Google Details Spectre and Meltdown Fixes for Its Cloud Services

Google Details Spectre and Meltdown Fixes for Its Cloud Services

The computer industry is currently reeling from the disclosure of multiple CPU vulnerabilities that strike at the very heart of multiple system architectures. Vendors are rolling out fixes for Meltdown and Spectre, but the process has not been entirely smooth with Microsoft accidentally bricking some AMD-based systems. By contrast, things at Google went so well you probably didn’t even notice it already patched many of its popular cloud services like Gmail. Now, Google has released some details on those stealthy patches.

Industry leaders were made aware of the CPU vulnerabilities several months ago. The goal was to get patches in place before disclosing, but these are complicated bugs that work at the lowest level in the silicon. That could mean noticeable performance hits when blocking the hacks. Google managed to devise patches for its cloud services that addressed Meltdown and the first variant of Spectre. These fixed didn’t cause any user complaints when they rolled out in September. The second Spectre variant was vastly more tricky to patch.

The second Spectre variant is what’s known as a branch target injection, which could allow an attacker to execute arbitrary code on a system. Google’s initial investigations suggested the only way to mitigate Spectre Variant 2 was to disable the CPU performance-optimizing features it targeted. However, in testing, Google found that made its services slow and inconsistent. The company pulled together hundreds of engineers in search of a better solution — a “Moonshot” as Google likes to say.

Google Details Spectre and Meltdown Fixes for Its Cloud Services

The moonshot came from Google engineer Paul Turner, and it’s known as “Retpoline.” This binary modification that ensures programs cannot be influenced by branch target injection. This allowed Google to protect its cloud services at compile time with no source code modifications and without disabling CPU performance features (read about it in detail here). Google says the final version of its Retpoline patch came with almost no performance hit. When it was rolled out recently, again, no one using services like Gmail noticed any performance degradation.

Google says that all its cloud platforms had patches for all three vulnerabilities by December. In addition, it has open sourced the compiler it used so other companies can use it to protect their users as well. As other vendors are still working on patching systems, Google notes Meltdown and Spectre are the most difficult fixes its engineers have encountered in a decade. It might take a while for everyone to get on the same page.

Continue reading

One Developer Is Fixing SNES Game Lag After 30 Years
One Developer Is Fixing SNES Game Lag After 30 Years

One dedicated developer is releasing 'FastROM' patches to emulate Nintendo's SA1 chip in games that never had it, eliminating the annoying slowdowns that have plagued gamers for almost 30 years.

AMD Has Fixed Its USB Connectivity Issues, Updates Arrive in Early April
AMD Has Fixed Its USB Connectivity Issues, Updates Arrive in Early April

AMD has found the problem leading to intermittent UEFI dropouts on Ryzen systems. Look for a fix in early April.

NASA’s Mars Helicopter Remains Grounded Awaiting Software Fix
NASA’s Mars Helicopter Remains Grounded Awaiting Software Fix

NASA previously said the Ingenuity helicopter would take to the Martian skies over the weekend, but the agency announced late Friday that liftoff was delayed until at least April 14 because of a software issue.

Microsoft Deploys Silent Patch to Fix Gaming Performance After April Updates
Microsoft Deploys Silent Patch to Fix Gaming Performance After April Updates

Microsoft is releasing a Known Issue Rollback (KIR) to address problems with a pair of system updates from earlier this month. The company now confirms that a "small subset" of Windows 10 systems suffered poor game performance after the updates.