Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Do Spectre/Meltdown Fixes Affect The Linux Kernel? (phoronix.com)

Posted by EditorDavid on from the benchmarking-bugs dept.

"Using the newly minted Linux 4.19 feature code, fresh benchmarks were carried out looking at the performance cost of Spectre/Meltdown/Foreshadow mitigations on Intel Xeon v. AMD EPYC CPUs," writes an anonymous Slashdot reader: Workloads affected by these CPU vulnerabilities mainly deal with I/O and frequent kernel calls while CPU bound tests are still found to be minimally impacted. When toggling these mitigations on Linux 4.19, Intel Xeon CPUs were found to be 10~15% slower with the default kernel while AMD EPYC CPUs dropped to about 5% slower.

11 of 29 comments (clear)

  1. Re:EPYC problem by Tough+Love · · Score: 4, Informative

    The only problem with AMD processors is they don't implement transactional memory operations.

    I can understand your concern if you need this for research, but as an optimization, transactional memory has so far proved pretty underwhelming.

    --
    When all you have is a hammer, every problem starts to look like a thumb.
  2. Re: Haven't noticed much by Tough+Love · · Score: 3

    Basically, this completely erases Intel's single thread advantage over AMD. I am sure that Intel will fix their speculative execution blunders in some future processor generation, I suspect it can be fixed without any slowdown, just re-engineering and maybe a bunch more transistors in the cache and dispatch logic. But by the time Intel does fix it AMD will already be shipping 7nm processors. So I don't see Intel getting back into the high end processor lead any time soon.

    It's a one-two-three whammy for Intel. Almost starting to feel sorry for them. Almost.

    --
    When all you have is a hammer, every problem starts to look like a thumb.
  3. Re:EPYC problem by dmpot · · Score: 4, Informative

    The only problem with AMD processors is they don't implement transactional memory operations.

    Aside some very specific use cases, transactional memory does not offer much in terms of performance. Moreover, transactional memory helps a lot with Timing Side Channel Attacks against the kernel. For example: https://www.blackhat.com/docs/...

  4. Re:As expected by gweihir · · Score: 2, Insightful

    Indeed. And this partially explained why Intel was ahead of AMD speed-wise. They played fast and loose and f*** the customer.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  5. Re:Haven't noticed much by Zontar+The+Mindless · · Score: 1

    Try compiling a few editions of a popular database server every day. You'll notice.

    --
    Il n'y a pas de Planet B.
  6. Re:Protect yourself with APK Hosts File Engine... by Zontar+The+Mindless · · Score: 2

    Where's the BeOS port you promised us in 1997?

    --
    Il n'y a pas de Planet B.
  7. Re:EPYC problem by Anonymous Coward · · Score: 1

    AMD doesn't even make true multi core CPUs. It's just a bunch of half cores glued together with a hackneyed bus to connect them. I will stick with Intel because they have true multi core CPUs where the cores are all full cores and directly tied together as one CPU.

  8. Re: Haven't noticed much by thegarbz · · Score: 1

    What are you talking about. The CPU still performs exactly what they selected. The user chooses to run expensive code that mitigates security vulnerabilities that don't affect most use cases.

    Personally I don't have any Spectre / Meltdown mitigations enabled. The security tradeoff isn't worthwhile. Plus if I really wanted security I would print off my packets on the printer, carry them to the computer on the other end of the internet and scan them in again. But ... lag.

  9. Re: Haven't noticed much by thegarbz · · Score: 2

    So I don't see Intel getting back into the high end processor lead any time soon.

    Why are you implying they aren't in the lead? Users can chose optimised code paths at the expense of security. We do this all the time and the trade off is in terms of risk vs reward. Just like when you log into your online bank instead of walking to the branch and manually doing your banking you make the same trade-off.

    Users don't need to run Spectre / Meltdown mitigations, not only from a choice point of view, but also because the risk profile is so incredibly low for the vast majority of use cases it doesn't actually make any sense for a typical user. End result: Speed.

    If my workloads weren't often multi-threaded then Intel would still be the performance king, but lets face it... my next CPU will be a Ryzen.

  10. Re: Haven't noticed much by Highdude702 · · Score: 1

    The slow downs are from klunky software fixes, as soon as they engineer new chip design to mitigate this, they can get the speed back if they're skilled.

  11. Talk to me about OpenSSH not the kernel by Seven+Spirals · · Score: 1

    Local exploits are a lot harder to pull off than remote exploits. The primary gatekeeper of the worlds IT device is Secure Shell. I just have one simple question: If this shit is so catastrophic and bad like we've been hearing, then where the fuck are the OpenSSH remote root exploits? Bullshit flag thrown. Now point me to the exploit code that returns a root prompt and I'll drink your security Chicken Little kool-aid. Until then *yawn*.