I should think that in a "dedicated cluster" application, these sorts of security problems are less of an issue - whether a process can figure out what memory space other processes are in is more of an issue for machines "open to the world with heterogeneous applications" (i.e. 99.9% of the machines out there). The scenario from the article: "Imagine a piece of JavaScript running in a browser, or malicious software running on a shared public cloud server, able to sniff sensitive kernel-protected data."
I'll bet there's not a whole lot of HPC code written in Javascript running in a browser.. (not that someone hasn't done it, as a stunt.. Is there a MPI library binding for Javascript?) And, if you're running HPC "in the cloud" on VMs, this is an issue. I suppose the down side is that if they do kernel mods to fix this for the 99.9%, it adversely affects the performance for the 0.1% (that is, us). Jim Lux (818)354-2075 (office) (818)395-2714 (cell) -----Original Message----- From: Beowulf [mailto:beowulf-boun...@beowulf.org] On Behalf Of Christopher Samuel Sent: Tuesday, January 02, 2018 7:46 PM To: beowulf@beowulf.org Subject: [Beowulf] Intel CPU design bug & security flaw - kernel fix imposes performance penalty Hi all, Just a quick break from my holiday in Philadelphia (swapped forecast 40C on Saturday in Melbourne for -10C forecast here) to let folks know about what looks like a longstanding Intel CPU design flaw that has security implications. There appears to be no microcode fix possible and the kernel fix will incur a significant performance penalty, people are talking about in the range of 5%-30% depending on the generation of the CPU. :-( https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/ There's a post on the PostgreSQL site that measures the impact, El Reg summarises the impact as: https://twitter.com/TheRegister/status/948342806367518720?ref_src=twsrc%5Etfw Best case: 17% slowdown Worst case: 23% Here's the post about the measured impact: https://www.postgresql.org/message-id/20180102222354.qikjmf7dvnjgb...@alap3.anarazel.de This is going to be interesting I think... All the best, Chris -- Chris Samuel : http://www.csamuel.org/ : Melbourne, VIC _______________________________________________ Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf _______________________________________________ Beowulf mailing list, Beowulf@beowulf.org sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
