Announcement

Collapse
No announcement yet.

Epic Services & Stability Update

Collapse
X

Epic Services & Stability Update

Collapse
  • Filter
  • Time
  • Author membership
  • Show
Clear All
new posts

  • #16
    Originally posted by Blue man View Post
    Galaxitus, true but not really. This is a flaw in Intel cpu architecture (hardware level problem). Basically with Intel CPUs Kernel has full control over CPU memory (aka cache), malicious software working on a Kernel level can read the data from that memory and that is a security risk. This can be patched with a firmware and OS updates. Almost all cloud services run Intel chips so we will probably be seeing some major services and websites going down for a few hours or days.
    You do know that it's been shown to be the case of every Intel CPU, AMD CPU and even some custom CPU being tested, right? It started with Intel CPU, but now it's being "discovery" as a general physical hardware flaws.
    The only "permanent" fix is to change the CPU with another one that doesn't have the flaws... which doesn't exists yet on the market.
    Meltdown is only affecting the Intel. Spectre affect everything.
    Last edited by Galaxitus; 01-06-2018, 12:29 PM.

    Comment


    • #17
      We are talking about Meltdown here not Spectre, Spectre is harder to exploit and a lot harder to fix.

      Comment


      • #18
        Originally posted by Galaxitus View Post

        You do know that it's been shown to be the case of every Intel CPU, AMD CPU and even some custom CPU being tested, right? It started with Intel CPU, but now it's being "discovery" as a general physical hardware flaws.
        The only "permanent" fix is to change the CPU with another one that doesn't have the flaws... which doesn't exists yet on the market.
        Meltdown is only affecting the Intel. Spectre affect everything.
        AMD is not susceptible to Meltdown which is the hardest to deal with as this is a hardware design issue.
        AMD can be effected by Spectre if they have hardware access (unlike intel), but this is being resolved with a software update that is not expected to cause any performance degradation.
        Out of the 3, AMD seems mostly clear of this already.

        Comment


        • #19
          Stop whining everybody.

          Comment


          • #20
            Lots of misinformation on this thread, the performance impact is due to kernel page table isolation or KPTI ( https://en.wikipedia.org/wiki/Kernel...able_isolation ) what this does is prevent a malicious application from using a spectre like attack to find out where the kernel puts it's data in physical memory.
            It does this by making sure the kernel's memory map is not in the TLB ( https://en.wikipedia.org/wiki/Transl...okaside_buffer ) while usermode code is executing, requiring it to re-load the table and flush it again every syscall or scheduler interrupt

            This has a huge affect on syscall heavy loads like webservers, SQL servers, and especially game servers which are expected to take in millions of small packets a second each of which requires one or more syscalls to handle.

            So far Intel CPUs are the only ones affected by Meltdown because they allow speculatively executed code to access memory outside of your process, whereas AMD CPUs do not.

            There are 2 other variants of Spectre which have not been fixed yet:
            • Variant 1: bounds check bypass (CVE-2017-5753)
            • Variant 2: branch target injection (CVE-2017-5715)
            AMD CPUs are only affected by variant 1, which can only be used to bypass your own processes ASLR unless you have the eBPF JIT enabled on Linux (typically for servers, not on by default) which allows you to leak kernel memory. AMD has stated this can be patched easily with software.

            Variant 2 allows you to read all kernel memory given some basic information about the host.

            Spectre 1 and 2 have been shown to work in the browser on Intel systems, all the major browsers will be dropping updates to prevent this (probably by making high precision timers less accurate)
            There is also a compiler patch that can be used to prevent malicious applications from doing speculation on your code or manipulating branch prediction, https://support.google.com/faqs/answer/7625886 but it does severely degrade performance.

            Comment


            • #21
              So.. It's not keeping it from working entirely. I've been playing all day, with a little bit of an issue initially getting connected.

              Comment


              • #22
                To clarify, the Kernel Page Table Isolation patch for Linux, as well as the recent kb4056892 patch for Windows (https://support.microsoft.com/en-us/...date-kb4056892) are to directly address Meltdown, not Spectre.
                Originally posted by [EPIC] SKY-LG View Post

                The following chart shows the significant impact on CPU usage of one of our back-end services after a host was patched to address the Meltdown vulnerability.

                I appreciate the CPU utilization graph for a Fortnite backend server. However, I feel that without a before pic, it is difficult to accurately understand what kind of impact the patch for Meltdown has on the game servers, and therefore what to expect as a player.

                Comment


                • DestructoSloth commented
                  Editing a comment
                  That does essentially contain a "before pic."

                  At the time, one server was patched. The other 2 were not.

                  Blue and yellow represent unmatched server load. Green is patched load. The jump is post patch.

              • #23
                Do you really need this patch?

                Do you share your cloud servers with other users?

                If not, consider hosting your services on dedicated bare metal servers, preferably with AMD processors. Turn off the patch and enjoy full performance (probably better than before).

                Comment


                • #24
                  They use Amazon cloud services I believe, hosting their own servers would be extremely expensive. And yes they need the patch, Meltdown is major security breach.
                  AMD is in even worse position, they were not affected by Meltdown but with a lot more serious Spectre. AMD CPUs might be able to run tetris when the patch for that comes out, it is predicted that the patch will degrade the single threaded performance massively and they might have to disable SMT which would be really bad if it comes to that.

                  Comment


                  • #25
                    Has the tested system PCID-enabled CPUs? PCID should mitigate the cost of kernel-calls through KPTI.

                    Comment


                    • #26
                      Originally posted by Blue man View Post
                      They use Amazon cloud services I believe, hosting their own servers would be extremely expensive. And yes they need the patch, Meltdown is major security breach.
                      AMD is in even worse position, they were not affected by Meltdown but with a lot more serious Spectre. AMD CPUs might be able to run tetris when the patch for that comes out, it is predicted that the patch will degrade the single threaded performance massively and they might have to disable SMT which would be really bad if it comes to that.
                      Most vendor CPUs are affected by Spectre, not exclusively AMD... the misinformation in this thread is insane, read up on things properly before posting.

                      Comment


                      • #27
                        Originally posted by Galaxitus View Post
                        This affect about 99% of the hardware in the world including the consoles, smartphone, tablet, PCs, etc..

                        Now (fix): (RAW_DATA + ENCRYPT_DATA) > Processor > STORE_ENCRYPTED_DATA > Processor, then when requested, (DECRYPT_DATA + CHECK_DATA) > Processor > ERASE_DATA_FROM_RAM > Processor.

                        With the fix, the processor isn't used as much, but each time, the calculated data is bigger.
                        (If you don't get why it's slower... It's similar to how we think when we calculate. What's faster?.
                        This is literally the most incorrect 'explanation' of this issue that I've came along by now.

                        What roughly happens in easy language: ("Spectre" Exploits:)

                        Most modern CPUs use so called "out of order execution". This means that an application function which will highly probably be called is executed way before it's actually supposed to be executed. Why? It saves time because the function output data is already stoned in the CPU when the function will be actually called. If the processor expected a certain function to be called but it actually wasn't called (due to numerous reasons) it has to remove the data it stored in the cache. If your timing is right (which is hard to do it possible with the exploits) you can get that data before it's removed. These exploits are hard to abuse but also hard to fix. And for one of the Spectre exploits every application has to be fixed in itself. Also AMD CPUs are NOT specially affected by Spectre, for one of the exploits the basic fix is already a default state of the CPUs which results in a near zero risk. Don't spread wrong information just to protect your favorite CPU vendor.


                        Additionally nearly all Intel x86 CPUs (and some ARM processors) have a bug with the mapping of virtual RAM to physical RAM. The Meltdown Exploit uses this bug to break out of its user space into Kernel space (so to say master admin of the system). The bugfix (called KPTI) that impacts the performance is only needed on Intel CPUs (guess what all server operators bought over the years) and affects performance between 0-20%, but on newer generations (6th Gen and younger) it can decrease performance up to between 20-50%. This is why the servers of Epic Games have such performance problems atm.

                        Originally posted by fredbe View Post
                        Do you really need this patch?

                        Do you share your cloud servers with other users?

                        If not, consider hosting your services on dedicated bare metal servers, preferably with AMD processors. Turn off the patch and enjoy full performance (probably better than before).

                        ​​​​​​​The KPTI Patch for Meltdown is mandatory if you don't want security breaches. And as they use AWS Cloud they have to rely on the patch.
                        Last edited by psYcho-edgE; 01-08-2018, 10:39 AM.

                        Comment


                        • fredbe commented
                          Editing a comment
                          The KPTI Patch is not mandatory. If the physical machine has processors that are not affected by Meltdown, or runs trusted code only, you wouldn't need it. However, with Intel on virtualized cloud servers (that might run code from third parties in other vms) you've lost.

                      • #28
                        Originally posted by Furinyx View Post

                        Most vendor CPUs are affected by Spectre, not exclusively AMD... the misinformation in this thread is insane, read up on things properly before posting.
                        I didn't say that only AMD is affected but it is predicted that AMD will have the biggest consequences, their SMT system might need to be disabled for the exploit to be fixed. Read about it before posting please...

                        Don't spread wrong information just to protect your favorite CPU vendor.
                        I was on AMD for 15 years, switched to Intel a year ago. AMD was my favorite CPU vendor and still is but I won't spread lies just to make them look better.
                        Last edited by Blue man; 01-08-2018, 09:51 AM.

                        Comment


                        • #29
                          this is been going on for 3 weeks now when is this getting fixed LAG black screen its seems like u guys are pulling a EA on us? taking our money!!! and giving us a run around how aboutt helping PE instead of PVP lol u really should start helping out the fans that are going to make this game

                          Comment


                          • #30
                            We paid for the PVE game and get no stable service.... you guys have to serve more service to the pve instead of the free pvp.... get into it. It is now 3 weeks that PVE have the problems and nothing happend... but every few days you update the BR..... That is not the Mode i paid for.... Thats not Professional.... Today I kicked aout 3 Missions before ending them... thats frustrating and don't let a good light on you. I've to start the mission every time again and don't know I can finish it. so come to be professional and fix it. WE PAID FOR IT....
                            Last edited by Invisibletouch; 01-08-2018, 05:31 PM.

                            Comment

                            Working...
                            X