Linux 4.20 is Running Slower Than 4.19 On Intel CPUs (phoronix.com)

← Back to Stories (view on slashdot.org)

Linux 4.20 is Running Slower Than 4.19 On Intel CPUs (phoronix.com)

Posted by msmash on Friday November 16, 2018 @10:05AM from the closer-look dept.

Freshly Exhumed writes: An intentional kernel change in Linux kernel 4.20 for enhanced Spectre mitigation is unfortunately causing Intel Linux performance to be much slower than with 4.19. That change is 'STIBP' (Single Thread Indirect Branch Predictors), which allows for preventing cross-hyperthread control of decisions that are made by indirect branch predictors. It affects Intel systems that have up-to-date microcode and CPU Hyper Threading enabled. Phoronix gives the evidence.

61 of 137 comments (clear)

Min score:

Reason:

Sort:

Give it a break by medv4380 · 2018-11-16 10:16 · Score: 5, Funny

It's just high.
Four Twenty? by Esion+Modnar · 2018-11-16 10:17 · Score: 5, Funny

There's a joke here somewhere. If I weren't so stoned...

--

They say the first thing to go is your penis. Well, it's either that or your brain. I forget which...
1. Re: Four Twenty? by Anonymous Coward · 2018-11-16 10:44 · Score: 1
  
  Funding secured.
2. Re: Four Twenty? by Aighearach · 2018-11-16 16:13 · Score: 2
  
  Funding secured.
  A spectre of a deal!
Re:The PRICE We Pay For NICE Linus by Anonymous Coward · 2018-11-16 10:22 · Score: 4, Insightful

BRING BACK MEAN LINUS
Linux 4.20 man! by SpencerWilliams · 2018-11-16 10:25 · Score: 1

Wooohooo!
This is intels problem by Shaitan · 2018-11-16 10:26 · Score: 5, Insightful

Linux kernel doesn't let your insecure and sloppy design do things that compromise the security of the OS. Sounds like a feature to me.
1. Re:This is intels problem by should_be_linear · 2018-11-16 19:52 · Score: 1
  
  There is room for two versions of microcode / kernel: default (slow) and root (fast) mode. In root mode there can be only one (root) user, but everything runs much faster. There is lot of offline computers (like supercomputers) which would benefit from this, even 20% of performance, it seems.
  
  --
  839*929
2. Re:This is intels problem by Chris+Mattern · 2018-11-17 01:54 · Score: 1
  
  There is room for two versions of microcode / kernel: default (slow) and root (fast) mode. In root mode there can be only one (root) user, but everything runs much faster.
  Let's see here. We'll give people a choice between an immediate, measurable advantage and an advantage they won't see until the failure hits. Gee, I wonder which one everyone will choose, and then get hacked for.
3. Re:This is intels problem by Chris+Mattern · 2018-11-17 01:56 · Score: 1
  
  No, it's just that linux sucks.
  To an extent, I'm willing to grant that. So, what sucks less than Linux?
4. Re:This is intels problem by Shaitan · 2018-11-17 09:42 · Score: 1
  
  It wouldn't be fast and slow mode, it would be not intentionally left insecure and swiss cheese mode.
5. Re:This is intels problem by Chris+Mattern · 2018-11-18 02:54 · Score: 1
  
  MenuetOS.
  Uhhhh....
  Non-POSIX, apparently not compatible with anything else, almost no documentation I could find, no evidence of usable apps (if there is an office suite, web browser or email client for it there was no mention of them that I could find), development environment centered around assembly language...
  Pass.
Re:Intel? by StormReaver · 2018-11-16 10:35 · Score: 3, Insightful

Remember how Jeff Bezos just recently said that once Amazon stopped focusing on customers, it was going to be the beginning of the end of Amazon? Intel stopped focusing on customers the moment it knowingly sacrificed security to maintain its near-monopoly on CPU's. While AMD has some issues with its chips, those issues pale in comparison to the wholesale don't-give-a-shit practiced by Intel.
I hope Intel has a huge, massively expensive decline.
AMD for the WIN!! will apple move mac pro over? by Joe_Dragon · 2018-11-16 10:36 · Score: 4, Interesting

AMD for the WIN!! will apple move mac pro over?
1. Re:AMD for the WIN!! will apple move mac pro over? by Kuruk · 2018-11-17 22:05 · Score: 1
  
  Apple are making their own CPU now. The iPad has more power than the Apple laptops. Shots fired at intel.
Re:What is worse... by Anonymous Coward · 2018-11-16 10:41 · Score: 3, Informative

You *can* have both secure and faster... with AMD.
420 running slower? Dude, WHO COULD HAVE KNOWN? by outlander · 2018-11-16 10:42 · Score: 2

Yeah, it doesn't make sense at all. ;)

--
"Truth is what works" -- William James "It works!!" -- o-dark-AM comment
Solution is simple by GerryGilmore · 2018-11-16 10:44 · Score: 5, Interesting

You can easily disable this patch with a boot command-line argument. Unless you are running a heavily VM-ed data center with shit for security, why would you cripple your system over the most esoteric hacks known to man and that - Oh! By the way! - require that you are running malware on your system already? (And spare me the horseshit about JS - that can ONLY happen in a carefully crafted environment.)
1. Re:Solution is simple by Anonymous Coward · 2018-11-16 10:55 · Score: 1
  
  I see you cannot be bothered to share with us how to easily disable this patch with a command line argument. I'm going to bet it's because it's not as easy to disable as you make it seem.
  But we wouldn't want to bother you with your amazing data center that has good security because you just paid to fix the problem with hardware. That's senior management thinking right there, Gerry!
2. Re:Solution is simple by Mysticalfruit · 2018-11-16 11:04 · Score: 5, Informative
  
  Add this to your kernel boot line:
  
  pti=off spectre_v2=off l1tf=off nospec_store_bypass_disable no_stf_barrier
  
  --
  Yes Francis, the world has gone crazy.
3. Re:Solution is simple by Espectr0 · 2018-11-16 11:31 · Score: 1
  
  why did the boot argument had to be so complicated? i would have named it disable_STIBP or even disable_spectre_fix
  
  --
  Open Source Java Web Forum with LDAP authentication
4. Re:Solution is simple by ArchieBunker · 2018-11-16 16:26 · Score: 1
  
  Just wait until boot arguments are considered obsolete like traceroute for example. This will get merged into systemd and you will have to issue the commands at shutdown instead of at boot time.
  
  --
  Only the State obtains its revenue by coercion. - Murray Rothbard
5. Re:Solution is simple by Highdude702 · 2018-11-17 02:18 · Score: 1
  
  #Hashtags are for people that don't belong on this site.
Intel got that speed from _somewhere_ by gweihir · 2018-11-16 10:48 · Score: 4, Insightful

There is now a price to pay. Not really a surprise.

--
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
1. Re:Intel got that speed from _somewhere_ by thegarbz · 2018-11-17 05:49 · Score: 1
  
  It's surprising to know the world is full of trade-offs. I happily pay the price knowing that the speed is far more important than the incredibly low risk that this security issue could be exploited against me. There's a reason that pretty much every specter and meltdown mitigation has been optional.
Re:Intel? by 110010001000 · 2018-11-16 10:50 · Score: 4, Insightful

Whats a Windows?
Re:IMPERSONATING ME AGAIN? apk by magarity · 2018-11-16 11:01 · Score: 1, Offtopic

Seriously, you might think you're so cool by annoying the other users but I for one am concerned for your health. Do you need medication or some other kind of help? It isn't normal to paste that stuff into every article.
Re: The PRICE We Pay For NICE Linus by Type44Q · 2018-11-16 11:10 · Score: 3

A-fucking-men.
Requires hyper threading. by Fly+Swatter · 2018-11-16 11:16 · Score: 4, Interesting

So technically not ALL Intel cpus.. I finally dodged one of the many bullets, I should buy a lottery ticket.
1. Re:Requires hyper threading. by Tough+Love · 2018-11-16 12:06 · Score: 1
  
  Or you could disable HT in the bios. Still sucks.
  
  --
  When all you have is a hammer, every problem starts to look like a thumb.
Re:The PRICE We Pay For NICE Linus by NicknameUnavailable · 2018-11-16 11:44 · Score: 1

#savelinus
Re:Intel? by NicknameUnavailable · 2018-11-16 11:47 · Score: 1

Your comparison is more accurate than you know. In actuality Intel stopped focusing on customers in favor of government snooping. Amazon is now doing the same, Bezos is just trying to appeal to the masses without breaking NDAs so he doesn't have to lose the consumer market for the government contracts.
Better title by Anonymous Coward · 2018-11-16 11:57 · Score: 1

Intel CPUs performance suffers for its bug mitigation in linux kernel 4.20.
1. Re:Better title by Philotomy · 2018-11-16 14:45 · Score: 1
  
  Mod parent up.
  This isn't a "Linux 4.20" problem, this is Intel's fault.
Re:Opps by saloomy · 2018-11-16 12:10 · Score: 4, Insightful

No. 4.19 was insecure, but faster. 4.20 is more secure, but slower. So? If I store my passwords in plain-text it's faster. Faster still if I don't have to do a DB lookup and just hard code some that I need.
4.20 is better. The performance penalty is the cost of better security in almost all computer operations (often negligible due to faster and faster chips). Because of hardware advancements though, it's most of the time a very worthwhile tradeoff. If your application suffers that much, size up the gear.
Re:IMPERSONATING ME AGAIN? apk by Anonymous Coward · 2018-11-16 12:16 · Score: 1

apk is a mentally ill person. His posts ebb and flow according to what's going on with his condition. It's usually best just to ignore him.
Re:Disableable? by F.Ultra · 2018-11-16 12:40 · Score: 4, Informative

You can disable it with a boot flag "spectre_v2=off nopti"
Re:Intel? by F.Ultra · 2018-11-16 12:43 · Score: 4, Funny

They usually call from India and want you to install some software on your computer since it has reported that it's being hacked. At least that is what they always say on the phone "Hello I'm calling from Windows" so that must be it.
Re:Opps by Tough+Love · 2018-11-16 12:49 · Score: 1

Most of the responses to this article are "AMD" so I don't need to say it. But I will anyway. AMD.

--
When all you have is a hammer, every problem starts to look like a thumb.
Re:Intel? by Kjella · 2018-11-16 12:54 · Score: 2

Remember how Jeff Bezos just recently said that once Amazon stopped focusing on customers, it was going to be the beginning of the end of Amazon? Intel stopped focusing on customers the moment it knowingly sacrificed security to maintain its near-monopoly on CPU's. While AMD has some issues with its chips, those issues pale in comparison to the wholesale don't-give-a-shit practiced by Intel.
And by "knowingly" you mean Intel did this on purpose? They can be dirty as hell doing damage control, but creating Meltdown/Spectre wasn't a conscious plan or at least then I'd really like to see your documentation that security was intentionally sacrificed. And as far as I know they're not making any significant revenue on anything other than selling CPUs, they're not in the data mining business nor to they take a cut of all applications running on an Intel nor are they selling your data to third parties. And no, Intel's management engine and AMD's TrustZone and Apple's T2 all pretty much do the same thing. They're far from saints, but on the evil scale they're not nearly at the top of my list.

--
Live today, because you never know what tomorrow brings
But why? by gmit · 2018-11-16 12:54 · Score: 1

Old, vulgar Linus would have never allowed that!
Re:Intel? by Tough+Love · 2018-11-16 12:55 · Score: 1

Got a couple of laptops still running Intel. My next laptop will for sure be AMD.

--
When all you have is a hammer, every problem starts to look like a thumb.
Re:Intel? by Tough+Love · 2018-11-16 13:04 · Score: 2

I hope Intel has a huge, massively expensive decline.
I hope that Intel becomes a better company with better products and that when the dust settles they will share the x86 market roughly equally with AMD. No dirty tricks now, Intel.

--
When all you have is a hammer, every problem starts to look like a thumb.
Re: Opps by Anonymous Coward · 2018-11-16 13:18 · Score: 3, Interesting

It's only worthwhile in some situations.
I manage around 15,000 hypervisors which have VMs that don't ever run untrusted or arbitrary code, they aren't internet connected, etc. A 10% performance hit means millions of dollars of additional compute and network infrastructure.
And don't tell me to use AMD either, the price vs. Performance ends up being more costly at the scale and density we require.... and that's pretending we could swap existing servers out for no cost.
Google? by JBMcB · 2018-11-16 13:45 · Score: 2

I thought Google had figured out a patch to circumvent this at the OS level that had negligible impact on performance?

--
My Other Computer Is A Data General Nova III.
1. Re:Google? by Anonymous Coward · 2018-11-16 14:48 · Score: 1
  
  They did. The problem is that it only works for one of many vulnerabilities. And this week we've got 7 more for Intel.
Re: IMPERSONATING ME AGAIN? apk by Anonymous Coward · 2018-11-16 14:33 · Score: 1

I've always kinda thought of him as "He who shall not be named" because as soon as you type the letters A...P...K.
See the comments below
FAIL by sproketboy · 2018-11-16 15:13 · Score: 1

TempleOS FTW
Re:The PRICE We Pay For NICE Linus by Aighearach · 2018-11-16 16:17 · Score: 1

pre-USADA Linus was the GOAT, like Ken Shamrock with faster fingers.
Re:Intel? by Aighearach · 2018-11-16 16:21 · Score: 1

Who still runs Linux on Intel CPUs?
Thinkpad owners.
OTOH, CentOS is on 3.x kernels still anyways.
Re:Intel? by dryeo · 2018-11-16 18:04 · Score: 2

When you start a program under X, it runs in a Window. You can have multiple Windows on your desktop, each with a different program running independently of each other.
It's even possible to do it in a console, with text mode programs. It's how I was first introduced to Windows on an Apple II.

--
https://en.wikipedia.org/wiki/Inverted_totalitarianism
Re: Opps by Anonymous Coward · 2018-11-16 18:16 · Score: 1

Newer Intel chips don't even come with hyperthreads anymore due to Spectre. If you disable HT on your servers you won't take the performance hit.
Re: Opps by Tough+Love · 2018-11-16 21:03 · Score: 4, Interesting

Ryzenfall and related vulnerabilities still haven't been fixed
Ryzenfall is a PR exploit not a serious vulnerability, it requires physical access.
Investigators uncovered an article by Viceroy Research condemning AMD on the exploit and noted how the article was published less than half an hour after the exploits were revealed. Given the polish of the article which appears to be written many days in advance, and wording of the article which suggests that it is financially motivated, many were quick to accuse the exploit as a smear campaign engineered by Viceroy to short-sell AMD's stocks.
Meanwhile, Intel still has major issues with Meltdown, which is much more serious than Spectre because Meltdown breaks the veil between user and kernel, while Spectre is a process/process leak, much easier to address at the OS level. With fresh new Meltdown exploits demonstrated, Intel is still very much in the hot seat and AMD is the more secure processor.

--
When all you have is a hammer, every problem starts to look like a thumb.
Re:Intel? by Highdude702 · 2018-11-17 02:10 · Score: 1

Who the hell would run CENTOS on a laptop?? And why??!?!?
Re:Opps by Anonymous Coward · 2018-11-17 03:11 · Score: 1

"(often negligible due to faster and faster chips)"
I can tell you don't program. Most code is so bloated now days that what once would've only needed an 8088 to run now at minimum needs a 233MHz Pentium II to do the same thing.
YOUR FUCIKING CODE SUCKS, PROGRAMMERS. Get back to making it SMALL so these security bugs are far less prevalent.
Re:Intel? by drinkypoo · 2018-11-17 03:27 · Score: 2

I'd really like to see your documentation that security was intentionally sacrificed.
I submit the design as documentation. They do the security check after the memory access. That can only have been a deliberate decision.

--
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Abandon systemd? by Artemis3 · 2018-11-17 05:08 · Score: 1

So, abandon systemd? There is nearly a hundred distros NOT using it, what are you waiting for? http://without-systemd.org/

--
Artix
Your Linux, your init.
Re: Opps by Bert64 · 2018-11-17 06:23 · Score: 1

HT is itself a feature designed to improve performance... If you disable it, then you lose any performance benefits it provided.
Wether it provides a performance benefit depends on your workload, it allows the processor to work on another thread if your code stalls the pipeline, but if your code is properly optimized for the processor then it wont stall the pipeline...

--
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Re: Opps by Tough+Love · 2018-11-17 11:26 · Score: 1

And possibly other situations, not in the cloud.

--
When all you have is a hammer, every problem starts to look like a thumb.
Re:Opps by Bengie · 2018-11-18 09:58 · Score: 2

20-30% performance gain for something like 5% more transistors is nothing to sneeze at, but holy crap is it a finicky jittery fragile 20% gain that is rife with corner cases. Assuming the work load even benefits. Plenty that do not.
spectre by sad_ · 2018-11-19 00:38 · Score: 1

further spectre mitigation code is causing these slow down issues.
it's discussed in a follow up phoronix article.

--
On a long enough timeline, the survival rate for everyone drops to zero.