Leave the memories alone
Announcement
Collapse
No announcement yet.
The Brutal Performance Impact From Mitigating The LVI Vulnerability
Collapse
X
-
Originally posted by andyprough View PostAlso, the attacker would have to be extremely sophisticated - basically nation-state level cracking is what has been described. Once again, this would seem to rule out anything I deal with, since nothing I touch would seem to be of interest to high-level black hats.
- Likes 6
Comment
-
Something doesn't compute. These results are sometimes 20 fold slower??? This on a 4 core 8 thread system. So if you disabled hyperthreading and only enabled a single core, the result would be less brutal than these mitigations.
Am I not reading the graphs correctly?
- Likes 4
Comment
-
-
Originally posted by AndyChow View PostSomething doesn't compute. These results are sometimes 20 fold slower??? This on a 4 core 8 thread system. So if you disabled hyperthreading and only enabled a single core, the result would be less brutal than these mitigations.
Am I not reading the graphs correctly?
- Likes 2
Comment
-
Originally posted by AndyChow View PostSomething doesn't compute. These results are sometimes 20 fold slower??? This on a 4 core 8 thread system. So if you disabled hyperthreading and only enabled a single core, the result would be less brutal than these mitigations.
Am I not reading the graphs correctly?
Originally posted by hiryu View PostWhat does "partially affected" mean in terms of mitigations is the question that I have...
On processors that are affected by TAA but not by MDS, software that does not use loads within an Intel TSX region cannot be impacted by LVI stale data.
- Likes 3
Comment
-
Originally posted by dweigert View PostUgh... I can't afford Epyc based servers at the moment. I will be building out a Threadripper box though. I'm done with Intel for a while.
As for an ARM based system I would have considered one if there was a suitably competitive laptop or desktop available to buy. I can see a fture where ARM based and AMD based hardware slug it out for leadership while Intel is left building buggy Atom based derivatives.
- Likes 4
Comment
-
Originally posted by numacross View Post
TL;DR; disable SGX and TSX if you're not using it and it should be "fine" for normal usage.
Dug into SGX a bit... It's a fairly new set of instructions and it doesn't seem that AMD even has them... And seems to only be useful in certain circumstances... As bad as the performance hit is... Is this ultimately a big deal? I'm not sure that it is. These mitigations should only be needed if and where SGX instructions are being used?
The more or less comparison to TSX quoted above is valid I think. It seems Intel has a habit of creating new instruction sets that come with insecurity vulnerabilities... TSX has been a problem since it was introduced with Haswell before the speculative execution exploits were discovered.
Comment
Comment