• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

Intel bug incoming? Meltdown and Spectre exploits

Soldato
Joined
1 Feb 2006
Posts
3,368
The software I write for work will probably take a big hit from this as it's file IO and network limited, and it looks like that's what gets the biggest hit. The VM's run at close to 100% before the patch:(
 
Associate
Joined
24 Mar 2011
Posts
623
Location
Cambridgeshire
Anyone know how to figure out your CPUID? I've managed to extract the microcode .bin files from the Intel download for my processor but it contains .bin files for lots of CPU's. A lot of the microcode files when extracted are old too so I don't know why they repackage them and date the archive as though its a new release for all the listed CPUs...

This is the Intel release I'm referring to.

https://downloadcenter.intel.com/download/27431/?product=65520

If your CPU is the Ivybridge CPU in your sig then there isn't an update. There are only updates as far back as Haswell so far. The file includes microcode for all the CPU's listed, but only Haswell and newer are Spectre patched ones. The release notes files included will detail the updated microcode files.
 
Associate
Joined
26 May 2017
Posts
360
Just my two penneth,
if at present large Intel customers are held in place by 'sweetner deals - replacement contracts etc. then surely this latest security debacle would render those contracts void (equipment not fit for purpose).

Time to squeeze Intel's testicles (or even kick them)
 
Associate
Joined
7 Aug 2017
Posts
415
Location
location location
Have you found evidence of the degradation due to Spectre mitigation as opposed to Meltdown or is that just a guess.

With the flood of articles I can't find the exact article that I had in mind, but here are similar results:

Here's Realbench, and TechSpot's storage benchmarks impacted.

The performance impacts also show up (though inevitably to a lesser extent) at the application level - Computerbase.de benchmarks.

Here's the Retpoline impact on Linux too.

Here's a good article on ArsTechnica on how the various patches are impacting performance - it's worth reading.
 
Associate
Joined
7 Aug 2017
Posts
415
Location
location location
To follow up on the ArsTechnica article and Spectre performance impacts, this is an interesting comment from a missive from one of the DragonflyBSD kernel devs:

On all Intel CPUs the mmu separation reduces performance by around 3.7% for general computinng.

On Haswell, kernel-only IBPB mode (MSR 0x48=1) we lose 12%, and IBPB all the time we lose 53%.

On Skylake, kernel-only IBPB mode (MSR 0x48=1) we lose 5%, and IBPB all the time we lose around 24%.

Combine the two together and it's pretty nasty. Best-case Skylake we lose 8.7% in performance with both mitigations active, kernel-only for IBPB, and we lose 27.7% performance (approximately) with bot mitigations active, IBPB on all the time. Note that none of this stuff represents a complete fix for Spectre. Not even full-on IBPB mode. It will take new hardware to get a more complete fix plus our performance back. Basically the branch prediction cache will need to tag the protection domain and either PCID or be cleared on %cr3 reload. And possibly also tag more address bits which it doesn't right now.

DragonflyBSD is harder hit than either Windows or Linux, but the performance hit is real and needs to be addressed. From the end-users' perspective, many will be fortunate in that in their use cases much of the performance loss is either masked by other bottlenecks or in areas where it won't be noticed.
 
Associate
Joined
26 May 2017
Posts
360
Good articles . . . . but I still cannot find anything that breaks down the performance degradation of Meltdown vs Spectre. At this point, making an assumption that mitigating Spectre (alone) will have bigger performance issues than mitigating Meltdown + Spectre is wrong.

"Zen's branch predictor, however, is a bit different. AMD says that its predictor always uses the full address of the branch; there's no flattening of multiple branch addresses onto one entry in the BTB. This means that the branch predictor can only be trained by using the victim's real branch address. This seems to be a product of good fortune; AMD switched to a different kind of branch predictor in Zen (like Samsung in its Exynos ARM processors, AMD is using simple neural network components called perceptrons), and the company happened to pick a design that was protected against this problem."


I am sure that there are issues still to address but blanket fud without evidence seems like Intel PR.
 
Caporegime
Joined
18 Oct 2002
Posts
33,188
To follow up on the ArsTechnica article and Spectre performance impacts, this is an interesting comment from a missive from one of the DragonflyBSD kernel devs:



DragonflyBSD is harder hit than either Windows or Linux, but the performance hit is real and needs to be addressed. From the end-users' perspective, many will be fortunate in that in their use cases much of the performance loss is either masked by other bottlenecks or in areas where it won't be noticed.

The only thing it gets kinda wrong is that the performance won't all come back, because the fix is doing things that include the checks it should do for meltdown, the spectre 2 fix, if done as AMD does which makes the risk of a successful attack almost non existent shouldn't really decrease performance, hiding the BTB entries in unpredictable locations shouldn't hit performance, though it's not strictly speaking a full fix. I'm not sure what AMD are doing for variant 2 with their patch but it appears to be small, negligible performance hit and they are convinced it reduces attack chance to zero.

Either way, a 'fixed' Skylake won't be as fast as current Skylake without any of the fixes/patches in place, it will be at least a few percent slower, maybe 4-5% total.

So best case they have this fixed by their first 10nm desktop chips(extremely unlikely imo) then we'll have Intel basically losing performance but gaining core count, probably matching AMD by making mainstream CPU only with at least 8 core and by all accounts losing a little clock speed vs 14nm++. AMD will be gaining a huge chunk of clock speed, gaining a decent IPC gain, going to seemingly 12 core and at the same time reducing die size vs current Ryzen meaning increased margins while we also get faster chips. AMD is going to have a very very good 2019.
 
Soldato
Joined
26 Aug 2004
Posts
5,032
Location
South Wales
Too bad we have to wait a bit for the most interesting part of this between AMD and Intel, that is how close the zen 2 chips will compare to Intel's.

Gonna be a bit of a wait to see what that new supposed revolutionary CPU is from Intel too.
 
Soldato
OP
Joined
3 Oct 2013
Posts
3,597
Fair enough for Meltdown, but for Spectre the software mitigations are proving to cause quite a performance loss in some benchmarks. I expect there's research into ways of keeping the performance benefit of speculative execution without leaking data to side channels, but I would expect any notable changes to silicon to take years to get to market.

Not seen any data for AMD on that tbh, the microcode updates etc are optional. They seem fairly adamant that the chances are just about negligible of actually being effected.
 
Associate
Joined
7 Aug 2017
Posts
415
Location
location location
Good articles . . . . but I still cannot find anything that breaks down the performance degradation of Meltdown vs Spectre. At this point, making an assumption that mitigating Spectre (alone) will have bigger performance issues than mitigating Meltdown + Spectre is wrong.

My point was that even though Ryzen doesn't need a redesign to tackle Meltdown, the performance hit from the Spectre software mitigations in some cases is not negligible for Ryzen (though some Intel kit seems to get hit worse - but I wasn't talking about Intel), and this is even before AMD have supplied microcode updates to facilitate OS-level Spectre Variant 2 mitigations. Therefore there is still an opportunity for AMD to change future chips to give back some performance in these areas - whether through negating the need for the software workarounds or otherwise.

I don't believe I made any assumptions or arguments that Spectre performance issues are bigger than Meltdown+Spectre (I don't see how that could make sense?). In an earlier post I did say: "This suggests that (for the game sequences in the video at least) the Spectre mitigation (IBRS - microcode + OS patch for Variant 2 CVE-2017-5715) has negligible impact, whereas the Meltdown mitigation has some. However, without an equivalent microcode update for AMD, I don't know whether Spectre Variant 2 mitigation on Windows will have a similar sort of impact.".

blanket fud without evidence seems like Intel PR

?

Not seen any data for AMD on that tbh, the microcode updates etc are optional. They seem fairly adamant that the chances are just about negligible of actually being effected.

Even without the microcode updates, the patches to the Linux kernel so far have impacted Ryzen and EPYC. Maybe there'll be strong enough proof that Ryzen etc. are not vulnerable to Spectre and so allow them an exception from the mitigations (as with Meltdown), but until then the default is to take the hit.
 
Soldato
Joined
1 Nov 2007
Posts
5,583
Location
England
I rang the Citizens Advice Bureau about this yesterday and apparently you do have some rights if the product is not performing as originally stated due to the patches. You first need to talk to the people who sold you the hardware directly. The option seems to be for a full but if any computer you buy is going to suffer from the same issue I'm not sure returning the computer will be much of an option. Having said that you do have rights as consumers and you should speak to the people you bought the hardware from. If you paid by credit card and the seller isn't playing ball then you can talk to your credit card company who are also liable if the item cost more than £100.

I'm highly tempted to talk to the people I bought my hardware from as it is a new computer and this is unacceptable that I should pay so much and then get such a massive performance penalty. If anyone is interested in doing the same let me know and we can try and help each other. Due to OCUK forum rules though I am not able to mention any company names.

If you are a business this doesn't include you as business transactions are handled under different legislation.
 
Soldato
Joined
11 Jun 2003
Posts
5,056
Location
Sheffield, UK
I'm right in assuming Sandybridge will remain unpatched and I should go full updates, riot shields and ablative armour going forward?
I take it my performance hit is in the 20%+ region too?
Only need to make it till April thankfully.
 
Soldato
Joined
1 Nov 2007
Posts
5,583
Location
England
@Cromulent i got my 5820k here at OCUK, not sure they would do anything about this though. Saying that, they did for the whole Nvidia 970 issue.

Find out how long the warranty is for the Intel CPU you bought and if it is still in warranty I think you might have some luck as it is clearly defective and the fix reduces the performance it was sold as having.
 
Back
Top Bottom