January 18, 2018 // 10:37 a.m.
Intel has warned that a reboot bug in its microcode update for Spectre flaw mitigation affects products up to its previous-generation Kaby Lake, in addition to the older Broadwell and Haswell parts it had originally highlighted.
Designed to provide mitigation against the Spectre Variant 2 speculative execution vulnerability, which allows unprivileged processes to access supposedly-protected memory on almost all modern mainstream processor families, Intel's microcode update was released earlier this month. Sadly, the company was forced to admit that its installation could make Broadwell and Haswell parts unstable, causing random reboots and crashes under as-yet unspecified workloads.
Sadly for those looking to protect their systems from attack, Intel's update on the flaw brings unwelcome news about its scope: As well as the older Broadwell and Haswell parts, the reboot issue has been confirmed on parts up to Ivy Bridge, Sandy Bridge, Skylake, and Kaby Lake - the latter being only one generation behind Coffee Lake, Intel's latest microarchitecture. In other words: The microcode update causes the overwhelming majority of Intel processors in the market to run unstably.
'While the firmware updates are effective at mitigating exposure to the security issues, customers have reported more frequent reboots on firmware updated systems. As part of this, we have determined that similar behaviour occurs on other products in some configurations, including Ivy Bridge-, Sandy Bridge-, Skylake-, and Kaby Lake-based platforms,' Intel's Navin Shenoy admits in the company's latest update. 'We have reproduced these issues internally and are making progress toward identifying the root cause. In parallel, we will be providing beta microcode to vendors for validation by next week.'
At the same time, Shenoy published internal benchmark results for a variety of server workloads based on a two-socket Xeon Platinum 81xx system. According to Intel's internal testing, the biggest impact can be found in flexible input-output (FIO) storage workloads where 100 percent 4K write workloads drop 18 percent post-patch and in iSCSI implementations where single-core performance drops 25 percent. Elsewhere, the company claims the impact is considerably less with database performance for an online transaction processing (OLTP) brokerage platform dropping around 3.9 percent, raw integer performance dropping 1.3 percent, floating-point 0.8 percent, and energy efficiency remaining unchanged.