Larabee was fun to program, but I think it'd have an even worse time hardening memory sideband effects: the barrel processor (which was necessary to have anything like reasonable performance) was humorously easy to use for cross-process exfiltration. Like... it was so easy, we actually used it as an IPC mechanism.

"if Intel or AMD announced a new gamer CPU tomorrow that was 3x faster in most games but utterly unsafe against all Meltdown/Spectre-class vulns, how fast do you think they'd sell out"

Well, many people have gaming computers, they won't use for anything serious. So I would also buy it. And in restricted gaming consoles, I suppose the risk is not too high?

We already have heterogeneous cores these days, with E and P, and we have a ton of them as they take little space on the die relative to cache. The solution, it seems to me, is to have most cores go brrrrrr and a few that are secure.

Given that we have effectively two browser platforms (Chromium and Firefox) and two operating systems to contend with (Linux and Windows), it seems entirely tractable to get the security sensitive threads scheduled to the "S cores".

I agree at a gut / instinct level with that thought.

SINGLE thread best and worst case have to be the same to avoid speculation...

However for threads from completely unrelated domains could be run instead, if ready. Most likely the 'next' thread on the same unit, and worry about repacking free slots the next time the schedule runs.

++ Added ++

It might be possible to have operations that don't cross security boundaries have different performance as operations within a program's space.

An 'enhanced' level of protection for threads running a VM like guest code segment (such as browsers) might also be offered that avoids higher speculation operations.

Any operation similar to a segmentation fault relative to that thread's allowed memory accesses could result in forfeit of it's timeslice. Which would only leak what it should already know anyway, what memory it's allowed to access. Not the content of other memory segments.

> how fast do you think they'd sell out?

10-20 min, depending on how many they make :)

Itanium allegedly was free from branch prediction issues but I suspect cache behavior still might have been an issue. Unfortunately it's also dead as a doornail.

I wonder how that would play with anti-cheat systems, if the system has known vulns.

>if Intel or AMD announced a new gamer CPU tomorrow that was 3x faster in most games but utterly unsafe against all Meltdown/Spectre-class vulns, how fast do you think they'd sell out?

I do realize that gamers aren't the most logical bunch, but aren't most games GPU-bound nowadays?

Also, a good chunk of these vulnerabilities (Retbleed, Downfall, Rowhammer, there's probably a few I'm forgetting) are either theoretical, lab-only or spear exploits that require a lot of setup. And then the leaking info from something like Retbleed mostly applies to shared machines like in cloud infrastructure.

Which makes it kind of terrible that the kernel has these mitigations turned on by default, stealing somewhere in the neighborhood of 20-60% of performance on older gen hardware, just because the kernel has to roll with "one size fits all" defaults.

It depends on the severity of the problem, and the impact on the customers already using these systems. It may be more economical for the customer to apply a patch and lose a few percent of peak performance than to put thousands of boxes offline and schedule personnel to swap CPUs. This is to say nothing of the hassle of bringing your new laptop to a service center, and taking a replacement, or waiting if your exact configuration is unavailable at the moment.

Sadly you're right. And obviously we're not about to give up on high IPC. I get it and I'm not judging -- it's just a bit saddening.

For most of these vulnerabilities the risk is low, but keep in mind that your web browser runs random untrusted code from all over the Internet in a VM with a JIT compiler. This means you can't rule out the possibility that someone will figure out a way to exploit this over the web reliably, which would be catastrophic.

"Attacks only get better."

I am not convinced either but I am willing to bet some software is adversarial and will try to exfiltrate data. F.ex. many people look suspiciously at Zoom and Chrome.

So as long as stuff is not perfectly isolated from each other then there's always a room for a bad actor to snoop on stuff.

Huh?

No one said to buy AMD because they don't make mistakes. AMD just currently makes a better product overall.

I do not think you are accurately recounting what people said.

Was told by whom?