contemplating a new PC purchase in the near future might care about hardware mitigations that might restore some of that lost performance... Reply
  • GreenReaper - Friday, August 31, 2018 - link

    You're allowed to disable them. Just search for all instances of "to disable" here:
    https://support.microsoft.com/en-us/help/4072698/w...

    The code and registry settings are likely to be the same for Client as it is for Server. They just don't tell people running the client version about it because they almost certainly shouldn't disable them.
    Reply
  • Siress - Monday, September 3, 2018 - link

    Clearly, then, you should let other people think for you. Reply

Log in

Don't have an account? Sign up now