Security news that informs and inspires

Torvalds Favors Memory Protections in AMD Chips


Personal computers using AMD Ryzen processors can protect memory from various attacks, which isn’t the case for comparable machines from Intel. Linus Torvalds, the creator of Linux, criticized Intel for not supporting the security feature on its non-server processors and noted that AMD offers the feature (unofficially) on its consumer platform.

Memory can be corrupted if a bit is flipped, and there are various attack techniques that change data in memory to collect leaked information or to manipulate calculations. Rowhammer, for example, is a technique that relies on rapid repeated reads of the same memory location to cause changes in adjacent locations. Rowhammer can be used in privilege escalation exploits and other network-based attacks.

ECC, or error_correcting code, is a way to fix these types of memory issues, as additional parity bits are used to verify that the data read from memory is the same as the data was written. Unfortunately, ECC memory is extremely difficult to find—and when found, tend to be expensive. In a discussion on Real World Tech forum, Torvalds blamed the scarcity on the fact that Intel supported ECC only for Xeon processors, which are aimed at servers and high-end workstations. Intel touts how Xeon processors work with ECC memory “to automatically find and fix soft memory errors” in its promotional materials.

But not including ECC support on mainstream platforms, including the Core processors, Intel “made the market for ECC memory go away,” Torvalds wrote.

ECC memory used to be standard and accessible in the past, Torvalds said, but the fact that Intel supported ECC only on high-end platforms reinforced the idea that consumers didn’t need ECC. ECC memory needs to work with the motherboard and the CPU—so the fact that the processors used for consumer computers didn’t support ECC meant there was no incentive for manufacturers to create ECC memory for consumers.

“The ‘modern DRAM is so reliable that it doesn't need ECC’ was always a bedtime story for children that had been dropped on their heads a bit too many times,” Torvalds wrote.

Torvalds is hyper-focused on memory issues because it impacts the work he does for the Linux kernel, and has been publicly critical about the lack of ECC memory for years. “We have decades of odd random kernel oopses that could never be explained and were likely due to bad memory. And if it causes a kernel oops, I can guarantee that there are several orders of magnitude more cases where it just caused a bit-flip that just never ended up being so critical,” he wrote. Kernel errors that were the result of a hardware issue and not a code issue could have been fixed with ECC.

“I want this fixed, and I want ECC,” Torvalds wrote. “And AMD did it. Intel didn't.”

Even though AMD’s support for ECC in Ryzen (and Threadripper) is unofficial, Torvalds said it is still a better alternative since consumers are able to pay for mainstream platforms and get the option to use ECC. If they were looking for ECC from Intel, their only choice would be to pay for server-class hardware. There are some challenges with unofficial support since some motherboards may not be able to work with ECC at all, and the fact that it works may not be clearly documented.

“And the fact that it's ‘unofficial’ for AMD doesn't matter. It works. And it allows the markets to - admittedly probably very slowly - start fixing themselves,” Torvalds said.

Torvalds noted that memory manufacturers are beginning to incorporate ECC internally because “they finally owned up to the fact that they absolutely have to." Even Intel’s own promotional materials acknowledge that faster CPUs and processors means that “soft memory errors occur more and more frequently,” and that “1 in 3 systems experience one or more correctable memory errors a year.”

“Just look at multiple generations of rowhammer, where each time Intel and memory manufacturers bleated about how it's going to be fixed next time. Narrator: ‘No it wasn't,’” Torvalds said.

Restricting ECC memory to just Xeon processors also priced out people who were willing to pay for the feature. The Intel’s Xeon CPUs were too expensive—”twice the CPU for five times the price”—and users (Torvalds included) ended up using consumer CPUs because they were sufficient for most workloads. But there was clearly a demand for alternatives—and Torvalds was “was more than happy to switch away from them [Intel],” once prices dropped. AMD’s Ryzen Threadripper was ”much closer to ‘twice the price for twice the CPU,” which means users could beef up their processors without paying server prices.

"I used to look at the Xeon CPU's, and I could never really make the math work,” Torvalds said.