Linux 4.20 is Running Slower Than 4.19 On Intel CPUs

Freshly Exhumed writes: An intentional kernel change in Linux kernel 4.20 for enhanced Spectre mitigation is unfortunately causing Intel Linux performance to be much slower than with 4.19. That change is 'STIBP' (Single Thread Indirect Branch Predictors), which allows for preventing cross-hyperthread control of decisions that are made by indirect branch predictors. It affects Intel systems that have up-to-date microcode and CPU Hyper Threading enabled. Phoronix gives the evidence.

Give it a break

[medv4380]

It's just high.

Four Twenty?

[Esion+Modnar]

There's a joke here somewhere. If I weren't so stoned...

Re:The PRICE We Pay For NICE Linus

BRING BACK MEAN LINUS

This is intels problem

[Shaitan]

Linux kernel doesn't let your insecure and sloppy design do things that compromise the security of the OS. Sounds like a feature to me.

AMD for the WIN!! will apple move mac pro over?

[Joe_Dragon]

AMD for the WIN!! will apple move mac pro over?

Solution is simple

[GerryGilmore]

You can easily disable this patch with a boot command-line argument. Unless you are running a heavily VM-ed data center with shit for security, why would you cripple your system over the most esoteric hacks known to man and that - Oh! By the way! - require that you are running malware on your system already? (And spare me the horseshit about JS - that can ONLY happen in a carefully crafted environment.)

Re:Solution is simple

[Mysticalfruit]

Add this to your kernel boot line:

pti=off spectre_v2=off l1tf=off nospec_store_bypass_disable no_stf_barrier

Intel got that speed from _somewhere_

[gweihir]

There is now a price to pay. Not really a surprise.

Re:Intel?

[110010001000]

Whats a Windows?

Requires hyper threading.

[Fly+Swatter]

So technically not ALL Intel cpus.. I finally dodged one of the many bullets, I should buy a lottery ticket.

Re:Opps

[saloomy]

No. 4.19 was insecure, but faster. 4.20 is more secure, but slower. So? If I store my passwords in plain-text it's faster. Faster still if I don't have to do a DB lookup and just hard code some that I need.

4.20 is better. The performance penalty is the cost of better security in almost all computer operations (often negligible due to faster and faster chips). Because of hardware advancements though, it's most of the time a very worthwhile tradeoff. If your application suffers that much, size up the gear.

Re:Disableable?

[F.Ultra]

You can disable it with a boot flag "spectre_v2=off nopti"

Re:Intel?

[F.Ultra]

They usually call from India and want you to install some software on your computer since it has reported that it's being hacked. At least that is what they always say on the phone "Hello I'm calling from Windows" so that must be it.

Re: Opps

[Tough+Love]

Ryzenfall and related vulnerabilities still haven't been fixed

Ryzenfall is a PR exploit not a serious vulnerability, it requires physical access.

Investigators uncovered an article by Viceroy Research condemning AMD on the exploit and noted how the article was published less than half an hour after the exploits were revealed. Given the polish of the article which appears to be written many days in advance, and wording of the article which suggests that it is financially motivated, many were quick to accuse the exploit as a smear campaign engineered by Viceroy to short-sell AMD's stocks.

Meanwhile, Intel still has major issues with Meltdown, which is much more serious than Spectre because Meltdown breaks the veil between user and kernel, while Spectre is a process/process leak, much easier to address at the OS level. With fresh new Meltdown exploits demonstrated, Intel is still very much in the hot seat and AMD is the more secure processor.