By now, you’ve probably heard about Spectre and Meltdown, two vulnerabilities that were recently discovered by Jann Horn and a team from Google’s Project Zero. These are not software viruses, but hardware bugs that exploit critical design flaws in Intel, AMD, ARM and POWER chips that will impact every single computer made in the past 20 years, as stated by Amazon.
To state the obvious, but because processors handle extremely sensitive data, including passwords and encryption keys, an attack on a computer chip can quickly turn into a serious security concern for computer systems of every size—including phones, laptops, desktop systems, and hyper-converged data storage systems. The following is an overview of the two hardware vulnerabilities and how it may impact you and the performance of your storage devices.
Meltdown Creates Mayhem on CPU Performance
Elusive Spectre Is Harder to Mitigate
Spectre is slightly different from Meltdown, although it poses a similar type of threat as Meltdown in that it can exploit the processor to obtain secure application information. It affects all processors and is the more dangerous threat of the two because even though it requires more knowledge to set up, it is less understood and harder to mitigate. Spectre breaks the isolation between different applications and allows hackers to fool the applications (even the stable versions of the respective application) running on a machine to give up secret information from the Kernel module of the operating system.
The Good News and the Bad News
The good news is that according to the UK’s National Cyber Security Centre, no trace of Meltdown or Spectre has been detected on any machine around the globe. The bad news? These attacks are so sensitive that they are difficult to detect. Other cybersecurity experts predict that hackers will quickly develop programs to start attacking users, now that the vulnerabilities are public. The good news? Leading tech companies from Apple to Red Hat are already releasing fixes at the time of this publication.
The Impact to DataCore Performance
As mentioned, there is a general consensus that mitigation efforts for Meltdown and Spectre will create performance degradation. Could this impact previously published benchmark results for DataCore storage devices? The Storage Performance Council (SPC -1) leveraging Transaction Processing Performance Council (TPC) benchmark involves two components: a host running Windows or Linux generating the load and the test system. The load generator will likely be using kernel services at high frequency and as a result will incur an extra cost as a result of a mitigation. Extra resources may need to be added in order to re-create the same load. This does not invalidate previously published results since, in general, benchmarks are designed to determine the performance of the system under test rather than the load generator. In general, though, it is likely that reproducing benchmarks published by some vendors will not be possible. If the system under test is external, it could be considered a “closed” system, which means the cost of mitigation will be borne by the hosts and the storage device performance under test will not be affected.
We believe that SPC-1 will continue to produce comparable and reliable indicators of storage performance, even when mitigation is applied. In other words, as vendors continue to produce SPC-1 results, we can expect SPC-1 to continue to produce a reliable indication of device performance, comparable to current and previous results—but vendors may need to use more hosts to produce their results.
Key Security Takeaways
In the event that a DataCore installation has been compromised, the risk of data under management being exposed currently appears to be almost zero. In order for Meltdown to gain unauthorized access, the memory needs to have a virtual address assigned to it, which is not the case for the DataCore cache.
A virtual address will be assigned temporarily to individual cache buffers when performing specific operations on a snapshot, replicating data, or allocating storage to a thinly provisioned volume, but this is released as soon as the operation is complete. Given that the reported data access rate using Meltdown is up to 503KB/s, it is implausible that an attacker would be able to identify a temporary mapping and extract data in the time available.
Spectre is based around manipulating the CPUs “branch prediction” to force an application to speculatively execute unintended code paths and leak private information from the application. For this to work, the attacker needs to be sharing the CPU with the application, perhaps through hyper-threading. There is currently no effective software workaround to completely protect against this type of attack. However, the information about Spectre suggests that network-based attacks are conceivable, but has not been demonstrated in practice with any reports of real-world attacks.