On 3rd January 2018 news broke that there was a problem with Intel, ARM and AMD chips that had been known about for at least 6 months that can give rise to security risks. These risks have been named, “meltdown” and “spectre”. Isn’t it funny how these things are never called “flopsy” and “mopsy”! In this post we’re going to examine the issues and understand how it relates to what you learn at GCSE and A’level in Computer Science about processor architecture.
Problems with the cache and pipelining
In order to increase speed, modern CPUs fetch instructions and execute them in advance of them being needed. Copies are stored in the cache. If the instruction is then not needed, the instruction and data are discarded. However, data in the cache could technically be extracted. Created by instructions that should never be executed. The operating system will check these nefarious programs have a right to access this data, but often this is not done before the code from the instruction has been executed, so it is too late.
When you write a program using an array, you will be familiar with code such as:
name = “Ben”
name = “Tyler”
What is stored in name? Well, not usually nothing. Since the index is just a pointer to a memory address, that memory location will usually contain something. The next piece of data or instruction is usually the next one in memory, particularly with arrays. Therefore it makes sense to pre-load it. Since the contents of this address is pre-loaded into the cache, it could be possible to extract data beyond the scope of the array.
How this fits into the specification
Whilst students don’t need to know about this specific case study, the following concepts should be understood at GCSE: fetch, decode, execute, RAM, cache, factors affecting the speed of the computer, arrays, indexes, sequence, selection and iteration (3 programming constructs). At A’level students also need to know about pipelining and flushing the pipe. Therefore, this article provides a good context for a class discussion and Q&A about these concepts, and how they relate to each other.