The point is the Linux Kernel is covering the same security mitigations which make the CPU level ones redundant. If all users are using the Linux Kernel, why would it be an issue?
Depends on how you use your system if you have multiple users. CPU mitigations wont protect GPU workloads, and vice versa. If your CPU was mitigating GPU workloads, that would probably be a massive performance loss.
The vulnerability is all on the CPU side. The GPU workloads being referenced are only vulnerable on the CPU instruction set used to pass workloads to the GPU.
Talking about CPU and GPU workloads as entirely separate in this context is misleading as the vulnerability is with CPU code execution that passes tasks to the GPU.
The GPU is not vulnerable to this particular attack, only the CPU is.
As you can see here impacted hardware is all CPU side, you can also read about how the proposed attacks work.
Forgive me. Just trying to understand. How does the kernel flag NEO_DISABLE_MITIGATIONS have any affect on the CPU? Seems to be targeted towards OpenCL and Level Zero, which are APIs to access GPU hardware directly.
This is fine for single user systems. If your system allows more than 1 users, this is probably not something you want to do.
The point is the Linux Kernel is covering the same security mitigations which make the CPU level ones redundant. If all users are using the Linux Kernel, why would it be an issue?
Depends on how you use your system if you have multiple users. CPU mitigations wont protect GPU workloads, and vice versa. If your CPU was mitigating GPU workloads, that would probably be a massive performance loss.
That’s not how this works.
The vulnerability is all on the CPU side. The GPU workloads being referenced are only vulnerable on the CPU instruction set used to pass workloads to the GPU.
Talking about CPU and GPU workloads as entirely separate in this context is misleading as the vulnerability is with CPU code execution that passes tasks to the GPU.
The GPU is not vulnerable to this particular attack, only the CPU is.
As you can see here impacted hardware is all CPU side, you can also read about how the proposed attacks work.
https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/spectre.html
Forgive me. Just trying to understand. How does the kernel flag
NEO_DISABLE_MITIGATIONShave any affect on the CPU? Seems to be targeted towards OpenCL and Level Zero, which are APIs to access GPU hardware directly.Or if you run untrusted code. Including code that might be susceptible to a compromised developer or a supply chain attack.
Or you use a web browser
I read in another comment about this that the safeguards in the kernel would still remain. The hardware just wouldn’t do it by itself.
The kernel mitigations would be for the CPU, not the GPU.