IBM PCIe3 Ethernet Decoder

Some modern Ethernet adapter decoder wheel information.

PCIe2 4-Port (10GbE SFP+ & 1GbE RJ45) Adapter
PCIe2 4-Port Adapter (10GbE SFP+) (e4148a1614109304)
PCIe2 4-Port Adapter (1GbE RJ45) (e4148a1614109404)
FRU Number.................. 00E2715
Customer Card ID Number..... 2CC3
Part Number................. 00E2719
Feature Code/Marketing ID... EN0S or EN0T
Make/Model: Broadcom NetXtreme II 10Gb
Code Name: Shiner

PCIe3 10GbE RoCE Converged Host Bus Adapter (b31507101410eb04)
RoCE Converged Network Adapter
2-Port 10GbE RoCE SR PCIe 3.0
Part Number................. 00RX871
FRU Number.................. 00RX875
Feature Code/Marketing ID... EC2M / EC2N / EC37 / EC38 / EL3X / EL40
Customer Card ID Number..... 57BE
Make/Model: Mellanox ConnectX-3 Pro / Gen 3.0 x8 10GbE
Code Name: Core

PCIe3 4-Port 10GbE SR Adapter (df1020e21410e304)
PCIe3 4-port 10GbE SR Adapter, NIC PF
Part Number................. 00ND462 or 00ND464 or 00ND468 or 00RX863
Feature Code/Marketing ID... EN15 or EN16
Customer Card ID Number..... 2CE3
Make/Model: Emulex OneConnect NIC (Lancer) (rev 30)

I believe the 4-port 1gbit PCI cards are Intel.

Emulex, Brocade, and Broadcom are all owned by the same company as of 2016. Currently known as “Broadcom, Inc.”, the parent was formerly Avago, formerly Agilent, and formerly the semiconductor division of HP.


Security Defect in Intel, ARM and AMD processors

THE RISK:
The defect allows a user process to read any system memory.
A VM can read memory from the host or another guest in some environments.

WHAT IS AFFECTED:
This does NOT affect POWER/PPC architecture.
Only some of this affects AMD, and only in some modes.
Almost every ARM and Intel processor since 1995 is affected.
That includes desktops, laptops, servers, cellphones, routers, automobiles with Sync/Onstar/autopilot, etc.

DISCOVERY:
This defect was reported in June, 2017, but due to pervasiveness, has been embargoed.
It is only fully described now because patch notes leaked the problem.

THE FIX:
The actual fix would be replacement of the affected CPUs with new silicon, which does not exist yet.
There is a partial software workaround which decreases system performance.

TECHNICAL:
The issue is because the processor does not perform access checking prior to loading L1 cache.
Due to this design issue, data can be forced into L1 cache, and read, before access is denied by the TLB.
It’s fairly slow, at around 2k/second, but a long-running process can harvest everything.

Hardware Statuses:
• ARM has provided workarounds to vendors, but it’s up to them to implement
• Intel’s CEO sold off as much of his stock as possible last year after glowing projections.
• Not a peep from AMD.
• POWER/PPC is not affected.

Software Statuses:
• Windows included a partial workaround in the November security rollup.
• MacOS released a partial workaround in December’s 10.13.2
• Linux included a partial workaround in the mainline kernels 4.15, and 4.14.11.
• The workarounds decrease performance between 1% and 45% depending on the workload.
• Cloud providers are scheduling maintenance January 2018.

More Reading:
• Community: https://spectreattack.com
• Google: https://googleprojectzero.blogspot.com/2018/01/reading-privileged-memory-with-side.html
• Workaround: https://en.wikipedia.org/wiki/Kernel_page-table_isolation
• AMD: https://www.amd.com/en/corporate/speculative-execution
• A better write-up: https://techcrunch.com/2018/01/03/kernel-panic-what-are-meltdown-and-spectre-the-bugs-affecting-nearly-every-computer-and-device/
• Outlet that broke the embargo: https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/